Kismet Wireless

Kismet Forums

 

Posted by:dragorn
Subject:Decoding "cryptset" with perl
Date:15:55:18 28/03/2017

They're just bit fields - so the exact same code should work; perl does bitwise operators too - just grab the definitions for crypt_wep, crypt_layer3, etc from the packet_ieee80211.h file.

If you're still unclear, I'd search for "bitwise operators" in perl; &, |, ^, etc should be standard across almost all languages and should all work the same; you're just selecting what bits are set to figure out what options are enabled.

-m

> Hey Everybody,
>
> i have written a perl client that inserts wap data into mysql. With the SSID protocoll i recive a lot of data about wap's along with the cryptset. I am having troubles to get my head aroung this. I have found the function that decrypts the bitmask (!?) in kis_panel_details.cc :
>
> string crypt_to_str(uint64_t cryptset) {
> ostringstream osstr;
>
> if (cryptset == 0)
> osstr << "None (Open)";
> if (cryptset == crypt_wep)
> osstr << "WEP (Privacy bit set)";
> if (cryptset & crypt_layer3)
> osstr << " Layer3";
> if (cryptset & crypt_wpa_migmode)
> osstr << " WPA Migration Mode";
> if (cryptset & crypt_wep40)
> osstr << " WEP (40bit)";
> if (cryptset & crypt_wep104)
> osstr << " WEP (104bit)";
> if (cryptset & crypt_wpa)
> osstr << " WPA";
> if (cryptset & crypt_tkip)
> osstr << " TKIP";
> if (cryptset & crypt_psk)
> osstr << " PSK";
> if (cryptset & crypt_aes_ocb)
> osstr << " AES-ECB";
> if (cryptset & crypt_aes_ccm)
> osstr << " AES-CCM";
> if (cryptset & crypt_leap)
> osstr << " LEAP";
> if (cryptset & crypt_ttls)
> osstr << " TTLS";
> if (cryptset & crypt_tls)
> osstr << " TLS";
> if (cryptset & crypt_peap)
> osstr << " PEAP";
> if (cryptset & crypt_isakmp)
> osstr << " ISA-KMP";
> if (cryptset & crypt_pptp)
> osstr << " PPTP";
> if (cryptset & crypt_fortress)
> osstr << " Fortress";
> if (cryptset & crypt_keyguard)
> osstr << " Keyguard";
> if (cryptset & crypt_unknown_nonwep)
> osstr << " WPA/ExtIV data";
>
> return osstr.str();
> }
>
> any idea how i could port this function into perl ? sorry my C knowledge is slim to none. I assume this is a trivial question for someone who knows how this works. The cryptset is represented to perl as an INT like :
>
> +----------+----------+
> | COUNT(*) | cryptset |
> +----------+----------+
> | 2199 | 0 |
> | 927 | 2 |
> | 6 | 1048674 |
> | 67 | 1048802 |
> | 4 | 1049282 |
> | 6 | 1049314 |
> | 1 | 2097250 |
> | 8 | 2097378 |
> | 111 | 2097730 |
> | 273 | 2097762 |
> | 1985 | 2097858 |
> | 157 | 2097890 |
> | 17 | 3145954 |
> | 31 | 3146306 |
> | 47 | 3146338 |
> | 118 | 3146434 |
> | 1831 | 3146466 |
> +----------+----------+
>
> TL;DR
>
> howto to decrypt the cryptset in perl :-/
>
> Any help would be much appreciated !


Reply to this message