access__point_8h_source.html

#ifndef SNIFF_AP

#define SNIFF_AP


#include "channel.h"

#include "decrypter.h"

#include "recording.h"

#include <filesystem>

#include <optional>

#include <tins/ethernetII.h>

#include <tins/tins.h>

#include <vector>


#include "database.h"


namespace yarilo {


class AccessPoint {

public:


  enum class NetworkSecurity {

    OPEN,

    WEP,

    WPA,

    WPA2_Personal,

    WPA2_Enterprise,

    WPA3_Personal,

    WPA3_Enterprise,

  };


  enum class DecryptionState {

    DECRYPTED,

    NOT_ENOUGH_DATA,

    INCORRECT_PASSWORD,

    ALREADY_DECRYPTED,

  };


  /*

   * @brief WiFi standard that is supported by an access point, there can be

   * many of them for a given access point

   */


  enum class WiFiStandard {

    Dot11A,  // Legacy standards

    Dot11B,  // Legacy standards

    Dot11G,  // Legacy standards

    Dot11N,  // Wi-Fi 4 or HT (High Throughput)

    Dot11AC, // Wi-Fi 5 or HVT (Very High Throughput)

    Dot11AX, // Wi-Fi 6 or HE (High Efficiency)

  };


  /*

   * @brief WiFi modulation type used

   */


  enum class Modulation {

    CCK,   // Complementary code keying (802.11b)

    BPSK,  // Binary phase shift keying

    QPSK,  // Quadrature phase shift keying

    QAM16, // Quadrature amplitude modulation

    QAM64,

    QAM256,

    QAM1024,

  };


  /*

   * @brief WiFi channel width used

   */


  enum class ChannelWidth {

    CHAN20,

    CHAN40,

    CHAN80,

    CHAN80_80,

    CHAN160,

  };


  struct wifi_standard_info {

    WiFiStandard std;

    bool single_beamformer_support;

    bool single_beamformee_support;

    bool multi_beamformer_support;

    bool multi_beamformee_support;

    std::set<uint8_t> mcs_supported_idx; // Indices of MCS

    std::set<Modulation> modulation_supported;

    std::set<uint8_t>

        spatial_streams_supported; // Spatial stream configurations for MIMO,

                                   // for example 3 means that the network

                                   // supports 3 spatial streams, or 3x3

    std::set<ChannelWidth> channel_widths_supported;

  };


  struct client_info {

    std::string hwaddr;

    std::string hostname;

    std::string ipv4;

    std::string ipv6;

    uint32_t sent_unicast;

    uint32_t sent_total;

    uint32_t received;

    int8_t rrsi;

    int8_t noise;

    int8_t snr;

  };


  struct client_security {

    NetworkSecurity security;

    bool is_ccmp = false;

    bool pmf = false;

    std::optional<Tins::RSNInformation::CypherSuites> pairwise_cipher;

  };


  AccessPoint(const MACAddress &bssid, const SSID &ssid, int wifi_channel,

              Database &db);


  bool handle_pkt(Tins::Packet *pkt);


  DecryptionState add_password(const std::string &psk);


  SSID get_ssid() const;


  MACAddress get_bssid() const;


  int get_wifi_channel() const;


  std::vector<wifi_standard_info> standards_supported() const;


  std::shared_ptr<PacketChannel> get_decrypted_channel();


  void close_all_channels();


  bool send_deauth(const Tins::NetworkInterface &iface, const MACAddress &addr);


  bool has_working_password() const;


  std::vector<NetworkSecurity> security_supported() const;


  bool unicast_decryption_supported() const;


  bool group_decryption_supported() const;


  bool client_decryption_supported(const MACAddress &client);


  /*

   * Get if the network can protect its management frames

   * @return True if 802.11w is in place

   */

  bool protected_management_supported() const;


  /*

   * Get if the network must protect its management frames

   * @return True if 802.11w is in place

   */

  bool protected_management_required() const;


  /*

   * Get if the network protects its management frames for a specific client

   * @return True if 802.11w is enforced for a client

   */

  bool protected_management(const MACAddress &client);


  WPA2Decrypter &get_decrypter();


  const std::set<MACAddress> get_clients() {

    std::set<MACAddress> result;

    for (const auto &[addr, _] : clients)

      result.insert(addr);

    return result;

  }


  const std::optional<client_info> get_client(MACAddress addr) {

    if (!clients.count(addr))

      return std::nullopt;

    return clients[addr];

