wepdecrypt.c

About WepDecrypt: Wepdecrypt is a Wireless LAN Tool written in c which guesses WEP Keys based o

				start_key = "00:00:00:00:00";
				end_key = "FF:FF:FF:FF:FF";
				use_modes = 0x00;
			}
			else if (strcmp(mode_opt, "128") == 0){
				if ((strcmp(word_file,"stdin all modes")!=0) && !hexkeyfile){
					fprintf(stdout,"\nUsage error: w option can't be used with 64 or 128 mode!\n\n");
					show_help();
					return 0;
				}
				word_file = "128 Bit Keygen";
				start_key = "00:00:00:00:00:00:00:00:00:00:00:00:00";
				end_key = "FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF";
				use_modes = 0x02;
			}
			else if (strcmp(mode_opt, "n64") == 0){
				word_file = "stdin n64";
				use_modes = 0x04;
			}
			else if (strcmp(mode_opt, "n128") == 0){
				word_file = "stdin n128";
				use_modes = 0x06;
			}
			else if (strcmp(mode_opt, "nall") == 0){
				word_file = "stdin n64 & n128";
				use_modes = 0x03;
			}
			break;
		// start key
		case 'i':
			if (use_modes != 0x00 && use_modes != 0x02){
				fprintf(stdout,"\nUsage error: -i option needs to be used after 64 or 128 mode!\n\n");
				show_help();
				return 0;
			}
			if (keygen_mode != -1){
				fprintf(stdout,"\nUsage error: -i option can't be used with -d option!\n\n");
				show_help();
				return 0;
			}
			start_key = optarg;
			initialized_start_key=1;
			// Bad size
			if (strlen(start_key) != 14 && strlen(start_key) != 38){
				fprintf(stdout,"\nKey Error: Start key must be 64 or 128 size\n\n");
				show_help();
				return 0;
			}	
			break;
		// end key
		case 'e':
			if (use_modes != 0x00 && use_modes != 0x02){
				fprintf(stdout,"\nUsage error: -e option needs to be used after 64 or 128 mode!\n\n");
				show_help();
				return 0;
			}
			if (keygen_mode != -1){
				fprintf(stdout,"\nUsage error: -e option can't be used with -d option!\n\n");
				show_help();
				return 0;
			}
			end_key = optarg;
			initialized_end_key=1;
			// Bad Size
			if (strlen(end_key) != 14 && strlen(end_key) != 38){
				fprintf(stdout,"\nKey Error: End key must be 64 or 128 size\n\n");
				show_help();
				return 0;
			}	
			break;
		case 'd':
			if (use_modes != 0x00 && use_modes != 0x02){
				fprintf(stdout,"\nUsage error: -d option needs to be used after 64 or 128 mode!\n\n");
				show_help();
				return 0;
			}
			if (initialized_start_key || initialized_end_key){
				fprintf(stdout,"\nUsage error: -d option can't be used with -i or -e options!\n\n");
				show_help();
				return 0;
			}
				
			if (!strncmp(optarg, "all", 3)) keygen_mode = ALL;
			else if (!strncmp(optarg, "alphanum", 8)) keygen_mode = ALPHANUM;
			else if (!strncmp(optarg, "alpha", 5)) keygen_mode = ALPHA;
			else if (!strncmp(optarg, "numeric", 5)) keygen_mode = NUMERIC;
			else if (!strncmp(optarg, "printable", 9)) keygen_mode = PRINTABLE;
			else if (!strncmp(optarg, "random", 5)) keygen_mode = RANDOM;
			else{
				fprintf(stdout,"\nUsage error: Invalid value for -d option!\n\n");
				show_help();
				return 0;
			}
			break;
		// arg for wordfile to read from
		case 'w':
			word_file = optarg;

#ifdef __CYGWIN__
			cygwin_conv_to_win32_path(word_file, win_word_file);
			word_file = win_word_file;
#endif
		
			fp = fopen(word_file, "r");
			if (!fp) {
				fprintf(stdout,"\nWordfile error: No such file or directory!\n\n");
				return 1;
			}
			// Check if we have a hexkey file. First line must contain HEXKEY_FILE hex key must be in 00:...:FF format
			get_line(line, fp,12);
			if (!strncmp(line,"HEXKEY_FILE", 11)) hexkeyfile = 1;
			else {
				if (use_modes == 0 || use_modes == 2){
					fclose(fp);
					fprintf(stdout,"\nUsage error: w option can't be used with 64 or 128 mode!\n\n");
					show_help();
					return 0;
				}
				else fseek(fp, 0, SEEK_SET);
			}
			break;
		// arg for display help
		case '?':
            show_help();
			return 1;
            break;
		case 'h':
			show_help();
			return 1;
			break;
		case 'v':
			show_version();
			return 1;
			break;
		default:
			show_help();
			return 1;
			break;
		}
	}
	
