Commit 0734de7c authored by Sophie Brun's avatar Sophie Brun

Imported Upstream version 1.2-0~rc3

parent 1fde75f6
src/*-ng
src/besside-ng-crawler
src/ivstools
src/kstats
src/wpaclean
src/osdep/.os.Linux
src/osdep/libosdep.a
*.o
*.exe
Version 1.2-rc3 (changes from aircrack-ng 1.2-rc2) - Released 21 Nov 2015:
* Airodump-ng: Prevent sending signal to init which caused the system to reboot/shutdown.
* Airbase-ng: Allow to use a user-specified ANonce instead of a randomized one when doing the 4-way handshake
* Aircrack-ng: Fixed compilation warnings.
* Aircrack-ng: Removed redundant NULL check and fixed typo in another one.
* Aircrack-ng: Workaround for segfault when compiling aircrack-ng with clang and gcrypt and running a check.
* Airmon-ng: Created version for FreeBSD.
* Airmon-ng: Prevent passing invalid values as channel.
* Airmon-ng: Handle udev renaming interfaces.
* Airmon-ng: Better handling of rfkill.
* Airmon-ng: Updated OUI URL.
* Airmon-ng: Fix VM detection.
* Airmon-ng: Make lsusb optional if there doesn't seem to be a usb bus. Improve pci detection slightly.
* Airmon-ng: Various cleanup and fixes (including wording and typos).
* Airmon-ng: Display iw errors.
* Airmon-ng: Improved handling of non-monitor interfaces.
* Airmon-ng: Fixed error when running 'check kill'.
* Airdrop-ng: Display error instead of stack trace.
* Airmon-ng: Fixed bashism.
* Airdecap-ng: Allow specifying output file names.
* Airtun-ng: Added missing parameter to help screen.
* Besside-ng-crawler: Removed reference to darkircop.org (non-existent subdomain).
* Airgraph-ng: Display error when no graph type is specified.
* Airgraph-ng: Fixed make install.
* Manpages: Fixed, updated and improved airodump-ng, airmon-ng, aircrack-ng, airbase-ng and aireplay-ng manpages.
* Aircrack-ng GUI: Fixes issues with wordlists selection.
* OSdep: Add missing RADIOTAP_SUPPORT_OVERRIDES check.
* OSdep: Fix possible infinite loop.
* OSdep: Use a default MTU of 1500 (Linux only).
* OSdep: Fixed compilation on OSX.
* AppArmor: Improved and added profiles.
* General: Fixed warnings reported by clang.
* General: Updated TravisCI configuration file
* General: Fixed typos in various tools.
* General: Fixed clang warning about 'gcry_thread_cbs()' being deprecated with gcrypt > 1.6.0.
* General: Fixed compilation on cygwin due to undefined reference to GUID_DEVCLASS_NET
* General: Fixed compilation with musl libc.
* General: Improved testing and added test cases (make check).
* General: Improved mutexes handling in various tools.
* General: Fixed memory leaks, use afer free, null termination and return values in various tools and OSdep.
* General: Fixed compilation on FreeBSD.
* General: Various fixes and improvements to README (wording, compilation, etc).
* General: Updated copyrights in help screen.
Version 1.2-rc2 (changes from aircrack-ng 1.2-rc1) - Released 10 April 2015:
* Airtun-ng: Adds WPA CCMP and TKIP decryption and CCMP encryption
* Compilation: Added support for DUMA.
......
=== Requirements ===
* OpenSSL development package or libgcrypt development package
* pkg-config
* If you want SSID filtering with regular expression in airodump-ng,
pcre development package is required (pcre on FreeBSD).
* If you want to use airolib-ng and '-r' option in aircrack-ng,
SQLite development package >= 3.3.17 (3.6.X version or better is recommended):
- libsqlite3-devel
* On windows, cygwin has to be used and it also requires w32api and gcc-4 package.
- libsqlite3-dev on a Debian based distro (sqlite3 on FreeBSD)
* On windows, cygwin has to be used and it also requires w32api.
* If you want to use Airpcap, the 'developer' directory from the CD is required.
* Linux: LibNetlink 1 or 3. It can be disabled by setting the flag 'libnl' to false.
See Makefile flags below.
* Linux: pkg-config
* pkg-config (pkgconf on FreeBSD)
* FreeBSD: gmake
=== Compilating ===
=== Compiling ===
* Compilation:
make
* Compilation on FreeBSD:
gmake CC=cc
* Strip debugging symbols:
make strip
......@@ -39,7 +44,10 @@ to compile and install the suite:
Note: Not working yet.
