access__point_8h_source.html

 #ifndef SNIFF_AP

 #define SNIFF_AP


 #include "channel.h"

 #include "decrypter.h"

 #include "recording.h"

 #include <filesystem>

 #include <optional>

 #include <tins/ethernetII.h>

 #include <tins/tins.h>

 #include <vector>


 namespace yarilo {


 class AccessPoint {

 public:

   enum class NetworkSecurity {

     OPEN,

     WEP,

     WPA,

     WPA2_Personal,

     WPA2_Enterprise,

     WPA3_Personal,

     WPA3_Enterprise,

   };


   enum class DecryptionState {

     DECRYPTED,

     NOT_ENOUGH_DATA,

     INCORRECT_PASSWORD,

     ALREADY_DECRYPTED,

   };


   /*

    * @brief WiFi standard that is supported by an access point, there can be

    * many of them for a given access point

    */

   enum class WiFiStandard {

     Dot11A,  // Legacy standards

     Dot11B,  // Legacy standards

     Dot11G,  // Legacy standards

     Dot11N,  // Wi-Fi 4 or HT (High Throughput)

     Dot11AC, // Wi-Fi 5 or HVT (Very High Throughput)

     Dot11AX, // Wi-Fi 6 or HE (High Efficiency)

   };


   /*

    * @brief WiFi modulation type used

    */

   enum class Modulation {

     CCK,   // Complementary code keying (802.11b)

     BPSK,  // Binary phase shift keying

     QPSK,  // Quadrature phase shift keying

     QAM16, // Quadrature amplitude modulation

     QAM64,

     QAM256,

     QAM1024,

   };


   /*

    * @brief WiFi channel width used

    */

   enum class ChannelWidth {

     CHAN20,

     CHAN40,

     CHAN80,

     CHAN80_80,

     CHAN160,

   };


   struct wifi_standard_info {

     WiFiStandard std;

     bool single_beamformer_support;

     bool single_beamformee_support;

     bool multi_beamformer_support;

     bool multi_beamformee_support;

     std::set<uint8_t> mcs_supported_idx; // Indices of MCS

     std::set<Modulation> modulation_supported;

     std::set<uint8_t>

         spatial_streams_supported; // Spatial stream configurations for MIMO,

                                    // for example 3 means that the network

                                    // supports 3 spatial streams, or 3x3

     std::set<ChannelWidth> channel_widths_supported;

   };


   struct client_info {

     std::string hwaddr;

     std::string hostname;

     std::string ipv4;

     std::string ipv6;

     uint32_t sent_unicast;

     uint32_t sent_total;

     uint32_t received;

     int8_t rrsi;

     int8_t noise;

     int8_t snr;

   };


   struct client_security {

     NetworkSecurity security;

     bool is_ccmp = false;

     bool pmf = false;

     std::optional<Tins::RSNInformation::CypherSuites> pairwise_cipher;

   };


   AccessPoint(const MACAddress &bssid, const SSID &ssid, int wifi_channel);


   bool handle_pkt(Tins::Packet *pkt);


   DecryptionState add_password(const std::string &psk);


   SSID get_ssid() const;


   MACAddress get_bssid() const;


   int get_wifi_channel() const;


   std::vector<wifi_standard_info> standards_supported() const;


   std::shared_ptr<PacketChannel> get_decrypted_channel();


   void close_all_channels();


   bool send_deauth(const Tins::NetworkInterface &iface, const MACAddress &addr);


   bool has_working_password() const;


   std::vector<NetworkSecurity> security_supported() const;


   bool unicast_decryption_supported() const;


   bool group_decryption_supported() const;


   bool client_decryption_supported(const MACAddress &client);


   /*

    * Get if the network can protect its management frames

    * @return True if 802.11w is in place

    */

   bool protected_management_supported() const;


   /*

    * Get if the network must protect its management frames

    * @return True if 802.11w is in place

    */

   bool protected_management_required() const;


   /*

    * Get if the network protects its management frames for a specific client

    * @return True if 802.11w is enforced for a client

    */

   bool protected_management(const MACAddress &client);


   WPA2Decrypter &get_decrypter();


   const std::set<MACAddress> get_clients() {

     std::set<MACAddress> result;

     for (const auto &[addr, _] : clients)

       result.insert(addr);

     return result;

