[106176] trunk/dports/security
ryandesign at macports.org
ryandesign at macports.org
Fri May 17 16:06:56 PDT 2013
Revision: 106176
https://trac.macports.org/changeset/106176
Author: ryandesign at macports.org
Date: 2013-05-17 16:06:56 -0700 (Fri, 17 May 2013)
Log Message:
-----------
reaver: new port, version 1.4 (#39138)
Added Paths:
-----------
trunk/dports/security/reaver/
trunk/dports/security/reaver/Portfile
trunk/dports/security/reaver/files/
trunk/dports/security/reaver/files/patch-Makefile.in.diff
trunk/dports/security/reaver/files/reaver_osx.diff
Added: trunk/dports/security/reaver/Portfile
===================================================================
--- trunk/dports/security/reaver/Portfile (rev 0)
+++ trunk/dports/security/reaver/Portfile 2013-05-17 23:06:56 UTC (rev 106176)
@@ -0,0 +1,61 @@
+# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4
+# $Id$
+
+PortSystem 1.0
+
+name reaver
+version 1.4
+categories security net
+platforms darwin
+maintainers ryandesign openmaintainer
+license GPL-2+
+
+description Brute-force attack against Wi-Fi Protected Setup
+
+long_description Reaver implements a brute-force attack against Wi-Fi \
+ Protected Setup which can crack the WPS PIN of a wireless \
+ access point in a matter of hours and subsequently recover \
+ the WPA/WPA2 passphrase. Reaver includes Wash, a utility \
+ for identifying potentially vulnerable access points.
+
+homepage http://code.google.com/p/reaver-wps/
+master_sites googlecode:reaver-wps
+
+checksums rmd160 190f4481987c57d3ee956e5800287d5a69fd0516 \
+ sha256 add3050a4a05fe0ab6bfb291ee2de8e9b8a85f1e64ced93ee27a75744954b22d
+
+depends_lib port:libpcap \
+ port:sqlite3
+
+patch.dir ${worksrcpath}/src
+configure.dir ${patch.dir}
+build.dir ${configure.dir}
+
+patchfiles patch-Makefile.in.diff \
+ reaver_osx.diff
+
+# Disable silent rules.
+build.args V=1
+
+post-destroot {
+ xinstall -d ${destroot}${prefix}/share/doc
+ copy ${worksrcpath}/docs ${destroot}${prefix}/share/doc/${name}
+ move ${destroot}${prefix}/share/doc/${name}/reaver.1.gz ${destroot}${prefix}/share/man/man1
+ move ${destroot}${prefix}/etc/reaver/reaver.db ${destroot}${prefix}/etc/reaver/reaver.db.empty
+}
+
+post-activate {
+ if {![file exists ${prefix}/etc/reaver/reaver.db]} {
+ copy ${prefix}/etc/reaver/reaver.db.empty ${prefix}/etc/reaver/reaver.db
+ }
+}
+
+# TODO: Does not consistently use -arch flags or the requested compiler.
+universal_variant no
+
+notes "
+Reaver is only supported on Linux. This expiremental OS X port uses patches\
+submitted to the developers of Reaver but not yet incorporated into their\
+code. On OS X, the reaver and wash tools must be run as root, and you will be\
+disassociated from your normal wireless network while using them.