* experimental: needed to compile tkiptun-ng, easside-ng (and buddy-ng),
wesside-ng and besside-ng
wesside-ng and besside-ng.
If you want to build besside-ng-crawler, you will need
LibPCAP (development package). On Debian based
distributions: libpcap-dev
* ext_scripts: needed to build airoscript-ng, versuck-ng, airgraph-ng and
airdrop-ng.
......
......@@ -68,10 +68,12 @@ clean:
-rm -rf $(COVERITY_DIR)
$(MAKE) -C src $(@)
$(MAKE) -C test/cryptounittest $(@)
$(MAKE) -C test $(@)
distclean: clean
check:
$(MAKE) -C src $(@)
$(MAKE) -C test/cryptounittest $(@)
$(MAKE) -C test $(@)
1.2-rc2
1.2-rc3
\ No newline at end of file
#include <tunables/global>
/usr/bin/aircrack-ng {
#include <abstractions/base>
#include <abstractions/private-files-strict>
# No need to access dot files
deny @{HOME}/.** rw,
# For reading pcap files (and sqldb)
@{HOME}/** r,
/tmp/** r,
# For -l (and writing sqldb)
owner @{HOME}/** w,
owner /tmp/** w,
# Needed for ptrace/core dumps
/usr/bin/aircrack-ng rm,
}
#include <tunables/global>
/usr/bin/airdecap-ng {
#include <abstractions/base>
#include <abstractions/private-files-strict>
# No need to access dot files
deny @{HOME}/.** rw,
# For reading pcap files
@{HOME}/** r,
/tmp/** r,
# For writing output files
owner @{HOME}/** w,
owner /tmp/** w,
# Needed for ptrace/core dumps
/usr/bin/airdecap-ng rm,
}
#include <tunables/global>
/usr/bin/airdecloak-ng {
#include <abstractions/base>
#include <abstractions/private-files-strict>
# No need to access dot files
deny @{HOME}/.** rw,
# For reading pcap files
@{HOME}/** r,
/tmp/** r,
# For writing output files
owner @{HOME}/** w,
owner /tmp/** w,
# Needed for ptrace/core dumps
/usr/bin/airdecloak-ng rm,
}
#include <tunables/global>
/usr/bin/airgraph-ng {
#include <abstractions/base>
#include <abstractions/private-files-strict>
# No need to access dot files
deny @{HOME}/.** rw,
# For reading input
@{HOME}/** r,
/tmp/** r,
# For writing output
owner @{HOME}/** w,
owner /tmp/** w,
# For executing 'fdp'
/usr/{,local/,s}bin/fdp ix,
# Needed for ptrace/core dumps
/usr/bin/airgraph-ng rm,
}
#include <tunables/global>
/usr/bin/airolib-ng {
#include <abstractions/base>
#include <abstractions/private-files-strict>
# No need to access dot files
deny @{HOME}/.** rw,
# For reading database files
@{HOME}/** r,
/tmp/** r,
# For writing database files and exporting cowpatty files
owner @{HOME}/** w,
owner /tmp/** w,
# Needed for ptrace/core dumps
/usr/bin/airolib-ng rm,
}
#include <tunables/global>
/usr/bin/buddy-ng {
#include <abstractions/base>
capability setgid,
capability setuid,
capability sys_chroot,
network inet dgram,
network inet stream,
/usr/bin/buddy-ng mr,
}
#include <tunables/global>
/usr/bin/ivstools {
#include <abstractions/base>
#include <abstractions/private-files-strict>
capability dac_override,
deny @{HOME}/.** rw,
@{HOME}/** r,
owner @{HOME}/** w,
/usr/bin/ivstools mr,
}
#include <tunables/global>
/usr/bin/kstats {
#include <abstractions/base>
#include <abstractions/private-files-strict>
deny @{HOME}/.** rw,
@{HOME}/** r,
/usr/bin/kstats mr,
}
#include <tunables/global>
/usr/bin/packetforge-ng {