   }


   const std::optional<client_info> get_client(MACAddress addr) {

     if (!clients.count(addr))

       return std::nullopt;

     return clients[addr];

   }


   const std::optional<client_security> get_client_security(MACAddress addr) {

     if (!clients_security.count(addr))

       return std::nullopt;

     return clients_security[addr];

   }


   uint32_t raw_packet_count() const;


   uint32_t decrypted_packet_count() const;


   std::optional<Recording::info>

   save_traffic(const std::filesystem::path &save_path, const std::string &name);


   std::optional<Recording::info>

   save_decrypted_traffic(const std::filesystem::path &save_path,

                          const std::string &name);


 private:

   bool handle_data(Tins::Packet *pkt);


   bool handle_management(Tins::Packet *pkt);


   void update_client_metadata(const Tins::Packet &pkt);


   std::vector<NetworkSecurity>

   detect_security_modes(const Tins::Dot11ManagementFrame &mgmt) const;


   std::vector<wifi_standard_info>

   detect_wifi_capabilities(const Tins::Dot11ManagementFrame &mgmt) const;


   bool check_pmf_capable(const Tins::Dot11ManagementFrame &mgmt) const;


   bool check_pmf_required(const Tins::Dot11ManagementFrame &mgmt) const;


   bool is_ccmp(const Tins::Dot11ManagementFrame &mgmt) const;


   uint32_t count = 0;

   uint32_t decrypted_pkt_count = 0;

   std::shared_ptr<spdlog::logger> logger;

   const SSID ssid;

   const MACAddress bssid;

   int wifi_channel = 0;

   std::vector<Tins::Packet *> captured_packets;

   WPA2Decrypter decrypter;

   std::vector<std::shared_ptr<PacketChannel>> converted_channels;

   std::vector<wifi_standard_info> wifi_stds_supported;


   // Used for deauth, we need to "copy" the behaviour of the radiotap layer

   uint8_t radio_length = 0;

   uint8_t radio_channel_freq = 0;

   uint8_t radio_channel_type = 0;

   uint8_t radio_antenna = 0;


   bool capabilities_detected = false;

   std::vector<NetworkSecurity> security_modes;

   bool pmf_supported = false; // 802.11w

   bool pmf_required = false;  // 802.11w

   bool uses_ccmp = false;

   std::unordered_map<MACAddress, client_info> clients;

   std::unordered_map<MACAddress, client_security> clients_security;

 };


 } // namespace yarilo


 #endif // SNIFF_AP

channel.h

yarilo::AccessPoint
Access Point in a basic service set (BSS) network.
Definition: access_point.h:18

yarilo::AccessPoint::NetworkSecurity
NetworkSecurity
Network security protocol used. A network can support multiple ways to connect and secure data.
Definition: access_point.h:24

yarilo::AccessPoint::NetworkSecurity::WPA2_Personal
@ WPA2_Personal

yarilo::AccessPoint::NetworkSecurity::WPA3_Enterprise
@ WPA3_Enterprise

yarilo::AccessPoint::NetworkSecurity::WPA
@ WPA

yarilo::AccessPoint::NetworkSecurity::WEP
@ WEP

yarilo::AccessPoint::NetworkSecurity::OPEN
@ OPEN

yarilo::AccessPoint::NetworkSecurity::WPA2_Enterprise
@ WPA2_Enterprise

yarilo::AccessPoint::NetworkSecurity::WPA3_Personal
@ WPA3_Personal

yarilo::AccessPoint::save_decrypted_traffic
std::optional< Recording::info > save_decrypted_traffic(const std::filesystem::path &save_path, const std::string &name)
Definition: access_point.cpp:202

yarilo::AccessPoint::save_traffic
std::optional< Recording::info > save_traffic(const std::filesystem::path &save_path, const std::string &name)
Definition: access_point.cpp:191

yarilo::AccessPoint::get_bssid
MACAddress get_bssid() const
Definition: access_point.cpp:45

yarilo::AccessPoint::get_client
const std::optional< client_info > get_client(MACAddress addr)
Definition: access_point.h:263

yarilo::AccessPoint::decrypted_packet_count
uint32_t decrypted_packet_count() const
Definition: access_point.cpp:186

