Skip to content

Commit

Permalink
Add Wi-FI WPA and WPA2 detection with Group Cipher, Pairwise Ciphers …
Browse files Browse the repository at this point in the history
…and Authentication Suites.

Added the following object properties:
- ies (an array containing all IE labels you can see with iwlist wlan0 scan)
- wpa (true if the cell supports WPA)
- wpa2 (true if the cell supports WPA2)
- wpa_group_cipher
- wpa_pairwise_cipher
- wpa_auth_suite
- wpa2_group_cipher
- wpa2_pairwise_cipher
- wpa2_auth_suite (arrays with wpa and wpa2 details)
  • Loading branch information
dam2k authored and Christian Weiske committed Jun 19, 2013
1 parent 3214e7e commit 02c5126
Show file tree
Hide file tree
Showing 2 changed files with 162 additions and 3 deletions.
76 changes: 76 additions & 0 deletions Net/Wifi.php
Original file line number Diff line number Diff line change
Expand Up @@ -40,11 +40,16 @@ class Net_Wifi
var $REG_PROTOCOL_1 = '/IEEE ([0-9.]+[a-z])/';
var $REG_PROTOCOL_2 = '/([0-9.]+[a-z])\s+linked\s+ESSID/';
var $REG_RATES = '|([0-9.]+) Mb/s|';
var $REG_GROUP_CIPHER = '|Group Cipher : (.*)|';
var $REG_PAIRWISE_CIPHERS = '|Pairwise Ciphers \([0-9]+\) : (.*)|';
var $REG_AUTH_SUITES = '|Authentication Suites \([0-9]+\) : (.*)|';
var $REG_RX_INVALID_CRYPT = '/Rx invalid crypt[:=](-?[0-9]+)/';
var $REG_RX_INVALID_FRAG = '/Rx invalid frag[:=](-?[0-9]+)/';
var $REG_RX_INVALID_NWID = '/Rx invalid nwid[:=](-?[0-9]+)/';
var $REG_SIGNAL_LEVEL = '/Signal level[:=](-?[0-9]+) dBm/';
var $REG_TX_EXCESSIVE_RETRIES = '/Tx excessive retries[:=](-?[0-9]+)/';
var $REG_WPA_IE_STRING = 'WPA Version 1';
var $REG_WPA2_IE_STRING = 'IEEE 802.11i/WPA2 Version 1';

/**
* Various locations of programs
Expand Down Expand Up @@ -318,6 +323,15 @@ function parseScan($arLines)
//add new cell
$arCells[$nCurrentCell] = new Net_Wifi_Cell();
$arCells[$nCurrentCell]->cell = $nCell;
$arCells[$nCurrentCell]->ies = "";
$arCells[$nCurrentCell]->wpa = false;
$arCells[$nCurrentCell]->wpa2 = false;
$arCells[$nCurrentCell]->wpa_group_cipher = array();
$arCells[$nCurrentCell]->wpa_pairwise_cipher = array();
$arCells[$nCurrentCell]->wpa_auth_suite = array();
$arCells[$nCurrentCell]->wpa2_group_cipher = array();
$arCells[$nCurrentCell]->wpa2_pairwise_cipher = array();
$arCells[$nCurrentCell]->wpa2_auth_suite = array();

//remove cell information from line for further interpreting
$strLine = substr($strLine, strpos($strLine, '- ') + 2);
Expand All @@ -334,6 +348,35 @@ function parseScan($arLines)
$strId = strtolower(substr($strLine, 0, $nPos - 1));
$strValue = trim(substr($strLine, $nPos));
switch ($strId) {
case 'ie':
if ($strValue == $this->REG_WPA_IE_STRING) {
// WPA1: "WPA Version 1" (multiline with Group Cipher list, Pairwise Ciphers list and Authentication Suites)
/*
* WPA Version 1
* Group Cipher : TKIP
* Pairwise Ciphers (2) : TKIP CCMP
* Authentication Suites (1) : PSK
*/
$arCells[$nCurrentCell]->wpa = true;
$bStandaloneRates = true;
}