+"
Property changes on: trunk/dports/security/reaver/Portfile
___________________________________________________________________
Added: svn:keywords
+ Id
Added: svn:eol-style
+ native
Added: trunk/dports/security/reaver/files/patch-Makefile.in.diff
===================================================================
--- trunk/dports/security/reaver/files/patch-Makefile.in.diff (rev 0)
+++ trunk/dports/security/reaver/files/patch-Makefile.in.diff 2013-05-17 23:06:56 UTC (rev 106176)
@@ -0,0 +1,25 @@
+Add DESTDIR support
+http://code.google.com/p/reaver-wps/issues/detail?id=509
+--- Makefile.in.orig 2012-01-18 03:02:40.000000000 -0600
++++ Makefile.in 2013-05-17 17:13:24.000000000 -0500
+@@ -1,4 +1,5 @@
+ CC=@CC@
++DESTDIR=
+ LIBWPS_DIR=libwps
+ INC=-I$(LIBWPS_DIR)
+ prefix=@prefix@
+@@ -85,10 +86,10 @@
+ $(CC) $(CFLAGS) globule.c -c
+
+ install: cleanbin
+- if [ ! -d $(CONFDIR) ]; then mkdir -p $(CONFDIR); fi
+- if [ ! -e $(CONFDIR)/reaver.db ]; then cp reaver.db $(CONFDIR)/reaver.db && chmod -R a+rw $(CONFDIR); fi
+- if [ -e wash ]; then cp wash @bindir@/wash; fi
+- if [ -e reaver ]; then cp reaver @bindir@/reaver; fi
++ if [ ! -d $(DESTDIR)$(CONFDIR) ]; then mkdir -p $(DESTDIR)$(CONFDIR); fi
++ if [ ! -e $(DESTDIR)$(CONFDIR)/reaver.db ]; then cp reaver.db $(DESTDIR)$(CONFDIR)/reaver.db && chmod -R a+rw $(DESTDIR)$(CONFDIR); fi
++ if [ -e wash ]; then cp wash $(DESTDIR)@bindir@/wash; fi
++ if [ -e reaver ]; then cp reaver $(DESTDIR)@bindir@/reaver; fi
+
+ clean:
+ rm -f *~ *.o reaver wash
Added: trunk/dports/security/reaver/files/reaver_osx.diff
===================================================================
--- trunk/dports/security/reaver/files/reaver_osx.diff (rev 0)
+++ trunk/dports/security/reaver/files/reaver_osx.diff 2013-05-17 23:06:56 UTC (rev 106176)
@@ -0,0 +1,304 @@
+Add OS X support
+http://code.google.com/p/reaver-wps/issues/detail?id=245
+--- Makefile.in (revision 113)
++++ Makefile.in (working copy)
+@@ -5,14 +5,22 @@
+ exec_prefix=@exec_prefix@
+ CONFDIR=@sysconfdir@/@target@
+ CFLAGS=-DCONF_DIR='"$(CONFDIR)"' -DREAVER_DATABASE='"$(CONFDIR)/reaver.db"' @CFLAGS@
++UNAME := $(shell uname)
++ifeq ($(UNAME), Linux)
+ LDFLAGS=$(LIBWPS_DIR)/*.o wps/*.o tls/bignum.o tls/libtls.a utils/libutils.a crypto/libcrypto.a lwe/libiw.a @LDFLAGS@
++LIBIWNAME=libiw
++endif
++ifeq ($(UNAME), Darwin)
++LIBIWNAME=
++LDFLAGS=$(LIBWPS_DIR)/*.o wps/*.o tls/bignum.o tls/libtls.a utils/libutils.a crypto/libcrypto.a @LDFLAGS@
++endif
+
+ all: wash reaver
+
+-wash: wps libiw libwps.o argsparser.o globule.o init.o misc.o 80211.o iface.o
++wash: wps $(LIBIWNAME) libwps.o argsparser.o globule.o init.o misc.o 80211.o iface.o
+ $(CC) $(CFLAGS) $(INC) wpsmon.c *.o $(LDFLAGS) -o wash
+
+-reaver: wps libiw libwps.o argsparser.o globule.o init.o sigint.o sigalrm.o misc.o cracker.o
++reaver: wps $(LIBIWNAME) libwps.o argsparser.o globule.o init.o sigint.o sigalrm.o misc.o cracker.o
+ $(CC) $(CFLAGS) $(INC) wpscrack.c *.o $(LDFLAGS) -o reaver
+
+ libwps.o:
+--- init.c (revision 113)
++++ init.c (working copy)
+@@ -121,7 +121,30 @@
+ pcap_t *handle = NULL;
+ char errbuf[PCAP_ERRBUF_SIZE] = { 0 };
+
+- handle = pcap_open_live(capture_source, BUFSIZ, 1, 0, errbuf);
++#ifdef __APPLE__
++ // must disassociate from any current AP. This is the only way.