#include <abstractions/base>
#include <abstractions/private-files-strict>
deny @{HOME}/.** rw,
@{HOME}/** r,
owner @{HOME}/** w,
/usr/bin/packetforge-ng mr,
}
#include <tunables/global>
/usr/sbin/airbase-ng {
#include <abstractions/base>
#include <abstractions/nameservice>
#include <abstractions/private-files-strict>
capability net_admin,
capability net_raw,
capability setuid,
network inet dgram,
network packet raw,
deny @{HOME}/.** rw,
@{HOME}/** r,
owner @{HOME}/** w,
/bin/ r,
/bin/*sh rCx,
/bin/ls r,
/dev/net/tun rw,
/usr/sbin/airbase-ng mr,
/proc/*/net/psched r,
/tmp/ r,
/sbin/ r,
/sbin/iwpriv rCx,
/usr/bin/ r,
/usr/local/bin/ r,
/usr/local/sbin/ r,
/usr/sbin/ r,
profile /bin/*sh {
#include <abstractions/base>
/bin/*sh mr,
/bin/ls mrix,
/sys/class/ieee80211/ r,
}
profile /sbin/iwpriv {
#include <abstractions/base>
network dgram,
/sbin/iwpriv mr,
}
}
#include <tunables/global>
/usr/sbin/aireplay-ng {
#include <abstractions/base>
#include <abstractions/private-files-strict>
capability net_admin,
capability net_raw,
capability setuid,
network packet raw,
deny @{HOME}/.** rw,
@{HOME}/** r,
owner @{HOME}/** w,
/bin/*sh rCx,
/usr/sbin/aireplay-ng mr,
/proc/*/net/psched r,
/sbin/ r,
/sbin/iwpriv rCx,
profile /bin/*sh {
#include <abstractions/base>
/bin/*sh mr,
/bin/ls rix,
/sys/class/ieee80211/ r,
}
profile /sbin/iwpriv {
#include <abstractions/base>
network inet dgram,
/sbin/iwpriv mr,
}
}
#include <tunables/global>
/usr/sbin/airmon-ng {
#include <abstractions/base>
#include <abstractions/bash>
#include <abstractions/private-files-strict>
/usr/sbin/airmon-ng rix,
/bin/cat rix,
/bin/dmesg rCx,
profile /bin/dmesg {
#include <abstractions/base>
/bin/dmesg mr,
}
/bin/*sh ix,
/bin/grep rix,
/bin/ip rCx,
profile /bin/ip {
#include <abstractions/base>
/bin/ip mr,
capability net_admin,
}
/bin/kmod rCx,
profile /bin/kmod {
#include <abstractions/base>
/bin/kmod mr,
/proc/cmdline r,
}
/bin/ps rCx,
profile /bin/ps {
#include <abstractions/base>
/bin/ps mr,
capability sys_ptrace,
capability dac_override,
ptrace (trace),
ptrace (read),
/proc/ r,
/proc/*/ r,
/proc/*/maps r,
/proc/*/net/dev r,
/proc/*/stat r,
/proc/*/status r,
/proc/*/task/ r,
/proc/sys/kernel/pid_max r,
/proc/tty/drivers r,
/proc/uptime r,
}
/bin/readlink rix,
/bin/sed rix,
/bin/sleep rix,
/bin/uname rix,
/dev/bus/usb/ r,
/dev/rfkill rix,
/dev/tty* r,
/dev/vmnet r,
/etc/udev/udev.conf r,
/proc/*/net/dev r,
/proc/*/net/psched r,
/proc/bus/pci/ r,
/proc/ide/hd*/model r,
/proc/filesystems r,
/proc/meminfo r,
/proc/scsi/scsi/ r,
/proc/sys/dev/*/fftxqmin r,
/sbin/ethtool rCx,
profile /sbin/ethtool {
#include <abstractions/base>
/sbin/ethtool mr,
capability net_admin,
capability net_raw,
network,
}
/sbin/ifconfig rCx,
profile /sbin/ifconfig {
#include <abstractions/base>
/sbin/ifconfig mr,
}
/sbin/iw rCx,
profile /sbin/iw {
#include <abstractions/base>
/sbin/iw mr,
capability net_admin,
/proc/net/psched r,
/sys/class/ieee80211/ r,
/sys/class/ieee80211/** r,
/sys/devices/** r,
/proc/*/net/psched r,
}
/sbin/iwconfig rCx,
profile /sbin/iwconfig {
#include <abstractions/base>
/sbin/iwconfig mr,
