Commit 1bc73095 authored by Carlos Lopez's avatar Carlos Lopez Committed by Raphaël Hertzog

Imported Debian patch 1:1.2-0~beta3-4

parent 8c396aac
Aircrack-ng for Debian
----------------------
The previous version (1:1.1-2) of Aircrack-ng on Debian was patched to
add support for using GnuTLS and Libgcrypt instead of OpenSSL.
Because of some problems found (#680414) the previous patch was rewrote,
and now it not longer uses any function from GnuTLS. Instead the GIT's SHA1
implementation was borrowed and integrated with Aircrack-ng.
This means that now for the SHA1 calculations we use an internal SHA1
implementation, and for the rest of the crypto code we rely on Libgcrypt.
With this change the speed has improved quite a bit, and now the overall
speed is more or less the same with this patch than with OpenSSL.
On SSE2 CPUs Aircrack-ng with this patch is still [1-4]% slower, meanwhile
on the rest of CPUs aircrack-ng is [1-3]% faster with this patch enabled.
For more details about this you can check out
http://trac.aircrack-ng.org/ticket/1012
If you still wish to rebuild Aircrack-ng to use OpenSSL instead of this
Libgcrypt+git-sha1 alternative, you only need to remove the value
"gcrypt=true" from the variable MAKEFLAGS on debian/rules and replace
"libgcrypt11-dev" with "libssl-dev" on debian/control
-- Carlos Alberto Lopez Perez <clopez@igalia.com> Mon, 16 Jul 2012 23:22:23 +0200
Aircrack-ng on Debian has been patched to use GnuTLS instead of OpenSSL.
This change has been motivated because of the incompatibilities between
the GPL and OpenSSL licenses. See http://bugs.debian.org/642934 and
http://trac.aircrack-ng.org/ticket/953 for details.
The tests show that when compiled with GnuTLS, Aircrack-ng is like a
~12% slower breaking a WPA key than when compiled with OpenSSL.
If you wish to rebuild Aircrack-ng to use OpenSSL instead of GnuTLS, you
only need to comment (or remove) the lines "gnutls=true" on debian/rules.
And replace "libgnutls-dev" with "libssl-dev" on debian/control.
The injection patches were removed from the package because airdriver-ng
downloads this patches directly from http://patches.aircrack-ng.org
-- Carlos Alberto Lopez Perez <clopez@igalia.com> Mon, 18 Jun 2012 12:13:13 +0200
Aireplay-ng supports single-NIC injection/monitor on several chipsets.
The wireless nic kernel module needs to be patched to allow this features..
All patches are available in /usr/share/doc/aircrack-ng/injection-patches/.
Since 1.0~beta, a tool named airdriver-ng can install patched kernel modules
for you. See airdriver-ng(1).
This new 1.0 release includes many more new tools so you really should
consider checking www.aircrack-ng.org and its forum to learn more about the
new features.
-- Adam Cécile (Le_Vert) <gandalf@le-vert.net> Fri, 19 Oct 2007 23:27:03 +0200
This diff is collapsed.
Source: aircrack-ng
Section: net
Priority: optional
Maintainer: Carlos Alberto Lopez Perez <clopez@igalia.com>
Homepage: http://www.aircrack-ng.org/
Build-Depends:
debhelper (>= 9),
libgcrypt20-dev | libgcrypt11-dev,
libnl-genl-3-dev [linux-any],
libpcap0.8-dev,
libpcre3-dev,
libsqlite3-dev,
pkg-config,
python,
zlib1g-dev
Standards-Version: 3.9.5
Package: aircrack-ng
Architecture: any
Depends:
iw [linux-any],
wireless-tools [linux-any],
${misc:Depends},
${shlibs:Depends}
Recommends:
ieee-data
Description: wireless WEP/WPA cracking utilities
aircrack-ng is an 802.11a/b/g WEP/WPA cracking program that can recover a
40-bit, 104-bit, 256-bit or 512-bit WEP key once enough encrypted packets
have been gathered. Also it can attack WPA1/2 networks with some advanced
methods or simply by brute force.