	if (client_mode && get_file){
		fprintf(stdout,"WEPDECRYPT by Fernando Tarin based on Wepattack - Version %s\n", VERSION);
		fprintf(stdout,"Getting file from: %s:%i (local.dump)\n", server_host, server_port);
		if (!server_connection(server_host,server_port, NULL, NULL, NULL, NULL, NULL, NULL, GET_FILE)){
			return 0;
		}
		fprintf(stdout,"Done...\n");
		return 0;
	}
	
	pf = fopen(packet_file,"r");
	if (!pf) {
		if (!server_mode){
			fprintf(stdout, "Dumpfile error: No such file or directory!\n\n");
			show_help();
		}
		else fprintf(stdout,"Dumpfile error: No such file or directory!\n");
		return 1;
	}
	fclose(pf);


	// No infile specified
	if(packet_file == NULL) {
		if (!server_mode){
			fprintf(stdout,"\nDumpfile error: No dumpfile specified!\n\n");
			show_help();
		}
		else {
			fprintf(stdout,"Dumpfile error: No dumpfile specified for server mode\n");
		}		
		return 0;
	}
	
	// Server & client mode used together
	if (server_mode && client_mode){
		fprintf(stdout, "\nUsage error: server & client can't be used togheter!\n\n");
		show_help();
		return 0;
	}
	
	// Check that get file isn't used without client mode
	if (!client_mode && get_file){
		fprintf(stdout, "\nUsage error: -g option can't be used without client mode!\n\n");
		show_help();
		return 0;
	}

	// Check that get file is not used with block number blocks
	if (get_file && number_blocks){
		fprintf(stdout, "\nUsage error: -g option can't be used with -l\n\n");
		show_help();
		return 0;
	}
	
	// Check that a hexkeyfile is not used witout appropiated modes
	if (hexkeyfile && (use_modes != 0x00 && use_modes != 0x02)){
		fclose(fp);
		fprintf(stdout, "\nUsage error: wordfile can't be used with 64 or 128 modes without hexkeyfile option\n\n");
		show_help();
		return 0;
	}
	
	// Check that client mode has number blocks && that number blocks isn't used without client mode
	if ((client_mode && !number_blocks) || (!client_mode && number_blocks)){
		fprintf(stdout, "Usage error: client mode needs -l\n\n");
		show_help();
		return 0;
	}
	
	// Start server
	if (server_mode){
		if (use_modes != 0x00 && use_modes != 0x02){
			fprintf(stdout, "Usage error: No cracking or invalid mode specified\n");			
			exit(0);
		}
		list_packet_to_crack = get_packets(packet_file, server_mode);
		current_packet = list_packet_to_crack;
		if (list_packet_to_crack == NULL){
			fprintf(stdout, "0 networks loaded...\n");
			exit(1);
		}
		while (current_packet->next != NULL) {
			network_count++;
			current_packet = current_packet->next;
		}		
		if (use_modes == 0x00){
			if (start_key != NULL){
				if (!parse_key(start_key, key, 64)){
					fprintf(stdout,"\nKey error: Bad key for server mode!\n\n");
					exit(0);
				}
				else
					server_init(packet_file, network_count, 64, key);
			}
			else
				server_init(packet_file, network_count, 64, NULL);
		}
		else {
			if (start_key != NULL){
				if (!parse_key(start_key, key, 128)){
					fprintf(stdout,"\nKey error: Bad key for server mode!\n\n");
					exit(0);
				}
				else
					server_init(packet_file, network_count, 128, key);
			}
			else
				server_init(packet_file, network_count, 128, NULL);
		}
		server_run();
		server_stop();
		exit(0);
	}
	
	// Check provided keys
	if (((use_modes & 0x07) == 0) && !hexkeyfile)
		if (!key_cmp(start_key, end_key, 64)){
			fprintf(stdout,"\nKey error: Start key greater than end key or bad key!\n\n");
			show_help();
			return 0;
		}

	if (((use_modes & 0x07) == 2) && !hexkeyfile)
		if (!key_cmp(start_key, end_key, 128)){
			fprintf(stdout,"\nKey error: Start key greater than end key or bad key!\n\n");
			show_help();
			return 0;
		}

	// load ieee802.11 encrypted packets
	load_packets(packet_file, network_arg);

	// write header to logfile
	open_log(word_file, packet_file);

	// set current packet to crack to first packet in list
	current_packet = list_packet_to_crack;

