Backup_Repos/pentoo-overlay
1
0
Fork 0
mirror of https://github.com/pentoo/pentoo-overlay synced 2025-12-06 16:33:09 +01:00
Code Issues Projects Releases Wiki Activity

asleap: apply random patches submitted by users, fix https://github.com/pentoo/pentoo-overlay/issues/683

Browse source
This commit is contained in:
blshkv 2020-10-16 08:02:51 +08:00
parent 4e9ef943f0
commit ff5ec4f15d
No known key found for this signature in database
GPG key ID: 32BDCED870788F04
3 changed files with 364 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

0
app-crypt/asleap/asleap-2.2_p20160730.ebuild → app-crypt/asleap/asleap-2.2_p20160730-r1.ebuild
View file

155
app-crypt/asleap/files/003_fix_and_improve_bruteforce_option.patch Normal file
View file

@ -0,0 +1,155 @@
Binary files ../asleap-2.2.orig/asleap and ./asleap differ
diff '--color=always' '--color=never' -pruN ../asleap-2.2.orig/asleap.c ./asleap.c
--- ../asleap-2.2.orig/asleap.c 2020-09-30 15:29:57.712000000 +0300
+++ ./asleap.c 2020-09-30 15:13:52.758000000 +0300
@@ -70,9 +70,7 @@ struct pcap_pkthdr h;
char errbuf[PCAP_ERRBUF_SIZE];
int success = 0; /* For return status of attack */
unsigned long pcount=0;
-/* for password generation */
-const char * charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
-
+const char *alphanum = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
/* prototypes */
void usage(char *message);
@@ -138,7 +136,10 @@ void usage(char *message)
"\t-V \tPrint program version and exit\n"
"\t-C \tChallenge value in colon-delimited bytes\n"
"\t-R \tResponse value in colon-delimited bytes\n"
- "\t-W \tASCII dictionary file (special purpose)\n" "\n");
+ "\t-W \tASCII dictionary file (special purpose)\n"
+ "\t-G \tBruteforce attack\n"
+ "\t-g \tBruteforce charset (default: a-zA-Z0-9)\n"
+ "\n");
}
void print_pptpexch(struct asleap_data *asleap_ptr)
@@ -307,7 +308,7 @@ int testchal(struct asleap_data *asleap_
int j;
DesEncrypt(asleap_ptr->challenge, zpwhash, cipher);
-
+/*
printf("\tgiven hash 1: ");
for (j = 0; j < 8; j++)
printf("%02x", cipher[j]);
@@ -316,12 +317,12 @@ int testchal(struct asleap_data *asleap_
for (j = 0; j < 8; j++)
printf("%02x", asleap_ptr->response[j]);
printf("\n");
-
+*/
if (memcmp(cipher, asleap_ptr->response, 8) != 0)
return (1);
DesEncrypt(asleap_ptr->challenge, zpwhash + 7, cipher);
-
+/*
printf("\tgiven hash 2: ");
for (j = 0; j < 8; j++)
printf("%02x", cipher[j]);
@@ -330,7 +331,7 @@ int testchal(struct asleap_data *asleap_
for (j = 0; j < 8; j++)
printf("%02x", asleap_ptr->response[j+8]);
printf("\n");
-
+*/
if (memcmp(cipher, asleap_ptr->response + 8, 8) != 0)
return (1);
@@ -408,12 +409,13 @@ int trypasswords(struct asleap_data *asl
/* generate all possible charset combinations */
int permute(struct asleap_data *asleap_ptr, int level, char * password)
{
- const char* charset_ptr = charset;
+ const char* charset_ptr =
+ asleap_ptr->custom_charset ? asleap_ptr->charset : alphanum;
unsigned char pwhash[MD4_SIGNATURE_SIZE];
if(level == -1) { /* got generated password */
/* debug */
- /* printf("%s\n", password); */
+ /*printf("%s\n", password);*/