.
It implements the standard FMS attack along with some optimizations,
thus making the attack much faster compared to other WEP cracking tools.
It can also fully use a multiprocessor system to its full power in order
to speed up the cracking process.
.
aircrack-ng is a fork of aircrack, as that project has been stopped by
the upstream maintainer.
This diff is collapsed.
Description: Despites airmon claims to use /bin/sh it's full of bashism,
and thus requires /bin/bash.
Author: Adam Cecile (Le_Vert) <gandalf@le-vert.net>
Bug-Debian: http://bugs.debian.org/486025
Forwarded: http://trac.aircrack-ng.org/ticket/1309
---
--- aircrack-ng-1.0~rc1/scripts/airmon-ng 2008-06-09 21:55:09.000000000 +0200
+++ aircrack-ng-1.0~rc1/scripts/airmon-ng.new 2008-07-05 19:39:51.736505546 +0200
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
USERID=""
IFACE=""
Description: airodump-ng should be able to parse the canonical oui file.
Author: Carlos Alberto Lopez Perez <clopez@igalia.com>
Forwarded: http://trac.aircrack-ng.org/ticket/1312
Applied-Upstream: http://trac.aircrack-ng.org/changeset/2391
--- a/src/airodump-ng.c
+++ b/src/airodump-ng.c
@@ -382,6 +382,20 @@
}
}
+void trim(char *str)
+{
+ int i;
+ int begin = 0;
+ int end = strlen(str) - 1;
+
+ while (isspace(str[begin])) begin++;
+ while ((end >= begin) && isspace(str[end])) end--;
+ // Shift all characters back to the start of the string array.
+ for (i = begin; i <= end; i++)
+ str[i - begin] = str[i];
+ str[i - begin] = '\0'; // Null terminate string.
+}
+
struct oui * load_oui_file(void) {
FILE *fp;
char * manuf;
@@ -409,6 +423,8 @@
memset(a, 0x00, sizeof(a));
memset(b, 0x00, sizeof(b));
memset(c, 0x00, sizeof(c));
+ // Remove leading/trailing whitespaces.
+ trim(buffer);
if (sscanf(buffer, "%2c-%2c-%2c", a, b, c) == 3) {
if (oui_ptr == NULL) {
if (!(oui_ptr = (struct oui *)malloc(sizeof(struct oui)))) {
Description: Fix libnl detection.
Author: Carlos Alberto Lopez Perez <clopez@igalia.com>
Forwarded: http://trac.aircrack-ng.org/ticket/1313
Applied-Upstream: http://trac.aircrack-ng.org/changeset/2392
--- a/common.mak
+++ b/common.mak
@@ -62,13 +62,13 @@
endif
ifeq ($(NL3xFOUND),Y)
- COMMON_CFLAGS += -DCONFIG_LIBNL30
+ COMMON_CFLAGS += -DCONFIG_LIBNL30 -DCONFIG_LIBNL
LIBS += -lnl-genl-3
NLLIBNAME = libnl-3.0
endif
ifeq ($(NL3FOUND),Y)
- COMMON_CFLAGS += -DCONFIG_LIBNL30
+ COMMON_CFLAGS += -DCONFIG_LIBNL30 -DCONFIG_LIBNL
LIBS += -lnl-genl
NLLIBNAME = libnl-3.0
endif
@@ -76,7 +76,7 @@
# nl-3.1 has a broken libnl-gnl-3.1.pc file
# as show by pkg-config --debug --libs --cflags --exact-version=3.1 libnl-genl-3.1;echo $?
ifeq ($(NL31FOUND),Y)
- COMMON_CFLAGS += -DCONFIG_LIBNL30
+ COMMON_CFLAGS += -DCONFIG_LIBNL30 -DCONFIG_LIBNL
LIBS += -lnl-genl
NLLIBNAME = libnl-3.1
endif
Description: Only try to detect libnl on Linux.