capability net_admin,
capability net_raw,
network inet dgram,
/proc/filesystems r,
/proc/*/net/dev r,
}
/sbin/modinfo rCx,
profile /sbin/modinfo {
#include <abstractions/base>
/sbin/modinfo mr,
/proc/cmdline r,
}
/sbin/modprobe rCx,
profile /sbin/modprobe {
#include <abstractions/base>
/sbin/modprobe mr,
}
/sys/bus/ r,
/sys/bus/pci r,
/sys/bus/pci_express r,
/sys/bus/usb/devices/ r,
/sys/class/ r,
/sys/class/ieee80211/ r,
/sys/class/ieee80211/** r,
/sys/class/net/ r,
/sys/class/net/** r,
/sys/devices/** r,
/sys/module/ r,
/usr/bin/basename rix,
/usr/bin/cut rix,
/usr/bin/*awk rix,
/usr/bin/head rix,
/usr/bin/id rix,
/usr/bin/lspci rix,
/usr/bin/lscpu rix,
/usr/bin/lsusb rix,
/usr/bin/sort rix,
/usr/sbin/dmidecode rCx,
profile /usr/sbin/dmidecode {
#include <abstractions/base>
/usr/sbin/dmidecode mr,
}
/usr/sbin/rfkill rix,
/var/lib/usbutils/usb.ids r,
}
#include <tunables/global>
/usr/sbin/airodump-ng {
#include <abstractions/base>
#include <abstractions/nameservice>
/usr/sbin/airodump-ng mr,
capability dac_override,
capability setuid,
capability net_raw,
capability net_admin,
capability sys_module,
network packet raw,
deny @{HOME}/.** rw,
@{HOME}/** r,
owner @{HOME}/**.cap w,
owner @{HOME}/**.csv w,
owner @{HOME}/**.kismet.netxml w,
owner @{HOME}/**.gps w,
/proc/*/net/psched r,
/proc/acpi/ac_adapter/ r,
/proc/acpi/battery/ r,
/usr/share/aircrack-ng/airodump-ng-oui.txt r,
/sbin/ r,
/sbin/iwpriv rCx,
profile /sbin/iwpriv {
#include <abstractions/base>
network dgram,
/sbin/iwpriv mr,
}
/bin/*sh rCx,
profile /bin/*sh {
#include <abstractions/base>
/bin/*sh mr,
/bin/ls mrix,
/sys/class/ieee80211/ r,
}
}
#include <tunables/global>
/usr/sbin/airserv-ng {
#include <abstractions/base>
capability net_admin,
capability net_bind_service,
capability net_raw,
network inet stream,
network packet raw,
/usr/sbin/airserv-ng mr,
/bin/ r,
/bin/*sh Cx,
/proc/*/net/psched r,
/tmp/ r,
/sbin/ r,
/sbin/iwpriv Cx,
/usr/bin/ r,
/usr/local/bin/ r,
/usr/local/sbin/ r,
/usr/sbin/ r,
profile /bin/*sh {
#include <abstractions/base>
/bin/*sh mr,
/bin/ls r,
/proc/filesystems r,
/sys/class/ieee80211/ r,
}
profile /sbin/iwpriv {
#include <abstractions/base>
network inet dgram,
/sbin/iwpriv mr,
}
}
#include <tunables/global>
/usr/sbin/airtun-ng {
#include <abstractions/base>
#include <abstractions/private-files-strict>
capability net_admin,
capability net_raw,
capability setuid,
network inet dgram,
network packet raw,
deny @{HOME}/.** rw,
@{HOME}/** r,
/bin/ r,
/bin/*sh Cx,
/dev/net/tun rw,
/proc/*/net/psched r,
/sbin/ r,
/sbin/iwpriv Cx,
/tmp/ r,
/usr/bin/ r,
/usr/local/bin/ r,
/usr/local/sbin/ r,
/usr/sbin/ r,
/usr/sbin/airtun-ng mr,
profile /bin/*sh {
#include <abstractions/base>
/bin/*sh mr,
/bin/ls rix,
/proc/filesystems r,
/sys/class/ieee80211/ r,
}
profile /sbin/iwpriv {
#include <abstractions/base>
network dgram,
/sbin/iwpriv mr,
}
}
#include <tunables/global>
/usr/sbin/easside-ng {
#include <abstractions/base>
capability net_admin,
capability net_raw,
network inet dgram,
network packet raw,
deny @{HOME}/.** rw,
@{HOME}/**/prga.log w,
/bin/ r,
/bin/*sh Cx,
/dev/net/tun rw,