yarilo::AccessPoint::unicast_decryption_supported
bool unicast_decryption_supported() const
Definition: access_point.cpp:146

yarilo::AccessPoint::handle_pkt
bool handle_pkt(Tins::Packet *pkt)
Definition: access_point.cpp:33

yarilo::AccessPoint::DecryptionState
DecryptionState
Current state of decryption.
Definition: access_point.h:37

yarilo::AccessPoint::DecryptionState::NOT_ENOUGH_DATA
@ NOT_ENOUGH_DATA

yarilo::AccessPoint::DecryptionState::ALREADY_DECRYPTED
@ ALREADY_DECRYPTED

yarilo::AccessPoint::DecryptionState::INCORRECT_PASSWORD
@ INCORRECT_PASSWORD

yarilo::AccessPoint::DecryptionState::DECRYPTED
@ DECRYPTED

yarilo::AccessPoint::get_ssid
SSID get_ssid() const
Definition: access_point.cpp:43

yarilo::AccessPoint::protected_management_required
bool protected_management_required() const
Definition: access_point.cpp:172

yarilo::AccessPoint::standards_supported
std::vector< wifi_standard_info > standards_supported() const
Definition: access_point.cpp:49

yarilo::AccessPoint::get_decrypted_channel
std::shared_ptr< PacketChannel > get_decrypted_channel()
Definition: access_point.cpp:53

yarilo::AccessPoint::add_password
DecryptionState add_password(const std::string &psk)
Definition: access_point.cpp:73

yarilo::AccessPoint::client_decryption_supported
bool client_decryption_supported(const MACAddress &client)
Definition: access_point.cpp:158

yarilo::AccessPoint::protected_management_supported
bool protected_management_supported() const
Definition: access_point.cpp:168

yarilo::AccessPoint::security_supported
std::vector< NetworkSecurity > security_supported() const
Definition: access_point.cpp:142

yarilo::AccessPoint::WiFiStandard
WiFiStandard
Definition: access_point.h:48

yarilo::AccessPoint::WiFiStandard::Dot11G
@ Dot11G

yarilo::AccessPoint::WiFiStandard::Dot11AC
@ Dot11AC

yarilo::AccessPoint::WiFiStandard::Dot11N
@ Dot11N

yarilo::AccessPoint::WiFiStandard::Dot11B
@ Dot11B

yarilo::AccessPoint::WiFiStandard::Dot11A
@ Dot11A

yarilo::AccessPoint::WiFiStandard::Dot11AX
@ Dot11AX

yarilo::AccessPoint::get_decrypter
WPA2Decrypter & get_decrypter()
Definition: access_point.cpp:180

yarilo::AccessPoint::Modulation
Modulation
Definition: access_point.h:60

yarilo::AccessPoint::Modulation::QAM16
@ QAM16

yarilo::AccessPoint::Modulation::QPSK
@ QPSK

yarilo::AccessPoint::Modulation::QAM64
@ QAM64

yarilo::AccessPoint::Modulation::QAM1024
@ QAM1024

yarilo::AccessPoint::Modulation::QAM256
@ QAM256

yarilo::AccessPoint::Modulation::CCK
@ CCK

yarilo::AccessPoint::Modulation::BPSK
@ BPSK

yarilo::AccessPoint::group_decryption_supported
bool group_decryption_supported() const
Definition: access_point.cpp:151

yarilo::AccessPoint::send_deauth
bool send_deauth(const Tins::NetworkInterface &iface, const MACAddress &addr)
Definition: access_point.cpp:100

yarilo::AccessPoint::protected_management
bool protected_management(const MACAddress &client)
Definition: access_point.cpp:174

yarilo::AccessPoint::has_working_password
bool has_working_password() const
Definition: access_point.cpp:138

yarilo::AccessPoint::get_client_security
const std::optional< client_security > get_client_security(MACAddress addr)
Definition: access_point.h:273

yarilo::AccessPoint::raw_packet_count
uint32_t raw_packet_count() const
Definition: access_point.cpp:182

yarilo::AccessPoint::get_wifi_channel
int get_wifi_channel() const
Definition: access_point.cpp:47

yarilo::AccessPoint::AccessPoint
AccessPoint(const MACAddress &bssid, const SSID &ssid, int wifi_channel)
Definition: access_point.cpp:24

