diff -urpN bleed2/src/wpapcap2john.c bleed/src/wpapcap2john.c --- bleed2/src/wpapcap2john.c 2013-03-19 14:56:18.472493500 -0500 +++ bleed/src/wpapcap2john.c 2013-03-21 10:39:31.851376100 -0500 @@ -16,7 +16,7 @@ uint8 packet[65535]; static int bROT; WPA4way_t wpa[1000]; int nwpa=0; -char itoa64[65] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; +char cpItoa64[65] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; int Process(FILE *in, const char *InFName) { pcap_hdr_t main_hdr; @@ -179,7 +179,8 @@ void Handle4Way(int bIsQOS) { // p now points to the 802.1X Authentication structure. auth = (ether_auto_802_1x_t*)p; auth->length = swap16u(auth->length); - *(uint16*)&(auth->key_info) = swap16u(*(uint16*)&(auth->key_info)); + //*(uint16*)&(auth->key_info) = swap16u(*(uint16*)&(auth->key_info)); + auth->key_info_u16 = swap16u(auth->key_info_u16); auth->key_len = swap16u(auth->key_len); auth->replay_cnt = swap64u(auth->replay_cnt); auth->wpa_keydatlen = swap16u(auth->wpa_keydatlen); @@ -282,13 +283,13 @@ void Handle4Way(int bIsQOS) { // were taken from hccap2john.c source, and modified for this project. static void code_block(unsigned char *in, unsigned char b) { - putchar(itoa64[in[0] >> 2]); - putchar(itoa64[((in[0] & 0x03) << 4) | (in[1] >> 4)]); + putchar(cpItoa64[in[0] >> 2]); + putchar(cpItoa64[((in[0] & 0x03) << 4) | (in[1] >> 4)]); if (b) { - putchar(itoa64[((in[1] & 0x0f) << 2) | (in[2] >> 6)]); - putchar(itoa64[in[2] & 0x3f]); + putchar(cpItoa64[((in[1] & 0x0f) << 2) | (in[2] >> 6)]); + putchar(cpItoa64[in[2] & 0x3f]); } else - putchar(itoa64[((in[1] & 0x0f) << 2)]); + putchar(cpItoa64[((in[1] & 0x0f) << 2)]); } void DumpKey(int ess, int one_three, int bIsQOS) { diff -urpN bleed2/src/wpapcap2john.h bleed/src/wpapcap2john.h --- bleed2/src/wpapcap2john.h 2013-03-19 14:56:18.475497100 -0500 +++ bleed/src/wpapcap2john.h 2013-03-21 10:37:32.001392300 -0500 @@ -15,6 +15,8 @@ typedef signed short int16; typedef unsigned char uint8; typedef signed char int8; +#include "johnswap.h" + // All data structures MUST be byte aligned, since we work on 'raw' data in structures // and do not load structures record by record. #pragma pack(1) @@ -71,18 +73,21 @@ typedef struct ether_auto_802_1x_s { uint8 key; uint16 length; // in BE format uint8 key_descr; // should be 2 for EAPOL RSN KEY ? - struct { - uint16 KeyDescr : 3; // - uint16 KeyType : 1; // 1 is pairwise key - uint16 KeyIdx : 2; // should be 0 - uint16 Install : 1; // should be 0 - uint16 KeyACK : 1; // 1=set 0=nope - uint16 KeyMIC : 1; // 1 set, 0 nope - uint16 Secure : 1; - uint16 Error : 1; - uint16 Reqst : 1; - uint16 EncKeyDat: 1; - }key_info; + union { + struct { + uint16 KeyDescr : 3; // + uint16 KeyType : 1; // 1 is pairwise key + uint16 KeyIdx : 2; // should be 0 + uint16 Install : 1; // should be 0 + uint16 KeyACK : 1; // 1=set 0=nope + uint16 KeyMIC : 1; // 1 set, 0 nope + uint16 Secure : 1; + uint16 Error : 1; + uint16 Reqst : 1; + uint16 EncKeyDat: 1; + }key_info; + uint16 key_info_u16; // union used for swapping, to work around worthless gcc warning. + }; uint16 key_len; uint64 replay_cnt; uint8 wpa_nonce[32]; @@ -118,17 +123,10 @@ inline uint16 swap16u(uint16 v) { return ((v>>8)|((v&0xFF)<<8)); } inline uint32 swap32u(uint32 v) { - return ((v>>24)|((v&0xFF)<<24) | ((v&0xFF0000)>>8) | ((v&0xFF00)<<8)); + return JOHNSWAP(v); } inline uint64 swap64u(uint64 v) { - uint32 h,l; - h = ((uint32*)&v)[0]; - l = ((uint32*)&v)[1]; - h = ((h>>24)|((h&0xFF)<<24) | ((h&0xFF0000)>>8) | ((h&0xFF00)<<8)); - l = ((l>>24)|((l&0xFF)<<24) | ((l&0xFF0000)>>8) | ((l&0xFF00)<<8)); - ((uint32*)&v)[0] = l; - ((uint32*)&v)[1] = h; - return v; + return JOHNSWAP64(v); } // This type structure is used to keep track of EAPOL packets, as they are read