Author: Carlos Alberto Lopez Perez <clopez@igalia.com>
Forwarded: http://trac.aircrack-ng.org/ticket/1360
Applied-Upstream: http://trac.aircrack-ng.org/changeset/2393
--- a/common.mak
+++ b/common.mak
@@ -44,49 +44,53 @@
ifeq ($(OSNAME), cygwin)
COMMON_CFLAGS += -DCYGWIN
-else ifneq ($(libnl), false)
- NL3xFOUND := $(shell $(PKG_CONFIG) --atleast-version=3.2 libnl-3.0 && echo Y)
- ifneq ($(NL3xFOUND),Y)
- NL31FOUND := $(shell $(PKG_CONFIG) --exact-version=3.1 libnl-3.1 && echo Y)
- ifneq ($(NL31FOUND),Y)
- NL3FOUND := $(shell $(PKG_CONFIG) --atleast-version=3 libnl-3.0 && echo Y)
- ifneq ($(NL3FOUND),Y)
- NL1FOUND := $(shell $(PKG_CONFIG) --atleast-version=1 libnl-1 && echo Y)
+endif
+
+ifeq ($(OSNAME), Linux)
+ ifneq ($(libnl), false)
+ NL3xFOUND := $(shell $(PKG_CONFIG) --atleast-version=3.2 libnl-3.0 && echo Y)
+ ifneq ($(NL3xFOUND),Y)
+ NL31FOUND := $(shell $(PKG_CONFIG) --exact-version=3.1 libnl-3.1 && echo Y)
+ ifneq ($(NL31FOUND),Y)
+ NL3FOUND := $(shell $(PKG_CONFIG) --atleast-version=3 libnl-3.0 && echo Y)
+ ifneq ($(NL3FOUND),Y)
+ NL1FOUND := $(shell $(PKG_CONFIG) --atleast-version=1 libnl-1 && echo Y)
+ endif
endif
endif
- endif
- ifeq ($(NL1FOUND),Y)
- NLLIBNAME = libnl-1
- endif
+ ifeq ($(NL1FOUND),Y)
+ NLLIBNAME = libnl-1
+ endif
- ifeq ($(NL3xFOUND),Y)
- COMMON_CFLAGS += -DCONFIG_LIBNL30 -DCONFIG_LIBNL
- LIBS += -lnl-genl-3
- NLLIBNAME = libnl-3.0
- endif
+ ifeq ($(NL3xFOUND),Y)
+ COMMON_CFLAGS += -DCONFIG_LIBNL30 -DCONFIG_LIBNL
+ LIBS += -lnl-genl-3
+ NLLIBNAME = libnl-3.0
+ endif
- ifeq ($(NL3FOUND),Y)
- COMMON_CFLAGS += -DCONFIG_LIBNL30 -DCONFIG_LIBNL
- LIBS += -lnl-genl
- NLLIBNAME = libnl-3.0
- endif
+ ifeq ($(NL3FOUND),Y)
+ COMMON_CFLAGS += -DCONFIG_LIBNL30 -DCONFIG_LIBNL
+ LIBS += -lnl-genl
+ NLLIBNAME = libnl-3.0
+ endif
- # nl-3.1 has a broken libnl-gnl-3.1.pc file
- # as show by pkg-config --debug --libs --cflags --exact-version=3.1 libnl-genl-3.1;echo $?
- ifeq ($(NL31FOUND),Y)
- COMMON_CFLAGS += -DCONFIG_LIBNL30 -DCONFIG_LIBNL
- LIBS += -lnl-genl
- NLLIBNAME = libnl-3.1
- endif
+ # nl-3.1 has a broken libnl-gnl-3.1.pc file
+ # as show by pkg-config --debug --libs --cflags --exact-version=3.1 libnl-genl-3.1;echo $?
+ ifeq ($(NL31FOUND),Y)
+ COMMON_CFLAGS += -DCONFIG_LIBNL30 -DCONFIG_LIBNL
+ LIBS += -lnl-genl
+ NLLIBNAME = libnl-3.1
+ endif
- ifeq ($(NLLIBNAME),)
- $(error Cannot find development files for any supported version of libnl. install either libnl1 or libnl3.)