++ pid_t pid = fork();
++ if (!pid) {
++ char* argv[] = {"/System/Library/PrivateFrameworks/Apple80211.framework/Resources/airport", "-z", NULL};
++ execve("/System/Library/PrivateFrameworks/Apple80211.framework/Resources/airport", argv, NULL);
++ }
++ int status;
++ waitpid(pid,&status,0);
++
++
++ handle = pcap_create(capture_source,errbuf);
++ if (handle) {
++ pcap_set_snaplen(handle, BUFSIZ);
++ pcap_set_timeout(handle, 50);
++ pcap_set_rfmon(handle, 1);
++ pcap_set_promisc(handle, 1);
++ int status = pcap_activate(handle);
++ if (status)
++ cprintf(CRITICAL, "pcap_activate status %d\n", status);
++ }
++#else
++ handle = pcap_open_live(capture_source, BUFSIZ, 1, 0, errbuf);
++#endif
+ if(!handle)
+ {
+ handle = pcap_open_offline(capture_source, errbuf);
+--- wpsmon.c (revision 113)
++++ wpsmon.c (working copy)
+@@ -62,7 +62,10 @@
+ fprintf(stderr, "Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <cheffner at tacnetsol.com>\n\n");
+
+ globule_init();
+- sql_init();
++ if (!sql_init()) {
++ fprintf(stderr, "[X] ERROR: sql_init failed\n");
++ goto end;
++ }
+ create_ap_table();
+ set_auto_channel_select(0);
+ set_wifi_band(BG_BAND);
+@@ -265,7 +268,9 @@
+ while((packet = next_packet(&header)))
+ {
+ parse_wps_settings(packet, &header, bssid, passive, mode, source);
++#ifndef __APPLE__
+ memset((void *) packet, 0, header.len);
++#endif
+ }
+
+ return;
+@@ -328,7 +323,11 @@
+ if(frame_header->fc.sub_type == SUBTYPE_BEACON &&
+ mode == SCAN &&
+ !passive &&
+- should_probe(bssid))
++ should_probe(bssid)
++#ifdef __APPLE__
++ && 0
++#endif
++ )
+ {
+ send_probe_request(get_bssid(), get_ssid());
+ probe_sent = 1;
+--- iface.c (revision 113)
++++ iface.c (working copy)
+@@ -34,6 +34,28 @@
+ #include "iface.h"
+
+ /* Populates globule->mac with the MAC address of the interface globule->iface */
++#ifdef __APPLE__
++int read_iface_mac() {
++ struct ifaddrs* iflist;
++ int found = 0;
++ if (getifaddrs(&iflist) == 0) {
++ struct ifaddrs* cur;
++ for (cur = iflist; cur; cur = cur->ifa_next) {
++ if ((cur->ifa_addr->sa_family == AF_LINK) &&
++ (strcmp(cur->ifa_name, get_iface()) == 0) &&
++ cur->ifa_addr) {
++ struct sockaddr_dl* sdl = (struct sockaddr_dl*)cur->ifa_addr;
++ set_mac(LLADDR(sdl));
++ found = 1;
++ break;
++ }
++ }
++
++ freeifaddrs(iflist);
++ }
++ return found;
++}
++#else
+ int read_iface_mac()
+ {
+ struct ifreq ifr;
+@@ -68,6 +90,7 @@
+
+ return ret_val;
+ }
++#endif
+
+ /*
+ * Goes to the next 802.11 channel.
+@@ -112,8 +135,26 @@
+ }
+
+ /* Sets the 802.11 channel for the selected interface */
++#ifdef __APPLE__
+ int change_channel(int channel)
+ {
++ cprintf(VERBOSE, "[+] Switching %s to channel %d\n", get_iface(), channel);
++ // Unfortunately, there is no API to change the channel
++ pid_t pid = fork();
++ if (!pid) {
++ char chan_arg[32];
++ sprintf(chan_arg, "-c%d", channel);
++ char* argv[] = {"/System/Library/PrivateFrameworks/Apple80211.framework/Resources/airport", chan_arg, NULL};
++ execve("/System/Library/PrivateFrameworks/Apple80211.framework/Resources/airport", argv, NULL);
++ }
++ int status;
++ waitpid(pid,&status,0);
++ set_channel(channel);
++ return 0;
++}
++#else
++int change_channel(int channel)
++{
+ int skfd = 0, ret_val = 0;
+ struct iwreq wrq;
+