  }


  const std::optional<client_security> get_client_security(MACAddress addr) {

    if (!clients_security.count(addr))

      return std::nullopt;

    return clients_security[addr];

  }


  uint32_t raw_packet_count() const;


  uint32_t decrypted_packet_count() const;


  std::optional<Recording::info>

  save_traffic(const std::filesystem::path &save_path, const std::string &name);


  std::optional<Recording::info>

  save_decrypted_traffic(const std::filesystem::path &save_path,

                         const std::string &name);


  void set_vendor();


  std::string get_vendor() const;


  std::string get_oid() const;


  std::string supported_security_text() const;


private:

  bool handle_data(Tins::Packet *pkt);


  bool handle_management(Tins::Packet *pkt);


  void update_client_metadata(const Tins::Packet &pkt);


  std::vector<NetworkSecurity>

  detect_security_modes(const Tins::Dot11ManagementFrame &mgmt) const;


  std::vector<wifi_standard_info>

  detect_wifi_capabilities(const Tins::Dot11ManagementFrame &mgmt) const;


  bool check_pmf_capable(const Tins::Dot11ManagementFrame &mgmt) const;


  bool check_pmf_required(const Tins::Dot11ManagementFrame &mgmt) const;


  bool is_ccmp(const Tins::Dot11ManagementFrame &mgmt) const;


  uint32_t count = 0;

  uint32_t decrypted_pkt_count = 0;

  std::shared_ptr<spdlog::logger> logger;

  const SSID ssid;

  const MACAddress bssid;

  int wifi_channel = 0;

  std::vector<Tins::Packet *> captured_packets;

  WPA2Decrypter decrypter;

  std::vector<std::shared_ptr<PacketChannel>> converted_channels;

  std::vector<wifi_standard_info> wifi_stds_supported;


  // Used for deauth, we need to "copy" the behaviour of the radiotap layer

  uint8_t radio_length = 0;

  uint8_t radio_channel_freq = 0;

  uint8_t radio_channel_type = 0;

  uint8_t radio_antenna = 0;


  bool capabilities_detected = false;

  std::vector<NetworkSecurity> security_modes;

  bool pmf_supported = false; // 802.11w

  bool pmf_required = false;  // 802.11w

  bool uses_ccmp = false;

  std::unordered_map<MACAddress, client_info> clients;

  std::unordered_map<MACAddress, client_security> clients_security;

  Database &db;

  std::string vendor;

  std::string oid;

};


} // namespace yarilo


#endif // SNIFF_AP

channel.h

yarilo::AccessPoint
Access Point in a basic service set (BSS) network.
Definition access_point.h:20

yarilo::AccessPoint::NetworkSecurity
NetworkSecurity
Network security protocol used. A network can support multiple ways to connect and secure data.
Definition access_point.h:26

yarilo::AccessPoint::NetworkSecurity::WPA2_Personal
@ WPA2_Personal

yarilo::AccessPoint::NetworkSecurity::WPA3_Enterprise
@ WPA3_Enterprise

yarilo::AccessPoint::NetworkSecurity::WPA
@ WPA

yarilo::AccessPoint::NetworkSecurity::WEP
@ WEP

yarilo::AccessPoint::NetworkSecurity::OPEN
@ OPEN

yarilo::AccessPoint::NetworkSecurity::WPA2_Enterprise
@ WPA2_Enterprise

yarilo::AccessPoint::NetworkSecurity::WPA3_Personal
@ WPA3_Personal

yarilo::AccessPoint::save_decrypted_traffic
std::optional< Recording::info > save_decrypted_traffic(const std::filesystem::path &save_path, const std::string &name)
Definition access_point.cpp:199

yarilo::AccessPoint::save_traffic
std::optional< Recording::info > save_traffic(const std::filesystem::path &save_path, const std::string &name)
Definition access_point.cpp:191

yarilo::AccessPoint::get_bssid
MACAddress get_bssid() const
Definition access_point.cpp:45

yarilo::AccessPoint::get_client_security
const std::optional< client_security > get_client_security(MACAddress addr)
Definition access_point.h:276

yarilo::AccessPoint::decrypted_packet_count
uint32_t decrypted_packet_count() const
Definition access_point.cpp:186

yarilo::AccessPoint::get_client
const std::optional< client_info > get_client(MACAddress addr)
Definition access_point.h:266

