Sunday, April 15, 2018

Aircrack-ng 1.2

It's been way too long since the last stable release.

Compared to the last stable, 1.1, almost 8 years ago, this release has a huge amount of improvements and fixes. The changelog since 1.1 is almost 300 lines long (1200+ commits). Code quality has improved, in parts thanks to Coverity Scan. We now switched to GitHub completely and have a few buildbots (including one for Windows) to test building and run the test suite on a different platforms.

The build system has switched to autotools, which fixes and improves building on a number of different platforms, CPUs and compilers (gcc, clang and Intel).
Aircrack-ng is now a lot faster on recent CPUs (up to 3 times) and a trampoline binary automatically chooses the best executable for your CPU instructions. There is no need to change any of the commands, it is done transparently. Both those changes will make distro package builder's task easier and they won't have to worry about how to build it to be compatible with the most CPUs.

Continuing with Aircrack-ng, it can also output WPA hashes to EWSA and hashcat format for processing with those tools.

There is 802.11 support in airodump-ng with HT40+/HT40- channels and it now displays the rate correctly for 802.11n or 802.11ac Access Points. For those using GPS, it now supports the recent version of GPSd with JSON.

Airmon-ng itself has a number of improvements in chipset/driver detection. The most notables improvements, on top of new chipset/driver detection, is the support for FreeBSD and on Linux, the support for Nexmon driver (monitor mode driver) on the Raspberry Pi 3 (and 0 Wireless) using Kali. Airtun-ng now supports WPA/2.

For the folks following our release candidates, this doesn't bring much compared to rc5, just a few small fixes and adds UTF8 ESSID support in airodump-ng and aireplay-ng. So, if you are already running 1.2rc5, update is merely advised, otherwise, it is highly recommended.


Changelog from rc5:

  • General: Fixed compiling Windows binaries and updated README.md/INSTALLING.
  • General: Fixed commands to install dependencies on Debian/Ubuntu and FreeBSD.
  • General: Added command to install dependencies on Fedora/CentOS/RHEL.
  • General: Removed packages/ directory.
  • General: Added Alpine Linux and Kali Linux buildbots.
  • General: Fixed configure with --with-libpcap-include=/somewhere/include and --with-libpcap-lib=/somewhere/lib.
  • General: Fixed search for ethtool when running as a non-root user.
  • General: Various fixes.
  • Airmon-ng: Fixed mktemp on Alpine Linux.

Tuesday, April 3, 2018

Aircrack-ng 1.2 Release Candidate 5

On top of tons of fixes and improvements everywhere (and on multiple platforms), this release switched to autotools which allows compiling on more platforms. A trampoline binary has been added for Aircrack-ng to automatically select the fastest version for your CPU features. It will also help package maintainers greatly.

A few other notable mentions:
  • Airodump-ng supports setting HT40+/HT40- channels and now displays 802.11n and 802.11ac rates.
  • Created WPA Enterprise WPE patches for HostAPd and Freeradius
  • Support to export to HCCAPx for Hashcat v3.6+
  • Added Airventriloquist-ng, a tool from Caesurus.
  • Airmon-ng supports setting Nexmon devices in/out of monitor mode on Kali


