Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    stryngs
    @stryngs
    With some modifications:
    newStream = []
    newStream.append(" ".join(map(lambda stream:"%02x"%ord(stream), stream)))
    newStream = "  ".join(newStream)
    
    In [65]: newStream
    Out[65]: 'aa aa 03 00 00 00 08 00 45 00 00 54 00 00 40 00 40 01 f0 3b c0 a8 64 88 c0 a8 64 94 08 00 9d 65 c7 06 00 00 9c d9 f6 b9 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00'
    the object newStream is the expected output. Thanks for any assistance.
    infern0d
    @infern0d:matrix.org
    [m]
    It's not clear how it's working differently on Python 2 and 3 when reading your examples :/?
    stryngs
    @stryngs
    C2 AA C2 AA -vs- aa aa
    hexstr() is adding C2 to the start of it, twice.
    stryngs
    @stryngs
    @infern0d:matrix.org ^
    stryngs
    @stryngs
    I miss the "old style" way whereby you could do str(<scapy object>) and it would print out the repr. I built pyDot11 around that modeling. The shift for pyDot11 over to Python3 is fun for sure. We can now decrypt WEP natively using Python3 and scapy 2.4.5.
    2 replies
    It will handle Open, WEP or WPA; each with their own trick aside from Open for pure injection.
    The stream obj ^^ debugging took me some time as I kept following the math for RC4 and couldn't wrap my head around the diffs for 2v3; I had "assumed" hexstr() was the same as I had no reason to think otherwise as far as the bytes, their accuracy and order go.
    For the PCAPs in question:
    https://github.com/stryngs/pyDot11
    There is also now a question of Dot11FCS being missing in a unique and interesting way for ICMP these days vs when I took the PCAP of the wep traffic from years back.
    As those bytes don't change it must therefore be the "scapy interpretation".
    BMWE
    @BMWE
    Hi,
    I'd like to know what are the exact parameters passed to tshatk/tcpdump. How can I do that?
    10 replies
    infern0d
    @infern0d:matrix.org
    [m]
    stryngs (stryngs): hexstr works fine as long as you pass it bytes in both cases. I can't reproduce your issue
    stryngs
    @stryngs
    @infern0d:matrix.org The string in question that converts incorrectly when using hexstr() is:
    '\xaa\xaa\x03\x00\x00\x00\x08\x00E\x00\x00T\x00\x00@\x00@\x01\xf0;\xc0\xa8d\x88\xc0\xa8d\x94\x08\x00\x9de\xc7\x06\x00\x00\x9c\xd9\xf6\xb9\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
    infern0d
    @infern0d:matrix.org
    [m]
    you parsing it as bytes right?
    stryngs
    @stryngs
    Python2 style:
    hexstr(stream, onlyhex = 1)
    Out[4]: 'aa aa 03 00 00 00 08 00 45 00 00 54 00 00 40 00 40 01 f0 3b c0 a8 64 88 c0 a8 64 94 08 00 9d 65 c7 06 00 00 9c d9 f6 b9 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00'
    infern0d
    @infern0d:matrix.org
    [m]
    I don't see the b'
    stryngs
    @stryngs
    Python3 style:
    hexstr(x, onlyhex = 1)                                                                                                                                                                                     
    Out[8]: 'C2 AA C2 AA 03 00 00 00 08 00 45 00 00 54 00 00 40 00 40 01 C3 B0 3B C3 80 C2 A8 64 C2 88 C3 80 C2 A8 64 C2 94 08 00 C2 9D 65 C3 87 06 00 00 C2 9C C3 99 C3 B6 C2 B9 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00'
    Bytes are not used. I'm simply showing a diff between the method Python2 vs Python3.
    In the current format one cannot trust the contents of hexstr =(
    infern0d
    @infern0d:matrix.org
    [m]
    this function is meant to handle bytes what do you mean bytes are not used
    stryngs
    @stryngs
    If Python2 and Python3 both behaved the same for 2.4.5 it would be considered a non-issue you know?
    gpotter2
    @gpotter2
    The issue is just that you are not passing the bytes as bytes
    Pass it as bytes, you'll get the same result
    You should document yourself about the differences between Python 2 and 3 when it comes to bytes
    stryngs
    @stryngs
    In [12]: stream                                                                                                                                                                                                    
    Out[12]: 'ªª\x03\x00\x00\x00\x08\x00E\x00\x00T\x00\x00@\x00@\x01ð;À¨d\x88À¨d\x94\x08\x00\x9deÇ\x06\x00\x00\x9cÙö¹\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
    