NtPasswordHash(password, strlen(password), pwhash);
if (pwhash[14] != asleap_ptr->endofhash[0] ||
@@ -1029,14 +1031,16 @@ int attack_leap(struct asleap_data *asle
}
if (asleap->verbose)
- printf("\tStarting dictionary lookups.\n");
+ printf(asleap->gen_password
+ ? "\tStarting bruteforce.\n"
+ :"\tStarting dictionary lookups.\n");
- if (!IsBlank(asleap->wordfile)) {
+ if (asleap->gen_password) {
+ /* Attack MS-CHAP exchange with brute-force password generation */
+ getmschappwret = trypasswords(asleap);
+ } else if (!IsBlank(asleap->wordfile)) {
/* Attack MS-CHAP exchange with a straight dictionary list */
getmschappwret = getmschapbrute(asleap);
- } else if(asleap->gen_password) {
- /* Attack MS-CHAP exchange with brute-force password generation */
- getmschappwret = trypasswords(asleap);
} else {
getmschappwret = getmschappw(asleap);
}
@@ -1085,7 +1089,10 @@ int attack_pptp(struct asleap_data *asle
if (asleap->verbose)
printf("\tStarting dictionary lookups.\n");
- if (!IsBlank(asleap->wordfile)) {
+ if (asleap->gen_password) {
+ /* Attack MS-CHAP exchange with brute-force password generation */
+ getmschappwret = trypasswords(asleap);
+ } else if (!IsBlank(asleap->wordfile)) {
/* Attack MS-CHAP exchange with a straight dictionary list */
getmschappwret = getmschapbrute(asleap);
} else {
@@ -1509,7 +1516,7 @@ int main(int argc, char *argv[])
printf("asleap %s - actively recover LEAP/PPTP passwords. "
"<jwright@hasborg.com>\n", VER);
- while ((c = getopt(argc, argv, "DsoavhVi:f:n:r:w:c:t:W:C:R:G:A:B:U:P:")) != EOF) {
+ while ((c = getopt(argc, argv, "DsoavhVi:f:n:r:w:c:t:g:W:C:R:G:A:B:U:P:")) != EOF) {
switch (c) {
case 's':
asleap.skipeapsuccess = 1;
@@ -1657,7 +1664,11 @@ int main(int argc, char *argv[])
break;
case 'G':
asleap.gen_password = 1;
- sscanf(optarg, "%d", &asleap.pass_len); /* save desired password lentgh */
+ sscanf(optarg, "%d", &asleap.pass_len); /* save desired password length */
+ break;
+ case 'g':
+ asleap.custom_charset = 1;
+ strncpy(asleap.charset, optarg, sizeof(asleap.charset) - 1);
break;
default:
usage("");
Binary files ../asleap-2.2.orig/.asleap.c.un~ and ./.asleap.c.un~ differ
diff '--color=always' '--color=never' -pruN ../asleap-2.2.orig/asleap.h ./asleap.h
--- ../asleap-2.2.orig/asleap.h 2020-09-30 15:29:57.706000000 +0300
+++ ./asleap.h 2020-09-30 15:09:52.307000000 +0300
@@ -63,9 +63,11 @@ struct asleap_data {
int verbose;
int gen_password;
int pass_len;
+ int custom_charset;
char dictfile[255];
char dictidx[255];
char wordfile[255];
+ char charset[255];
/* Tracking values */
uint8_t leapchalfound;
Binary files ../asleap-2.2.orig/.asleap.h.un~ and ./.asleap.h.un~ differ
Binary files ../asleap-2.2.orig/asleap.o and ./asleap.o differ
Binary files ../asleap-2.2.orig/common.o and ./common.o differ
Binary files ../asleap-2.2.orig/genkeys and ./genkeys differ
Binary files ../asleap-2.2.orig/genkeys.o and ./genkeys.o differ
Binary files ../asleap-2.2.orig/sha1.o and ./sha1.o differ
Binary files ../asleap-2.2.orig/utils.o and ./utils.o differ

209
app-crypt/asleap/files/004_add_user_opt_and_pptp_chal_resp_cmdline_parsing.patch Normal file
View file