if ($strValue == $this->REG_WPA2_IE_STRING) {
// WPA2: "IEEE 802.11i/WPA2 Version 1" (multiline with Group Cipher list, Pairwise Ciphers list and Authentication Suites)
/*
* IEEE 802.11i/WPA2 Version 1
* Group Cipher : CCMP
* Pairwise Ciphers (1) : CCMP
* Authentication Suites (1) : PSK
*/
$arCells[$nCurrentCell]->wpa2 = true;
$bStandaloneRates = true;
}
$arCells[$nCurrentCell]->ies[] = $strValue;
$arLines[$nA] = $strValue;
$nA--;//go back one so that this line is re-parsed
break;

case 'address':
$arCells[$nCurrentCell]->mac = $strValue;
break;
Expand Down Expand Up @@ -462,6 +505,39 @@ function parseScan($arLines)
}
break;
}
if (preg_match_all($this->REG_GROUP_CIPHER, $strLine, $arMatches) > 0) {
foreach ($arMatches[1] as $nCipher) {
if (end($arCells[$nCurrentCell]->ies) == $this->REG_WPA_IE_STRING) { // WPA1
$arCells[$nCurrentCell]->wpa_group_cipher = explode(' ', $nCipher);
}
if (end($arCells[$nCurrentCell]->ies) == $this->REG_WPA2_IE_STRING) { // WPA2
$arCells[$nCurrentCell]->wpa2_group_cipher = explode(' ', $nCipher);
}
}
break;
}
if (preg_match_all($this->REG_PAIRWISE_CIPHERS, $strLine, $arMatches) > 0) {
foreach ($arMatches[1] as $nCipher) {
if (end($arCells[$nCurrentCell]->ies) == $this->REG_WPA_IE_STRING) { // WPA1
$arCells[$nCurrentCell]->wpa_pairwise_cipher = explode(' ', $nCipher);
}
if (end($arCells[$nCurrentCell]->ies) == $this->REG_WPA2_IE_STRING) { // WPA2
$arCells[$nCurrentCell]->wpa2_pairwise_cipher = explode(' ', $nCipher);
}
}
break;
}
if (preg_match_all($this->REG_AUTH_SUITES, $strLine, $arMatches) > 0) {
foreach ($arMatches[1] as $nSuite) {
if (end($arCells[$nCurrentCell]->ies) == $this->REG_WPA_IE_STRING) { // WPA1
$arCells[$nCurrentCell]->wpa_auth_suite = explode(' ', $nSuite);
}
if (end($arCells[$nCurrentCell]->ies) == $this->REG_WPA2_IE_STRING) { // WPA2
$arCells[$nCurrentCell]->wpa2_auth_suite = explode(' ', $nSuite);
}
}
break;
}
}
$this->handleUnknown($strId, null);
break;
Expand Down
89 changes: 86 additions & 3 deletions tests/Net_WifiTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -308,11 +308,43 @@ function testParseScan()
" Extra: Rates (Mb/s): 1 2 5.5 11 ",
" Extra: RSSI: -59 dBm ",
" Extra: Last beacon: 544ms ago",
" Cell 04 - Address: 64:70:02:2E:FF:EA",
" Channel:6",
" Frequency:2.437 GHz (Channel 6)",
" Quality=63/70 Signal level=-47 dBm ",
" Encryption key:on",
" ESSID:\"test\"",
" Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 6 Mb/s",
" 9 Mb/s; 12 Mb/s; 18 Mb/s",
" Bit Rates:24 Mb/s; 36 Mb/s; 48 Mb/s; 54 Mb/s",
" Mode:Master",
" Extra:tsf=00000001e5290ee3",
" Extra: Last beacon: 2360ms ago",
" IE: Unknown: 000474657374",
" IE: Unknown: 010882848B960C121824",
" IE: Unknown: 030106",
" IE: Unknown: 0706495420010B14",
" IE: Unknown: 2A0104",
" IE: Unknown: 32043048606C",
" IE: IEEE 802.11i/WPA2 Version 1",
" Group Cipher : TKIP",
" Pairwise Ciphers (1) : CCMP",
" Authentication Suites (1) : PSK",
" IE: WPA Version 1",
" Group Cipher : TKIP",
" Pairwise Ciphers (2) : CCMP TKIP",
" Authentication Suites (1) : PSK",
" IE: Unknown: 2D1A0C001FFF00000001000000000096000100000000000000000000",
" IE: Unknown: 3D1606000000000000000000000000000000000000000000",
" IE: Unknown: 7F0400000080",
" IE: Unknown: 6B0100",
" IE: Unknown: 6C027F00",
" IE: Unknown: DD180050F2020101000003A4000027A4000042435E0062322F00",
);