yarilo::AccessPoint::unicast_decryption_supported
bool unicast_decryption_supported() const
Definition access_point.cpp:146

yarilo::AccessPoint::handle_pkt
bool handle_pkt(Tins::Packet *pkt)
Definition access_point.cpp:33

yarilo::AccessPoint::AccessPoint
AccessPoint(const MACAddress &bssid, const SSID &ssid, int wifi_channel, Database &db)
Definition access_point.cpp:24

yarilo::AccessPoint::DecryptionState
DecryptionState
Current state of decryption.
Definition access_point.h:39

yarilo::AccessPoint::DecryptionState::NOT_ENOUGH_DATA
@ NOT_ENOUGH_DATA

yarilo::AccessPoint::DecryptionState::ALREADY_DECRYPTED
@ ALREADY_DECRYPTED

yarilo::AccessPoint::DecryptionState::INCORRECT_PASSWORD
@ INCORRECT_PASSWORD

yarilo::AccessPoint::DecryptionState::DECRYPTED
@ DECRYPTED

yarilo::AccessPoint::get_ssid
SSID get_ssid() const
Definition access_point.cpp:43

yarilo::AccessPoint::protected_management_required
bool protected_management_required() const
Definition access_point.cpp:172

yarilo::AccessPoint::standards_supported
std::vector< wifi_standard_info > standards_supported() const
Definition access_point.cpp:49

yarilo::AccessPoint::get_decrypted_channel
std::shared_ptr< PacketChannel > get_decrypted_channel()
Definition access_point.cpp:53

yarilo::AccessPoint::add_password
DecryptionState add_password(const std::string &psk)
Definition access_point.cpp:73

yarilo::AccessPoint::client_decryption_supported
bool client_decryption_supported(const MACAddress &client)
Definition access_point.cpp:158

yarilo::AccessPoint::protected_management_supported
bool protected_management_supported() const
Definition access_point.cpp:168

yarilo::AccessPoint::security_supported
std::vector< NetworkSecurity > security_supported() const
Definition access_point.cpp:142

yarilo::AccessPoint::get_oid
std::string get_oid() const
Definition access_point.cpp:740

yarilo::AccessPoint::WiFiStandard
WiFiStandard
Definition access_point.h:50

yarilo::AccessPoint::WiFiStandard::Dot11G
@ Dot11G

yarilo::AccessPoint::WiFiStandard::Dot11AC
@ Dot11AC

yarilo::AccessPoint::WiFiStandard::Dot11N
@ Dot11N

yarilo::AccessPoint::WiFiStandard::Dot11B
@ Dot11B

yarilo::AccessPoint::WiFiStandard::Dot11A
@ Dot11A

yarilo::AccessPoint::WiFiStandard::Dot11AX
@ Dot11AX

yarilo::AccessPoint::set_vendor
void set_vendor()
Definition access_point.cpp:730

yarilo::AccessPoint::get_decrypter
WPA2Decrypter & get_decrypter()
Definition access_point.cpp:180

yarilo::AccessPoint::Modulation
Modulation
Definition access_point.h:62

yarilo::AccessPoint::Modulation::QAM16
@ QAM16

yarilo::AccessPoint::Modulation::QPSK
@ QPSK

yarilo::AccessPoint::Modulation::QAM64
@ QAM64

yarilo::AccessPoint::Modulation::QAM1024
@ QAM1024

yarilo::AccessPoint::Modulation::QAM256
@ QAM256

yarilo::AccessPoint::Modulation::CCK
@ CCK

yarilo::AccessPoint::Modulation::BPSK
@ BPSK

yarilo::AccessPoint::get_clients
const std::set< MACAddress > get_clients()
Definition access_point.h:255

yarilo::AccessPoint::group_decryption_supported
bool group_decryption_supported() const
Definition access_point.cpp:151

yarilo::AccessPoint::supported_security_text
std::string supported_security_text() const

yarilo::AccessPoint::send_deauth
bool send_deauth(const Tins::NetworkInterface &iface, const MACAddress &addr)
Definition access_point.cpp:100

yarilo::AccessPoint::protected_management
bool protected_management(const MACAddress &client)
Definition access_point.cpp:174

yarilo::AccessPoint::has_working_password
bool has_working_password() const
Definition access_point.cpp:138

yarilo::AccessPoint::get_vendor
std::string get_vendor() const
Definition access_point.cpp:739