@ -0,0 +1,209 @@
Binary files ../asleap-2.2.orig/asleap and ./asleap differ
diff '--color=always' '--color=never' -pruN ../asleap-2.2.orig/asleap.c ./asleap.c
--- ../asleap-2.2.orig/asleap.c 2020-10-02 14:57:07.512000000 +0300
+++ ./asleap.c 2020-10-02 15:01:55.719000000 +0300
@@ -136,6 +136,7 @@ void usage(char *message)
"\t-V \tPrint program version and exit\n"
"\t-C \tChallenge value in colon-delimited bytes\n"
"\t-R \tResponse value in colon-delimited bytes\n"
+ "\t-U \tUsername (required if PPTP Challenge/Response specified)\n"
"\t-W \tASCII dictionary file (special purpose)\n"
"\t-G \tBruteforce attack\n"
"\t-g \tBruteforce charset (default: a-zA-Z0-9)\n"
@@ -1502,11 +1503,14 @@ int main(int argc, char *argv[])
int ret=0;
extern int success;
uint8_t verifypassword = 0;
+ int username_specified = 0;
memset(dictfile, 0, sizeof(dictfile));
memset(dictidx, 0, sizeof(dictidx));
memset(pcapfile, 0, sizeof(pcapfile));
memset(&asleap, 0, sizeof(asleap));
+ asleap.challenge = asleap.leapchallenge;
+ asleap.response = asleap.leapresponse;
device = NULL;
signal(SIGINT, cleanup);
@@ -1516,57 +1520,94 @@ int main(int argc, char *argv[])
printf("asleap %s - actively recover LEAP/PPTP passwords. "
"<jwright@hasborg.com>\n", VER);
- while ((c = getopt(argc, argv, "DsoavhVi:f:n:r:w:c:t:g:W:C:R:G:A:B:U:P:")) != EOF) {
+ while ((c = getopt(argc, argv,
+ "DsoavhVi:f:n:r:w:c:t:g:W:C:R:G:A:B:U:P:")) != EOF) {
switch (c) {
case 's':
asleap.skipeapsuccess = 1;
break;
case 'C':
- if (strlen(optarg) == 23) {
- if (str2hex(optarg, asleap.challenge,
- sizeof(asleap.challenge)) < 0) {
+ if (strlen(optarg) == 47) {
+ if (str2hex(optarg, asleap.pptpchallenge,
+ sizeof(asleap.pptpchallenge)) < 0) {
usage("Malformed value specified as "
- "challenge.\n");
+ "pptp challenge.\n");
+ exit(1);
+ }
+ asleap.challenge = asleap.pptpchallenge;
+ asleap.pptpchalfound=1;
+ } else if (strlen(optarg) == 32) {
+ if (decodeHexString(optarg, asleap.pptpchallenge,
+ sizeof(asleap.pptpchallenge)) < 0) {
+ usage("Malformed value specified as "
+ "pptp challenge.\n");
exit(1);
}
+ asleap.challenge = asleap.pptpchallenge;
+ asleap.pptpchalfound=1;
+ } else if (strlen(optarg) == 23) {
+ if (str2hex(optarg, asleap.leapchallenge,
+ sizeof(asleap.leapchallenge)) < 0) {
+ usage("Malformed value specified as "
+ "leap challenge.\n");
+ exit(1);
+ }
+ asleap.leapchalfound=1;
} else if (strlen(optarg) == 16) {
- if (decodeHexString(optarg, asleap.challenge,
- sizeof(asleap.challenge)) < 0) {
+ if (decodeHexString(optarg, asleap.leapchallenge,
+ sizeof(asleap.leapchallenge)) < 0) {
usage("Malformed value specified as "
- "challenge.\n");
+ "leap challenge.\n");
exit(1);
}
+ asleap.leapchalfound=1;
} else {
usage("Incorrect challenge input length "
"specified.\n");
exit(1);
}
-
- asleap.leapchalfound=1;
asleap.manualchalresp=1;
break;
case 'R':
- if (strlen(optarg) == 71) {
- if (str2hex(optarg, asleap.response,
- sizeof(asleap.response)) < 0) {
+ if (strlen(optarg) == 146) {
+ if (str2hex(optarg, asleap.pptpresponse,
+ sizeof(asleap.pptpresponse)) < 0) {
+ usage("Malformed value specified as "
+ "pptp response1.\n");
+ exit(1);
+ }
+ asleap.response = asleap.pptpresponse;
+ asleap.pptprespfound=1;
+ } else if (strlen(optarg) == 98) {