$arCells = $this->wls->parseScan($arLines);

$this->assertEquals(3 , count($arCells));
$this->assertEquals(4 , count($arCells));

$this->assertEquals('net_wifi_cell' , strtolower(get_class($arCells[0])));

Expand All @@ -327,6 +359,14 @@ function testParseScan()
$this->assertEquals('array' , gettype($arCells[0]->rates));
$this->assertEquals('integer' , gettype($arCells[0]->rssi));
$this->assertEquals('integer' , gettype($arCells[0]->beacon));
$this->assertEquals('boolean' , gettype($arCells[0]->wpa));
$this->assertEquals('boolean' , gettype($arCells[0]->wpa2));
$this->assertEquals('array' , gettype($arCells[0]->wpa_group_cipher));
$this->assertEquals('array' , gettype($arCells[0]->wpa_pairwise_cipher));
$this->assertEquals('array' , gettype($arCells[0]->wpa_auth_suite));
$this->assertEquals('array' , gettype($arCells[0]->wpa2_group_cipher));
$this->assertEquals('array' , gettype($arCells[0]->wpa2_pairwise_cipher));
$this->assertEquals('array' , gettype($arCells[0]->wpa2_auth_suite));


$this->assertEquals('00:02:6F:08:4E:8A' , $arCells[0]->mac);
Expand All @@ -339,6 +379,14 @@ function testParseScan()
$this->assertEquals(array(1., 2., 5.5, 11.) , $arCells[0]->rates);
$this->assertEquals(-54 , $arCells[0]->rssi);
$this->assertEquals(8 , $arCells[0]->beacon);
$this->assertEquals(false , $arCells[0]->wpa);
$this->assertEquals(false , $arCells[0]->wpa2);
$this->assertEquals(array() , $arCells[0]->wpa_group_cipher);
$this->assertEquals(array() , $arCells[0]->wpa_pairwise_cipher);
$this->assertEquals(array() , $arCells[0]->wpa_auth_suite);
$this->assertEquals(array() , $arCells[0]->wpa2_group_cipher);
$this->assertEquals(array() , $arCells[0]->wpa2_pairwise_cipher);
$this->assertEquals(array() , $arCells[0]->wpa2_auth_suite);

$this->assertEquals('00:0F:3D:4B:0D:6E' , $arCells[1]->mac);
$this->assertEquals('RIKA' , $arCells[1]->ssid);
Expand All @@ -350,6 +398,14 @@ function testParseScan()
$this->assertEquals(array(1., 2., 5.5, 6., 9., 11., 12., 18., 24., 36., 48., 54.), $arCells[1]->rates);
$this->assertEquals(-53 , $arCells[1]->rssi);
$this->assertEquals(754 , $arCells[1]->beacon);
$this->assertEquals(false , $arCells[1]->wpa);
$this->assertEquals(false , $arCells[1]->wpa2);
$this->assertEquals(array() , $arCells[1]->wpa_group_cipher);
$this->assertEquals(array() , $arCells[1]->wpa_pairwise_cipher);
$this->assertEquals(array() , $arCells[1]->wpa_auth_suite);
$this->assertEquals(array() , $arCells[1]->wpa2_group_cipher);
$this->assertEquals(array() , $arCells[1]->wpa2_pairwise_cipher);
$this->assertEquals(array() , $arCells[1]->wpa2_auth_suite);