    In [13]: stream.encode()                                                                                                                                                                                           
    Out[13]: b'\xc2\xaa\xc2\xaa\x03\x00\x00\x00\x08\x00E\x00\x00T\x00\x00@\x00@\x01\xc3\xb0;\xc3\x80\xc2\xa8d\xc2\x88\xc3\x80\xc2\xa8d\xc2\x94\x08\x00\xc2\x9de\xc3\x87\x06\x00\x00\xc2\x9c\xc3\x99\xc3\xb6\xc2\xb9\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
    
    In [14]: hexstr(stream.encode())                                                                                                                                                                                   
    Out[14]: 'C2 AA C2 AA 03 00 00 00 08 00 45 00 00 54 00 00 40 00 40 01 C3 B0 3B C3 80 C2 A8 64 C2 88 C3 80 C2 A8 64 C2 94 08 00 C2 9D 65 C3 87 06 00 00 C2 9C C3 99 C3 B6 C2 B9 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ..........E..T..@.@...;....d......d......e.................................................................'
    .encode incorrectly changes the intended stream bytes
    \xaa \xaa
    gpotter2
    @gpotter2
    You are missing the b'' !!!!
    You are converting a wrong string to wrong bytes
    image.png
    this is python 3
    it's working just fine
    stryngs
    @stryngs
    In [9]: stream
    Out[9]: '\xaa\xaa\x03\x00\x00\x00\x08\x00E\x00\x00T\x00\x00@\x00@\x01\xf0;\xc0\xa8d\x88\xc0\xa8d\x94\x08\x00\x9de\xc7\x06\x00\x00\x9c\xd9\xf6\xb9\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
    
    In [10]: stream.encode()
    ---------------------------------------------------------------------------
    UnicodeDecodeError                        Traceback (most recent call last)
    <ipython-input-10-db32f268970b> in <module>()
    ----> 1 stream.encode()
    
    UnicodeDecodeError: 'ascii' codec can't decode byte 0xaa in position 0: ordinal not in range(128)
    I also cannot use "bytes" with respect to WEP or WPA decryption, at least not using the methods and techniques I did with Python2.
    gpotter2
    @gpotter2
    Yes you should use bytes. You cannot not use bytes on Python 3
    stryngs
    @stryngs
    Alright, I'll read it.
    stryngs
    @stryngs

    Hmm. I'd go so far as to say this is a deeper issue

    >>> print(chr(0xaa).encode())
    b'\xc2\xaa'

    At least now I understand why Python2 and Python3 have differences with hexstr()

    This explains where the extra chars come in at...:
    hexstr(x, onlyhex = 1)                                                                                                                                                                                     
    Out[8]: 'C2 AA C2
    So yes, I will agree scapy is doing what Python3 is instructing it to do, which sadly means there is no PEP style fix for this =(
    However, some hackery based off hexstr itself and we've fixed the flaw
    newStream = []
    newStream.append(" ".join(map(lambda stream:"%02x"%ord(stream), stream)))
    newStream = "  ".join(newStream)
    Anywho, I'll be quiet now and let that soak, cheers!
    bhdrozgn
    @bhdrozgn
    Scapy can't process 802.11ax frames when radiotap header has HE_MU field.
    pkt.show() function returns raw bytes, we can't access layers or fields since no layer defined for that frame. Is there a way to access some fields when this is the case?
    2 replies
    stryngs
    @stryngs
    Would anyone here be interested in a workshop on how to leverage scapy for 802.11 concepts? Encryption/Decryption/etc.
    Leonard Crestez
    @cdleonard
    Gentle ping for secdev/scapy#3358 again? It's fully tested but did not receive any review comments