yarilo::AccessPoint::raw_packet_count
uint32_t raw_packet_count() const
Definition access_point.cpp:182

yarilo::AccessPoint::get_wifi_channel
int get_wifi_channel() const
Definition access_point.cpp:47

yarilo::AccessPoint::ChannelWidth
ChannelWidth
Definition access_point.h:75

yarilo::AccessPoint::ChannelWidth::CHAN40
@ CHAN40

yarilo::AccessPoint::ChannelWidth::CHAN80_80
@ CHAN80_80

yarilo::AccessPoint::ChannelWidth::CHAN80
@ CHAN80

yarilo::AccessPoint::ChannelWidth::CHAN160
@ CHAN160

yarilo::AccessPoint::ChannelWidth::CHAN20
@ CHAN20

yarilo::AccessPoint::close_all_channels
void close_all_channels()
Definition access_point.cpp:68

yarilo::Database
Definition database.h:14

yarilo::WPA2Decrypter
Decrypts unicast, multicast and broadcast WPA2 packets.
Definition decrypter.h:25

database.h

decrypter.h

yarilo
Definition access_point.cpp:22

yarilo::SSID
std::string SSID
Definition decrypter.h:19

yarilo::MACAddress
Tins::HWAddress< 6 > MACAddress
Definition decrypter.h:20

recording.h

yarilo::AccessPoint::client_info
Client information.
Definition access_point.h:104

yarilo::AccessPoint::client_info::noise
int8_t noise
Definition access_point.h:113

yarilo::AccessPoint::client_info::ipv4
std::string ipv4
Definition access_point.h:107

yarilo::AccessPoint::client_info::hostname
std::string hostname
Definition access_point.h:106

yarilo::AccessPoint::client_info::snr
int8_t snr
Definition access_point.h:114

yarilo::AccessPoint::client_info::sent_total
uint32_t sent_total
Definition access_point.h:110

yarilo::AccessPoint::client_info::hwaddr
std::string hwaddr
Definition access_point.h:105

yarilo::AccessPoint::client_info::received
uint32_t received
Definition access_point.h:111

yarilo::AccessPoint::client_info::rrsi
int8_t rrsi
Definition access_point.h:112

yarilo::AccessPoint::client_info::sent_unicast
uint32_t sent_unicast
Definition access_point.h:109

yarilo::AccessPoint::client_info::ipv6
std::string ipv6
Definition access_point.h:108

yarilo::AccessPoint::client_security
Connection security info of a specific client.
Definition access_point.h:120

yarilo::AccessPoint::client_security::is_ccmp
bool is_ccmp
Definition access_point.h:122

yarilo::AccessPoint::client_security::security
NetworkSecurity security
Definition access_point.h:121

yarilo::AccessPoint::client_security::pmf
bool pmf
Definition access_point.h:123

yarilo::AccessPoint::client_security::pairwise_cipher
std::optional< Tins::RSNInformation::CypherSuites > pairwise_cipher
Definition access_point.h:124

yarilo::AccessPoint::wifi_standard_info
WiFi standard capabilities for the network.
Definition access_point.h:86

yarilo::AccessPoint::wifi_standard_info::std
WiFiStandard std
Definition access_point.h:87

yarilo::AccessPoint::wifi_standard_info::single_beamformer_support
bool single_beamformer_support
Definition access_point.h:88

yarilo::AccessPoint::wifi_standard_info::channel_widths_supported
std::set< ChannelWidth > channel_widths_supported
Definition access_point.h:98

yarilo::AccessPoint::wifi_standard_info::modulation_supported
std::set< Modulation > modulation_supported
Definition access_point.h:93

yarilo::AccessPoint::wifi_standard_info::single_beamformee_support
bool single_beamformee_support
Definition access_point.h:89

yarilo::AccessPoint::wifi_standard_info::mcs_supported_idx
std::set< uint8_t > mcs_supported_idx
Definition access_point.h:92

yarilo::AccessPoint::wifi_standard_info::spatial_streams_supported
std::set< uint8_t > spatial_streams_supported
Definition access_point.h:95

yarilo::AccessPoint::wifi_standard_info::multi_beamformer_support
bool multi_beamformer_support
Definition access_point.h:90

yarilo::AccessPoint::wifi_standard_info::multi_beamformee_support
bool multi_beamformee_support
Definition access_point.h:91