+ if (decodeHexString(optarg, asleap.pptpresponse,
+ sizeof(asleap.pptpresponse)) < 0) {
+ usage("Malformed value specified as "
+ "pptp response2.\n");
+ exit(1);
+ }
+ asleap.response = asleap.pptpresponse;
+ asleap.pptprespfound=1;
+ } else if (strlen(optarg) == 71) {
+ if (str2hex(optarg, asleap.leapresponse,
+ sizeof(asleap.leapresponse)) < 0) {
usage("Malformed value specified as "
- "response.\n");
+ "leap response.\n");
exit(1);
}
+ asleap.leaprespfound=1;
} else if (strlen(optarg) == 48) {
- if (decodeHexString(optarg, asleap.response,
- sizeof(asleap.response)) < 0) {
+ if (decodeHexString(optarg, asleap.leapresponse,
+ sizeof(asleap.leapresponse)) < 0) {
usage("Malformed value specified as "
- "response.\n");
+ "leap response.\n");
exit(1);
}
+ asleap.leaprespfound=1;
} else {
usage("Incorrect response input length "
"specified.\n");
exit(1);
}
-
- asleap.leaprespfound=1;
asleap.manualchalresp=1;
break;
case 'A':
@@ -1613,6 +1654,7 @@ int main(int argc, char *argv[])
break;
case 'U':
memcpy(asleap.username, optarg, strlen(optarg));
+ username_specified=1;
break;
case 'P':
verifypassword = 1;
@@ -1704,7 +1746,7 @@ int main(int argc, char *argv[])
}
}
- if (asleap.leapchalfound && asleap.leaprespfound &&
+ if (asleap.leapchalfound && asleap.leaprespfound &&
asleap.manualchalresp) {
/* User specified manual challenge/response on the command
* line (aka, the "Jay Beale" feature).
@@ -1712,6 +1754,23 @@ int main(int argc, char *argv[])
return(attack_leap(&asleap));
}
+ if (asleap.pptpchalfound && asleap.pptprespfound &&
+ asleap.manualchalresp) {
+ if (!username_specified) {
+ usage("PPTP Challenge/Reponse requires "
+ "Username (-U option) to be specified.\n");
+ exit(1);
+ }
+
+ uint8_t peerresp[24];
+ memcpy(peerresp, asleap.pptpresponse + 24, 24);
+ memcpy(asleap.pptpauthchal, asleap.pptpchallenge, 16);
+ memcpy(asleap.pptppeerchal, asleap.pptpresponse, 16);
+ //memset(asleap.pptpresponse, 0, sizeof(asleap.pptpresponse));
+ memcpy(asleap.pptpresponse, peerresp, 24);
+ return(attack_pptp(&asleap));
+ }
+
if (verifypassword) {
int j;
Binary files ../asleap-2.2.orig/.asleap.c.un~ and ./.asleap.c.un~ differ
diff '--color=always' '--color=never' -pruN ../asleap-2.2.orig/asleap.h ./asleap.h
--- ../asleap-2.2.orig/asleap.h 2020-10-02 14:57:07.514000000 +0300
+++ ./asleap.h 2020-10-02 14:05:28.630000000 +0300
@@ -47,8 +47,12 @@
struct asleap_data {
char username[256 + 1];
uint8_t eapid;
- uint8_t challenge[8];
- uint8_t response[24];
+ uint8_t pptpchallenge[16];
+ uint8_t pptpresponse[49];
+ uint8_t leapchallenge[8];
+ uint8_t leapresponse[24];
+ uint8_t *challenge;
+ uint8_t *response;
uint8_t endofhash[2];
char password[32];
uint8_t nthash[16];
Binary files ../asleap-2.2.orig/.asleap.h.un~ and ./.asleap.h.un~ differ
Binary files ../asleap-2.2.orig/asleap.o and ./asleap.o differ
Binary files ../asleap-2.2.orig/common.o and ./common.o differ
Binary files ../asleap-2.2.orig/genkeys and ./genkeys differ
Binary files ../asleap-2.2.orig/genkeys.o and ./genkeys.o differ
Binary files ../asleap-2.2.orig/sha1.o and ./sha1.o differ
Binary files ../asleap-2.2.orig/.utils.c.un~ and ./.utils.c.un~ differ
Binary files ../asleap-2.2.orig/utils.o and ./utils.o differ