- endif
+ ifeq ($(NLLIBNAME),)
+ $(error Cannot find development files for any supported version of libnl. install either libnl1 or libnl3.)
+ endif
- LIBS += $(shell $(PKG_CONFIG) --libs $(NLLIBNAME))
- COMMON_CFLAGS += $(shell $(PKG_CONFIG) --cflags $(NLLIBNAME))
+ LIBS += $(shell $(PKG_CONFIG) --libs $(NLLIBNAME))
+ COMMON_CFLAGS += $(shell $(PKG_CONFIG) --cflags $(NLLIBNAME))
+ endif
endif
ifeq ($(subst TRUE,true,$(filter TRUE true,$(airpcap) $(AIRPCAP))),true)
From ff70494dd389ba570dbdbf36f217c28d4381c6b5 Mon Sep 17 00:00:00 2001
From: Thomas d'Otreppe <tdotreppe@aircrack-ng.org>
Date: Fri, 3 Oct 2014 01:51:21 +0000
Subject: [PATCH] Airodump-ng: Fixed GPS stack overflow (Closes #13 on GitHub).
git-svn-id: http://svn.aircrack-ng.org/trunk@2416 28c6078b-6c39-48e3-add9-af49d547ecab
---
src/airodump-ng.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/airodump-ng.c b/src/airodump-ng.c
index 6cec912..222492c 100644
--- a/src/airodump-ng.c
+++ b/src/airodump-ng.c
@@ -4497,7 +4497,7 @@ void gps_tracker( void )
}
// New version, JSON
- if( recv( gpsd_sock, line + pos, sizeof( line ) - 1, 0 ) <= 0 )
+ if( recv( gpsd_sock, line + pos, sizeof( line ) - pos - 1, 0 ) <= 0 )
return;
// search for TPV class: {"class":"TPV"
--
2.0.0.rc2
From 091b153f294b9b695b0b2831e65936438b550d7b Mon Sep 17 00:00:00 2001
From: Thomas d'Otreppe <tdotreppe@aircrack-ng.org>
Date: Fri, 3 Oct 2014 01:53:50 +0000
Subject: [PATCH] Aireplay-ng: Fixed tcp_test stack overflow (Closes #14 on
GitHub).
git-svn-id: http://svn.aircrack-ng.org/trunk@2417 28c6078b-6c39-48e3-add9-af49d547ecab
---
src/aireplay-ng.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/aireplay-ng.c b/src/aireplay-ng.c
index 7335442..b397015 100644
--- a/src/aireplay-ng.c
+++ b/src/aireplay-ng.c
@@ -5398,6 +5398,8 @@ int tcp_test(const char* ip_str, const short port)
if( (unsigned)caplen == sizeof(nh))
{
len = ntohl(nh.nh_len);
+ if (len > 1024 || len < 0)
+ continue;
if( nh.nh_type == 1 && i==0 )
{
i=1;
--
2.0.0.rc2
From da087238963c1239fdabd47dc1b65279605aca70 Mon Sep 17 00:00:00 2001
From: Thomas d'Otreppe <tdotreppe@aircrack-ng.org>
Date: Fri, 3 Oct 2014 01:58:02 +0000
Subject: [PATCH] Buddy-ng: Fixed segmentation fault (Closes #15 on GitHub).
