Beefy Boxes and Bandwidth Generously Provided by pair Networks
Come for the quick hacks, stay for the epiphanies.
 
PerlMonks  

comment on
( [id://3333]=superdoc: print w/replies, xml ) Need Help??
I have added code into aircrack-ng.c from the latest sauce which writes the pke[] array to a file as so: 
FILE *pkef;
                pkef=fopen("pke.txt", "a");
                for(j=0; j<nparallel; ++j)
                {
                        /* compute the pairwise transient key and the 
+frame MIC */

                        for (i = 0; i < 4; i++)
                        {
                                pke[99] = i;
                                HMAC(EVP_sha1(), pmk[j], 32, pke, 100,
+ ptk[j] + i * 20, NULL);
                                int kk = 0;
                                fprintf(pkef,"==> ");
                                for(kk = 0;kk<=99;kk++){
                                        fprintf(pkef, "%i ",pke[kk]);
                                }
                                fprintf(pkef,"\n---------------------\
+n");
                        }

[download]
After which I converted it to hex, and the output was exactly that which it should be: "Pairwise key expansion" . 0x00 . $mac1 . $mac2 . $nonce1 . $nonce2 . 0x00; # where $mac1 < $mac2 && $nonce1 < $nonce2. Now, I used this hex in Perl and tried hmac_sha1 and even PBKDF2 again, to no avail (using the pre-computed PMK as the key just like Aircrack-ng). I have tried 1 and 4096 passes, I know I am using CCMP-WPA2, I know what cowpatty and aircrack-ng produce, i have also tried reading the raw bytes directly from Net::Pcap but I cannot seem to get the correct first 128 bits of the PTK.. I bet it has to do with not being able to replicate that danged HMAC() C function properly. There's a description of it in the openSSL documentation as: 
unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
               int key_len, const unsigned char *d, int n,
               unsigned char *md, unsigned int *md_len);

[download]
Could it simply not be possible? Thanks monks! :)

In reply to Re^2: HMAC_SHA1 Implementation for WPA by return0
in thread [SOLVED] HMAC_SHA1 Implementation for WPA by return0

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":


  • Are you posting in the right place? Check out Where do I post X? to know for sure.
  • Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
    <code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
  • Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
  • Want more info? How to link or How to display code and escape characters are good places to start.
Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others taking refuge in the Monastery: (6)
As of 2024-04-19 20:33 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found