+@@ -146,3 +187,4 @@
+
+ return ret_val;
+ }
++#endif
+--- 80211.c (revision 113)
++++ 80211.c (working copy)
+@@ -39,8 +39,18 @@
+ const u_char *packet = NULL;
+
+ /* Loop until we get a valid packet, or until we run out of packets */
++#ifdef __APPLE__
++ struct pcap_pkthdr *pkt_header = NULL;
++ int status = 1;
++ while ((status = pcap_next_ex(get_handle(), &pkt_header, &packet)) == 1 || status == 0) // status == 0 indicates timeout
++#else
+ while((packet = pcap_next(get_handle(), header)) != NULL)
++#endif
+ {
++#ifdef __APPLE__
++ if (status == 0) continue;
++ memcpy(header, pkt_header, sizeof(*header));
++#endif
+ if(get_validate_fcs())
+ {
+ if(check_fcs(packet, header->len))
+@@ -49,7 +59,9 @@
+ }
+ else
+ {
++#ifndef __APPLE__
+ cprintf(INFO, "[!] Found packet with bad FCS, skipping...\n");
++#endif
+ }
+ }
+ else
+@@ -609,6 +621,69 @@
+ if(has_rt_header())
+ {
+ rt_header = (struct radio_tap_header *) packet;
++#ifdef __APPLE__
++ unsigned char *body = (unsigned char*) (rt_header+1);
++ uint32_t present = rt_header->flags;
++ uint8_t rflags = 0;
++ int i;
++ for (i = IEEE80211_RADIOTAP_TSFT; i <= IEEE80211_RADIOTAP_EXT; i++) {
++ if (!(present & (1 << i))) continue;
++ switch (i) {
++ case IEEE80211_RADIOTAP_TSFT:
++ body += sizeof(uint64_t);
++ break;
++
++ case IEEE80211_RADIOTAP_FLAGS:
++ rflags = *((uint8_t*)body);
++ /* fall through */
++ case IEEE80211_RADIOTAP_RATE:
++ body += sizeof(uint8_t);
++ break;
++
++ case IEEE80211_RADIOTAP_CHANNEL:
++ body += sizeof(uint16_t)*2;
++ break;
++
++ case IEEE80211_RADIOTAP_RX_FLAGS:
++ case IEEE80211_RADIOTAP_FHSS:
++ body += sizeof(uint16_t);
++ break;
++
++ case IEEE80211_RADIOTAP_DB_ANTSIGNAL:
++ case IEEE80211_RADIOTAP_DBM_ANTNOISE:
++ case IEEE80211_RADIOTAP_DBM_ANTSIGNAL:
++ case IEEE80211_RADIOTAP_DB_ANTNOISE:
++ case IEEE80211_RADIOTAP_ANTENNA:
++ body++;
++ break;
++
++ case 18: // IEEE80211_RADIOTAP_XCHANNEL
++ body += sizeof(uint32_t);
++ body += sizeof(uint16_t);
++ body += sizeof(uint8_t);
++ body += sizeof(uint8_t);
++ break;
++
++ case 19: // IEEE80211_RADIOTAP_MCS
++ body += 3*sizeof(uint8_t);
++ break;
++
++ default:
++ i = IEEE80211_RADIOTAP_EXT+1;
++ break;
++ }
++ }
++ #define IEEE80211_RADIOTAP_F_BADFCS 0x40
++ if (rflags & IEEE80211_RADIOTAP_F_BADFCS) {
++ // bad FCS, ignore
++ return 0;
++ }
++ if (!(rflags & IEEE80211_RADIOTAP_F_FCS)) {
++ // fcs not always present
++ return 1;
++ }
++#endif
++
+ offset += rt_header->len;
+ }
+
+--- iface.h (revision 113)
++++ iface.h (working copy)
+@@ -35,9 +35,17 @@
+ #define IFACE_H
+
+ #include <sys/ioctl.h>
++#ifdef __APPLE__
++#include <sys/socket.h>
++#include <net/ethernet.h>
++#include <ifaddrs.h>
++#include <net/if_dl.h>
++#endif
+ #include <net/if.h>
+ #include <netinet/in.h>
++#ifndef __APPLE__
+ #include "lwe/iwlib.h"
++#endif
+
+ #include "defs.h"
+ #include "globule.h"
+--- 80211.h (revision 113)
++++ 80211.h (working copy)
+@@ -42,6 +42,9 @@
+ #include "iface.h"
+ #include "crc.h"
+ #include "wps.h"
++#ifdef __APPLE__
++#include "utils/radiotap.h"
++#endif
+
+ #define AUTH_OK 1
+ #define ASSOCIATE_OK 2
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macports-changes/attachments/20130517/638d5a85/attachment-0001.html>
More information about the macports-changes
mailing list