$this->assertEquals('00:0D:BC:50:62:06' , $arCells[2]->mac);
$this->assertEquals('skyspeed' , $arCells[2]->ssid);
Expand All @@ -361,6 +417,33 @@ function testParseScan()
$this->assertEquals(array(1., 2., 5.5, 11.) , $arCells[2]->rates);
$this->assertEquals(-59 , $arCells[2]->rssi);
$this->assertEquals(544 , $arCells[2]->beacon);
$this->assertEquals(false , $arCells[2]->wpa);
$this->assertEquals(false , $arCells[2]->wpa2);
$this->assertEquals(array() , $arCells[2]->wpa_group_cipher);
$this->assertEquals(array() , $arCells[2]->wpa_pairwise_cipher);
$this->assertEquals(array() , $arCells[2]->wpa_auth_suite);
$this->assertEquals(array() , $arCells[2]->wpa2_group_cipher);
$this->assertEquals(array() , $arCells[2]->wpa2_pairwise_cipher);
$this->assertEquals(array() , $arCells[2]->wpa2_auth_suite);

$this->assertEquals('64:70:02:2E:FF:EA' , $arCells[3]->mac);
$this->assertEquals('test' , $arCells[3]->ssid);
$this->assertEquals('master' , $arCells[3]->mode);
$this->assertEquals(6 , $arCells[3]->channel);
$this->assertEquals(true , $arCells[3]->encryption);
$this->assertEquals('' , $arCells[3]->protocol);
$this->assertEquals(54 , $arCells[3]->rate);
$this->assertEquals(array(1., 2., 5.5, 6., 9., 11., 12., 18., 24., 36., 48., 54.), $arCells[3]->rates);
$this->assertEquals(-47 , $arCells[3]->rssi);
$this->assertEquals(2360 , $arCells[3]->beacon);
$this->assertEquals(true , $arCells[3]->wpa);
$this->assertEquals(true , $arCells[3]->wpa2);
$this->assertEquals(array('TKIP') , $arCells[3]->wpa_group_cipher);
$this->assertEquals(array('CCMP', 'TKIP') , $arCells[3]->wpa_pairwise_cipher);
$this->assertEquals(array('PSK') , $arCells[3]->wpa_auth_suite);
$this->assertEquals(array('TKIP') , $arCells[3]->wpa2_group_cipher);
$this->assertEquals(array('CCMP') , $arCells[3]->wpa2_pairwise_cipher);
$this->assertEquals(array('PSK') , $arCells[3]->wpa2_auth_suite);


//some other peers
Expand Down Expand Up @@ -556,7 +639,7 @@ function testParseScan20091018()
Cell 01 - Address: 00:50:7F:9B:A7:D8
Channel:8
Frequency:2.447 GHz (Channel 8)
Quality=64/70 Signal level=-46 dBm
Quality=64/70 Signal level=-46 dBm
Encryption key:off
ESSID:"UPSTREAM_NEU"
Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 9 Mb/s
Expand All @@ -582,7 +665,7 @@ function testParseScan20091018()
Cell 02 - Address: 00:13:49:D6:AC:3C
Channel:6
Frequency:2.437 GHz (Channel 6)
Quality=33/70 Signal level=-77 dBm
Quality=33/70 Signal level=-77 dBm
Encryption key:off
ESSID:"home.cweiske.de"
Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s
Expand Down

0 comments on commit 02c5126

Please sign in to comment.