	// get start time
	gettimeofday(&t_val_start, &t_zone);

	if (((use_modes & 0x07) == 0) && !hexkeyfile){
		if (keygen_mode == -1){
			parse_key(start_key, skey, 64);
			parse_key(end_key, ekey, 64);
			initialize_generator(64, skey, ekey, UDEF);
		}
		else{
			initialize_generator(64, NULL, NULL, keygen_mode);
		}
	}
	else if (((use_modes & 0x07) == 2) && !hexkeyfile){
		if (keygen_mode == -1){
			parse_key(start_key,skey,128);
			parse_key(end_key,ekey,128);
			initialize_generator(128, skey, ekey, UDEF);
		}
		else{
			initialize_generator(128, NULL, NULL, keygen_mode);
		}
	}	

	if (!client_mode)fprintf(stdout, "\nAccepting wordlist data...\n\n");	

	if (client_mode){
		start_key = malloc(sizeof(unsigned char) * 13);
		end_key = malloc(sizeof(unsigned char) * 13);
		do{
			fprintf(stdout, "\nGetting Keys from %s:%i\n", server_host, server_port);

			if (!server_connection(server_host, server_port, packet_file, start_key, end_key, NULL, NULL, &use_modes, GET_KEYS))
				clean_up();
			
			control_key = 1;

			if ((use_modes & 0x07) == 0){
				fprintf(stdout, "Start_key: %.2X:%.2X:%.2X:%.2X:%.2X\n", start_key[0], start_key[1], start_key[2], start_key[3], start_key[4]);
				fprintf(stdout, "End_key:  %.2X:%.2X:%.2X:%.2X:%.2X\n\n", end_key[0], end_key[1], end_key[2], end_key[3], end_key[4]);
				initialize_generator(64, start_key, end_key, UDEF);
			}
			else if ((use_modes & 0x07) == 2){
				fprintf(stdout, "Start_key: %.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X\n", start_key[0], start_key[1], start_key[2], start_key[3], start_key[4]\
					,start_key[5], start_key[6], start_key[7], start_key[8], start_key[9], start_key[10], start_key[11], start_key[12]);
				fprintf(stdout, "End_key:  %.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X\n\n", end_key[0], end_key[1], end_key[2], end_key[3], end_key[4]\
					,end_key[5], end_key[6], end_key[7], end_key[8], end_key[9], end_key[10], end_key[11], end_key[12]);
				initialize_generator(128, start_key, end_key, UDEF);
			}

			while (control_key && !all_packets_cracked()) {
				control_key = generate_key(key);
				
				// print out each 100'000 key
#ifndef __CYGWIN__
				if ((word_count % 100000) == 0){
#else
				if ((word_count % 10000) == 0){
#endif
					if (use_modes == 0)
						printf("key no. %ld: %.2X:%.2X:%.2X:%.2X:%.2X\n", word_count, key[0], key[1], key[2],key[3], key[4]);
					else if (use_modes == 2)
						printf("key no. %ld: %.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X\n", word_count, key[0], key[1], key[2],key[3], key[4]\
							,key[5], key[6], key[7],key[8], key[9], key[10], key[11], key[12]);				
				}
				word_count++;

				// main loop to process key in modes on every packet
				loop_packets(key, server_host, server_port, packet_file, client_mode);
			}
			if (number_blocks != -1) number_blocks--;
			
			if (!server_connection(server_host, server_port, packet_file, NULL, NULL, NULL, NULL, &use_modes, DECRYPTED_BLOCK)){
					clean_up();
			}

		}while(number_blocks != 0 && !all_packets_cracked());

	clean_up();
	}



	// do cracking until all packets are cracked or no more words left
	while (!all_packets_cracked() && !feof(fp) && control_key) {

		if ( ((use_modes & 0x07) == 0 || (use_modes & 0x07) == 2) && !hexkeyfile ) control_key = generate_key(key);

		else{
			if (hexkeyfile){
				get_line(line, fp, 40);
				line_len = strlen(line);
				if (line_len == 14 && use_modes == 0){
					if (!parse_key(line, key, 64)) 
						continue;
				}
				else if (line_len == 38 && use_modes == 2){
					if (!parse_key(line, key, 128))
						continue;
				}
				else
					continue;
			}
			else
				get_line(key, fp, 14);
		}

		// print out each 10'000 key
		if ((word_count % 10000) == 0){
			if (use_modes == 0)
				printf("key no. %ld: %.2X:%.2X:%.2X:%.2X:%.2X\n", word_count, key[0], key[1], key[2],key[3], key[4]);
			else if (use_modes == 2)
				printf("key no. %ld: %.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X:%.2X\n", word_count, key[0], key[1], key[2],key[3], key[4]\
					,key[5], key[6], key[7],key[8], key[9], key[10], key[11], key[12]);
			else
				printf("key no. %ld: %s\n", word_count, key);
		}
		word_count++;

		// main loop to process key in modes on every packet
		loop_packets(key, server_host, server_port, packet_file, client_mode);
	}

	clean_up();
	
	return 0;
}