Changelog

  • General: Switching to autotools which allows compiling on more plateforms.
  • General: Updated README.md and INSTALLING files.
  • General: Fixed compilation on a lot of platforms.
  • General: Fixed compilation warnings across platforms and compilers.
  • General: Fixed typos in the tools and in manpages.
  • General: Replace %d/ld with %u/lu for unsigned printf parameters.
  • General: Added option to disable stack protector.
  • General: Improved makefile to get reproducible builds.
  • General: Fixed compilation with OpenSSL 1.1.0.
  • General: Updated radiotap parsing code.
  • General: Updated all URLs to use HTTPS.
  • General: Fixed compilation with libreSSL.
  • General: Added WPS 2.0 test PCAP.
  • General: Do not use stackguard on Windows.
  • General: Fixed warnings on GCC7.
  • General: Improved code quality using Coverity Scan.
  • General: Added badges for Coverity scan and Intel compiler buildbot
  • Aircrack-ng: Use trampoline binary to automatically select fastest executable depending on the CPU
  • Aircrack-ng: Fixed missing include for linecount.
  • Aircrack-ng: Fixed concurrency issues when reading multiple WEP PCAP.
  • Aircrack-ng: Added support for creating HCCAPx file format.
  • Airodump-ng: Get the channel from HT information.
  • Airodump-ng: Detect WPS 2.x.
  • Airodump-ng: Also check current directory for OUI file.
  • Airodump-ng: Fixed writing ESSID to CSV, Kismet CSV and Kismet NetXML files when ESSID gets decloaked and cloaked length was 1.
  • Aireplay-ng: Added deauthentication reason code option.
  • Aireplay-ng: Increase amount of AP to test when running injection test.
  • Airodump-ng: Fixed 802.11a channel hopping list.
  • Airodump-ng: Fix creation of .xor files.
  • Airodump-ng: Added support for HT channels (HT20/HT40-/HT40+).
  • Airodump-ng: Now displaying correct rate for 802.11n or 802.11ac AP.
  • Airmon-ng: Fixed checking for processes.
  • Airmon-ng: Fixed display of "cannot access '/sys/class/ieee80211/': No such file or directory".
  • Airmon-ng: Fixed bashisms.
  • Airmon-ng: Fixed display of specific drivers.
  • Airmon-ng: Fixed display of cards on the sdio bus.
  • Airmon-ng: Now supports nexmon driver on RPi 3 (and 0 Wireless) using Kali Linux.
  • Airmon-ng: Added identification for another realtek chipset and generic Ralink/MT.
  • Airmon-ng: Handle 2 types of rfkill commands and updated unblock text.
  • Airmon-ng: more portable modinfo usage.
  • Airmon-ng: remove grep -P references upon request.
  • Airmon-ng: Do not replace driver name by ?????? when driver is valid.
  • Airgraph-ng: Removed irrelevant comment in README.
  • Airgraph-ng: Handle SSID with double quotes.
  • Airgraph-ng: Fixed parsing OUI file.
  • Airdrop-ng: Updated lorcon2 installation instructions.
  • Besside-ng: Fixed 'wi_read(): No child processes' error.
  • Airdecloak-ng: Fixed segfault due to NULL pointer dereference.
  • osdep: Remove wi_set_channel(1) on open wifi interface (cygwin).
  • osdep: Fixed RAW socket resource leak.
  • Patches: Created WPE patches and documentation for current HostAPd and Freeradius versions.
  • Airodump-ng: Fix incorrect if conditions which always are false.
  • Airodump-ng: Remove useless not NULL check.
  • Airventriloquist: New tool from https://github.com/Caesurus/airventriloquist/
  • dcrack: Fixed indentation.
  • TravisCI: Fixed compilation on OSX.
  • AppVeyor: Added support for AppVeyor, CI for cygwin builds.

Sunday, March 11, 2018

Migration to GitHub

We have been wanting to migrate to GitHub for quite some time. We already had subversion to GitHub synchronization, so some of the work was already done. What was left were tickets.
We now finally migrated completely to GitHub.


It was a lot more complicated than what it sounds because we had tickets on trac and issues + pull requests on GitHub. One of the key migration goals was to replicate the data in such a way
as to near perfectly clone it; all while not bothering our entire user base with GitHub notifications.

Joe Benden did most of the work. The same person who helped us migrating to autotools. I did not expect such a level of professionalism and perfectionism in the work. We probably had a total 10 to 15 test-runs, each taking 1 to 2 days to complete and a lot of discussions to find the best solutions to issues/limitations we came across. Each test run was followed by review and feedback to improve it on the next run.


All the trac tickets are correctly linked to each other and have their attachments. We had some ticket numbers skipped in trac, due to spam some time ago. Luckily, GitHub API allows to skip issues numbers. A lot of fine tuning was done to do it the way we wanted. One of the item was linking tickets that was sometimes done in different ways (#123 or https://trac.aircrack-ng.org/tickets/123 or sometimes hxxp:// trac.aircrack-ng.org/tickets/123). Even URLs were corrected where needed. Along with a bunch of other small details.


Attachment was a big issue since we wanted to keep them and GitHub pretty much only allows text files or pictures in issues. Anything else is out of question. The best solution we could think about was to store them in a repository, GitHub only limiting large attachments which wasn't a problem in this case. On the filesystem, trac doesn't organize them neatly in directories, by names. Instead, it uses some kind of hashing algorithm and it is necessary to look up in the trac database to match them with the tickets and create a script to batch rename them.


Surprisingly, migrated trac tickets look much better than migrated GitHub issues. They look OK but that is due to GitHub API limitations.


One of the decisions was to avoid spamming people with notifications, so all the tickets are created with the Aircrack-ng account. GitHub doesn't allow to set the creation date or the author (there is a mix or email addresses, anonymous author or just username looking reporters) and with almost 2000 tickets, the best solution was to write down the author and date/time in the issues themselves.


Pull requests is tricky, they can't be migrated from one repo to another, period, even when using the API. So, we now have a copy of the existing ones, without link to the code change. So, if anybody who had a PR in the old repository, if you can recreate it in the new one, it would be great. GitHub API has also some kinds of limitation regarding closed PR/issues.


The reason why we decided to create another repository has to do with importing trac tickets and numbering. Matching would have been way too complicated if we appended to the existing repository. On top of that, if it failed somehow, we had no way of going back. It would also have complicated testing significantly.


Finally, while doing the migration, we noticed that the paid accounts don't have as much rate-limiting as the free accounts and the migration went a lot faster than expected. Just a few hours vs 2 days.


We kept the old repository and renamed it aircrack-ng-archive in case we need to look back at some issue/PR history.