yarilo::AccessPoint::ChannelWidth
ChannelWidth
Definition: access_point.h:73

yarilo::AccessPoint::ChannelWidth::CHAN40
@ CHAN40

yarilo::AccessPoint::ChannelWidth::CHAN80_80
@ CHAN80_80

yarilo::AccessPoint::ChannelWidth::CHAN80
@ CHAN80

yarilo::AccessPoint::ChannelWidth::CHAN160
@ CHAN160

yarilo::AccessPoint::ChannelWidth::CHAN20
@ CHAN20

yarilo::AccessPoint::get_clients
const std::set< MACAddress > get_clients()
Definition: access_point.h:252

yarilo::AccessPoint::close_all_channels
void close_all_channels()
Definition: access_point.cpp:68

yarilo::WPA2Decrypter
Decrypts unicast, multicast and broadcast WPA2 packets.
Definition: decrypter.h:25

decrypter.h

yarilo
Definition: access_point.cpp:22

yarilo::SSID
std::string SSID
Definition: decrypter.h:19

yarilo::MACAddress
Tins::HWAddress< 6 > MACAddress
Definition: decrypter.h:20

recording.h

yarilo::AccessPoint::client_info
Client information.
Definition: access_point.h:102

yarilo::AccessPoint::client_info::noise
int8_t noise
Definition: access_point.h:111

yarilo::AccessPoint::client_info::ipv4
std::string ipv4
Definition: access_point.h:105

yarilo::AccessPoint::client_info::hostname
std::string hostname
Definition: access_point.h:104

yarilo::AccessPoint::client_info::snr
int8_t snr
Definition: access_point.h:112

yarilo::AccessPoint::client_info::sent_total
uint32_t sent_total
Definition: access_point.h:108

yarilo::AccessPoint::client_info::hwaddr
std::string hwaddr
Definition: access_point.h:103

yarilo::AccessPoint::client_info::received
uint32_t received
Definition: access_point.h:109

yarilo::AccessPoint::client_info::rrsi
int8_t rrsi
Definition: access_point.h:110

yarilo::AccessPoint::client_info::sent_unicast
uint32_t sent_unicast
Definition: access_point.h:107

yarilo::AccessPoint::client_info::ipv6
std::string ipv6
Definition: access_point.h:106

yarilo::AccessPoint::client_security
Connection security info of a specific client.
Definition: access_point.h:118

yarilo::AccessPoint::client_security::is_ccmp
bool is_ccmp
Definition: access_point.h:120

yarilo::AccessPoint::client_security::security
NetworkSecurity security
Definition: access_point.h:119

yarilo::AccessPoint::client_security::pmf
bool pmf
Definition: access_point.h:121

yarilo::AccessPoint::client_security::pairwise_cipher
std::optional< Tins::RSNInformation::CypherSuites > pairwise_cipher
Definition: access_point.h:122

yarilo::AccessPoint::wifi_standard_info
WiFi standard capabilities for the network.
Definition: access_point.h:84

yarilo::AccessPoint::wifi_standard_info::std
WiFiStandard std
Definition: access_point.h:85

yarilo::AccessPoint::wifi_standard_info::single_beamformer_support
bool single_beamformer_support
Definition: access_point.h:86

yarilo::AccessPoint::wifi_standard_info::channel_widths_supported
std::set< ChannelWidth > channel_widths_supported
Definition: access_point.h:96

yarilo::AccessPoint::wifi_standard_info::modulation_supported
std::set< Modulation > modulation_supported
Definition: access_point.h:91

yarilo::AccessPoint::wifi_standard_info::single_beamformee_support
bool single_beamformee_support
Definition: access_point.h:87

yarilo::AccessPoint::wifi_standard_info::mcs_supported_idx
std::set< uint8_t > mcs_supported_idx
Definition: access_point.h:90

yarilo::AccessPoint::wifi_standard_info::spatial_streams_supported
std::set< uint8_t > spatial_streams_supported
Definition: access_point.h:93

yarilo::AccessPoint::wifi_standard_info::multi_beamformer_support
bool multi_beamformer_support
Definition: access_point.h:88

yarilo::AccessPoint::wifi_standard_info::multi_beamformee_support
bool multi_beamformee_support
Definition: access_point.h:89