git-svn-id: http://svn.aircrack-ng.org/trunk@2418 28c6078b-6c39-48e3-add9-af49d547ecab
---
src/buddy-ng.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/buddy-ng.c b/src/buddy-ng.c
index 8a7927c..8da8996 100644
--- a/src/buddy-ng.c
+++ b/src/buddy-ng.c
@@ -83,6 +83,8 @@ int handle(int s, unsigned char* data, int len, struct sockaddr_in *s_in)
*cmd++ = htons(S_CMD_PACKET);
*cmd++ = *pid;
plen = len - 2;
+ if (plen < 0)
+ return 0;
last_id = ntohs(*pid);
if (last_id > 20000)
--
2.0.0.rc2
From 88702a3ce4c28a973bf69023cd0312f412f6193e Mon Sep 17 00:00:00 2001
From: Thomas d'Otreppe <tdotreppe@aircrack-ng.org>
Date: Fri, 3 Oct 2014 02:00:34 +0000
Subject: [PATCH] OSdep: Fixed segmentation fault that happens with a malicious
server sending a negative length (Closes #16 on GitHub).
git-svn-id: http://svn.aircrack-ng.org/trunk@2419 28c6078b-6c39-48e3-add9-af49d547ecab
---
src/osdep/network.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/osdep/network.c b/src/osdep/network.c
index 4f0f8b2..4ebfaf4 100644
--- a/src/osdep/network.c
+++ b/src/osdep/network.c
@@ -131,7 +131,7 @@ int net_get(int s, void *arg, int *len)
if (!(plen <= *len))
printf("PLEN %d type %d len %d\n",
plen, nh.nh_type, *len);
- assert(plen <= *len); /* XXX */
+ assert(plen <= *len && plen > 0); /* XXX */
*len = plen;
if ((*len) && (net_read_exact(s, arg, *len) == -1))
--
2.0.0.rc2
Description: airodump-ng can't find the IEE OUI file.
We are doing here the minium changes to keep release team
happy and have this allowed into Jessie.
.
Next upstream release of aircrack-ng will already contain
r2455, so this patch can be dropped.
Author: Carlos Alberto Lopez Perez <clopez@igalia.com>
Bug-Debian: http://bugs.debian.org/771221
Applied-Upstream: http://trac.aircrack-ng.org/changeset/2455
--- a/src/airodump-ng.h
+++ b/src/airodump-ng.h
@@ -146,8 +146,8 @@
#define OUI_PATH0 "/etc/aircrack-ng/airodump-ng-oui.txt"
#define OUI_PATH1 "/usr/local/etc/aircrack-ng/airodump-ng-oui.txt"
-#define OUI_PATH2 "/usr/share/aircrack-ng/airodump-ng-oui.txt"
-#define OUI_PATH3 "/usr/share/misc/oui.txt"
+#define OUI_PATH2 "/var/lib/ieee-data/oui.txt"
+#define OUI_PATH3 "/usr/share/ieee-data/oui.txt"
#define MIN_RAM_SIZE_LOAD_OUI_RAM 32768
int read_pkts=0;
000-Airmon_needs_bash.diff
001-Airodump_whitespace_oui.diff
002-fix-libnl-detection.diff
003-dont-abort-libnl-nolinux.diff
004-CVE-2014-8321.diff
005-CVE-2014-8322.diff
006-CVE-2014-8323.diff
007-CVE-2014-8324.diff
008-Airodump_fix-ieee-oui-path.diff
#!/usr/bin/make -f
export DEB_BUILD_MAINT_OPTIONS = hardening=+all
export MAKEFLAGS = gcrypt=true sqlite=true unstable=true pcre=true
%:
dh $@ --with=python2
override_dh_auto_install:
$(MAKE) install DESTDIR=$(CURDIR)/debian/aircrack-ng prefix=/usr
rm -f $(CURDIR)/debian/aircrack-ng/usr/share/man/man8/airodump-ng-oui-update*
rm -f $(CURDIR)/debian/aircrack-ng/usr/share/man/man8/airdriver-ng*
rm -f $(CURDIR)/debian/aircrack-ng/usr/sbin/airodump-ng-oui-update
rm -f $(CURDIR)/debian/aircrack-ng/usr/sbin/airdriver-ng
version=3
opts=dversionmangle=s/0~beta/beta/ \
http://download.aircrack-ng.org/aircrack-ng(?:-|\.|_|_v|)(\d\S*)\.(?:tar\.xz|txz|tar\.bz2|tbz2|tar\.gz|tgz)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment