/aircrack-ng-1.1/src/airolib-ng.c
C | 1030 lines | 795 code | 134 blank | 101 comment | 246 complexity | be5ef387ace3af673e18260d64e1db14 MD5 | raw file
Possible License(s): GPL-2.0
- /*
- * A tool to compute and manage PBKDF2 values as used in WPA-PSK and WPA2-PSK
- *
- * Copyright (C) 2007; 2008, 2009 ebfe
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- *
- *
- * In addition, as a special exception, the copyright holders give
- * permission to link the code of portions of this program with the
- * OpenSSL library under certain conditions as described in each
- * individual source file, and distribute linked combinations
- * including the two.
- * You must obey the GNU General Public License in all respects
- * for all of the code used other than OpenSSL. * If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. * If you
- * do not wish to do so, delete this exception statement from your
- * version. * If you delete this exception statement from all source
- * files in the program, then also delete it here.
- */
- #include <stdio.h>
- #include <stdlib.h>
- #include <unistd.h>
- #include <stdint.h>
- #include <string.h>
- #include <sqlite3.h>
- #include <sys/time.h>
- #include <sys/types.h>
- #include <sys/stat.h>
- #include <unistd.h>
- #include <getopt.h>
- #include "aircrack-ng.h"
- #include "crypto.h"
- #ifdef HAVE_REGEXP
- #include <regex.h>
- #endif
- #include "version.h"
- #define IMPORT_ESSID "essid"
- #define IMPORT_PASSWD "passwd"
- #define IMPORT_COWPATTY "cowpatty"
- extern char * getVersion(char * progname, int maj, int min, int submin, int svnrev, int beta, int rc);
- void print_help(const char * msg) {
- printf("\n"
- " %s - (C) 2007, 2008, 2009 ebfe\n"
- " http://www.aircrack-ng.org\n"
- "\n"
- " Usage: airolib-ng <database> <operation> [options]\n"
- "\n"
- " Operations:\n"
- "\n"
- " --stats : Output information about the database.\n"
- " --sql <sql> : Execute specified SQL statement.\n"
- " --clean [all] : Clean the database from old junk. 'all' will also \n"
- " reduce filesize if possible and run an integrity check.\n"
- " --batch : Start batch-processing all combinations of ESSIDs\n"
- " and passwords.\n"
- " --verify [all] : Verify a set of randomly chosen PMKs.\n"
- " If 'all' is given, all invalid PMK will be deleted.\n"
- "\n"
- " --import [essid|passwd] <file> :\n"
- " Import a text file as a list of ESSIDs or passwords.\n"
- " --import cowpatty <file> :\n"
- " Import a cowpatty file.\n"
- "\n"
- " --export cowpatty <essid> <file> :\n"
- " Export to a cowpatty file.\n"
- "\n",
- getVersion("Airolib-ng", _MAJ, _MIN, _SUB_MIN, _REVISION, _BETA, _RC));
- if (msg && strlen(msg) > 0) {
- printf("%s", msg);
- puts("");
- }
- }
- void sql_error(sqlite3* db) {
- fprintf(stderr, "Database error: %s\n", sqlite3_errmsg(db));
- }
- int sql_exec_cb(sqlite3* db, const char *sql, void* callback, void* cb_arg) {
- #ifdef SQL_DEBUG
- printf(sql);
- printf("\n");
- fflush(stdout);
- #endif
- int rc;
- char *zErrMsg = 0;
- char looper[4] = {'|','/','-','\\'};
- int looperc = 0;
- int waited = 0;
- while (1) {
- rc = sqlite3_exec(db,sql,callback,cb_arg,&zErrMsg);
- if (rc == SQLITE_LOCKED || rc == SQLITE_BUSY) {
- fprintf(stdout,"Database is locked or busy. Waiting %is ... %1c \r",++waited, looper[looperc++ % sizeof(looper)]);
- fflush(stdout);
- sleep(1);
- } else {
- if (rc != SQLITE_OK) {
- fprintf(stderr, "SQL error. %s\n", zErrMsg);
- sqlite3_free(zErrMsg);
- }
- if (waited != 0) printf("\n\n");
- return rc;
- }
- }
- }
- // execute sql fast and hard.
- int sql_exec(sqlite3* db, const char *sql) {
- return sql_exec_cb(db,sql,0,0);
- }
- // wrapper for sqlite3_step which retries executing statements if the db returns SQLITE_BUSY or SQLITE_LOCKED
- int sql_step(sqlite3_stmt* stmt, int wait) {
- int rc;
- char looper[4] = {'|','/','-','\\'};
- int looperc = 0;
- int waited = 0;
- while (1) {
- rc = sqlite3_step(stmt);
- if (rc == SQLITE_LOCKED || rc == SQLITE_BUSY) {
- if (wait != 0) {
- fprintf(stdout,"Database is locked or busy. Waiting %is ... %1c \r",++waited, looper[looperc]);
- fflush(stdout);
- wait--;
- looperc = looperc+1 % sizeof(looper);
- sleep(1);
- } else {
- fprintf(stderr,"Database was locked or busy while getting results. I've given up.\n");
- return rc;
- }
- } else {
- if (waited != 0) printf("\n\n");
- return rc;
- }
- }
- }
- // wrapper for sqlite3_prepare_v2 which retries creating statements if the db returns SQLITE_BUSY or SQLITE_LOCKED
- int sql_prepare(sqlite3 *db, const char *sql, sqlite3_stmt **ppStmt, int wait) {
- #ifdef SQL_DEBUG
- printf(sql);
- printf("\n");
- fflush(stdout);
- #endif
- int rc;
- char looper[4] = {'|','/','-','\\'};
- int looperc = 0;
- int waited = 0;
- while (1) {
- rc = sqlite3_prepare_v2(db,sql,-1,ppStmt,NULL);
- if (rc == SQLITE_LOCKED || rc == SQLITE_BUSY) {
- if (wait != 0) {
- fprintf(stdout,"Database is locked or busy. Waiting %is ... %1c \r", ++waited, looper[looperc]);
- fflush(stdout);
- wait--;
- looperc = looperc+1 % sizeof(looper);
- sleep(1);
- } else {
- fprintf(stderr,"Database was locked or busy while creating statement. I've given up.\n");
- return rc;
- }
- } else {
- if (waited != 0) printf("\n\n");
- return rc;
- }
- }
- }
- // generic function to dump a resultset including column names to stdout
- int stmt_stdout(sqlite3_stmt* stmt, int* rowcount) {
- int ccount;
- int rcount = 0;
- int rc;
- if (stmt == 0 || (ccount = sqlite3_column_count(stmt)) == 0) {
- return sql_step(stmt,0);
- }
- int i = 0;
- do {
- printf("%s", sqlite3_column_name(stmt,i++));
- if (i < ccount) printf("\t");
- } while (i < ccount);
- printf("\n");
- while ((rc = sql_step(stmt,0)) == SQLITE_ROW) {
- i = 0;
- rcount++;
- do {
- printf("%s", (char *)sqlite3_column_text(stmt,i++));
- if (i < ccount) printf("\t");
- } while (i < ccount);
- printf("\n");
- }
- if (rowcount != NULL) *rowcount=rcount;
- return rc;
- }
- // generic function to dump the output of a sql statement to stdout.
- // will return sqlite error codes but also handle (read: ignore) them itself
- int sql_stdout(sqlite3* db, const char* sql, int* rowcount) {
- int rc;
- sqlite3_stmt *stmt;
- rc = sql_prepare(db,sql,&stmt,-1);
- if (rc != SQLITE_OK) {
- sql_error(db);
- return rc;
- }
- rc = stmt_stdout(stmt,rowcount);
- sqlite3_finalize(stmt);
- if (rc == SQLITE_DONE) {
- if (sqlite3_changes(db) > 0) fprintf(stdout,"Query done. %i rows affected.",sqlite3_changes(db));
- } else {
- sql_error(db);
- }
- printf("\n");
- return rc;
- }
- // retrieve a single int value using a sql query.
- // returns 0 if something goes wrong. beware! create your own statement if you need error handling.
- int query_int(sqlite3* db, const char* sql) {
- sqlite3_stmt *stmt;
- int rc;
- int ret;
- rc = sql_prepare(db,sql,&stmt,-1);
- if (rc != SQLITE_OK || stmt == 0 || sqlite3_column_count(stmt) == 0) {
- sql_error(db);
- ret = 0;
- } else {
- rc = sql_step(stmt,-1);
- if (rc == SQLITE_ROW) {
- ret = sqlite3_column_int(stmt,0);
- } else {
- #ifdef SQL_DEBUG
- printf("DEBUG: query_int() returns with sql_step() != SQLITE_ROW\n");
- #endif
- ret = 0;
- }
- }
- sqlite3_finalize(stmt);
- return ret;
- }
- // throw some statistics about the db to stdout.
- // if precise!=0 the stats will be queried nail by nail which can be slow
- void show_stats(sqlite3* db, int precise) {
- sql_exec(db,"BEGIN;");
- int essids = query_int(db, "SELECT COUNT(*) FROM essid;");
- int passwds = query_int(db,"SELECT COUNT(*) FROM passwd;");
- int done;
- if (precise != 0) {
- printf("Determining precise statistics may be slow...\n");
- done = query_int(db, "SELECT COUNT(*) FROM essid,passwd INNER JOIN pmk ON pmk.essid_id = essid.essid_id AND pmk.passwd_id = passwd.passwd_id");
- } else {
- done = query_int(db, "SELECT COUNT(*) FROM pmk;");
- }
- fprintf(stdout,"There are %i ESSIDs and %i passwords in the database. %i out of %i possible combinations have been computed (%g%%).\n\n", essids, passwds, done, essids*passwds, essids*passwds > 0 ? ((double)done*100)/(essids*passwds) : 0);
- if (precise != 0) {
- sql_stdout(db, "select essid.essid AS ESSID, essid.prio AS Priority, round(count(pmk.essid_id) * 100.0 / count(*),2) AS Done from essid,passwd left join pmk on pmk.essid_id = essid.essid_id and pmk.passwd_id = passwd.passwd_id group by essid.essid_id;",0);
- } else {
- sql_stdout(db, "SELECT essid.essid AS ESSID, essid.prio AS Priority, ROUND(COUNT(pmk.essid_id) * 100.0 / (SELECT COUNT(*) FROM passwd),2) AS Done FROM essid LEFT JOIN pmk ON pmk.essid_id = essid.essid_id GROUP BY essid.essid_id;",0);
- }
- sql_exec(db,"COMMIT;");
- }
- /*
- batch-process all combinations of ESSIDs and PASSWDs. this function may be called
- only once per db at the same time, yet multiple processes can batch-process a single db.
- don't modify this function's layout or it's queries without carefully considering speed, efficiency and concurrency.
- */
- void batch_process(sqlite3* db) {
- int rc;
- int cur_essid = 0;
- struct timeval starttime;
- struct timeval curtime;
- gettimeofday(&starttime,NULL);
- int rowcount = 0;
- char *sql;
- if (sql_exec(db, "CREATE TEMPORARY TABLE temp.buffer (wb_id integer, essid_id integer, passwd_id integer, essid text, passwd text, pmk blob);") != SQLITE_OK) {
- fprintf(stderr,"Failed to create buffer for batch processing.\n");
- return;
- }
- // may fail - thats ok
- cur_essid = query_int(db,"SELECT essid_id FROM workbench LIMIT 1;");
- while(1) {
- //loop over everything
- do {
- //loop over ESSID
- do {
- //loop over workbench
- sql_exec(db,"DELETE FROM temp.buffer;");
- // select some work from the workbench into our own buffer
- // move lockid ahead so other clients won't get those rows any time soon
- sql_exec(db,"BEGIN EXCLUSIVE;");
- sql_exec(db,"INSERT INTO temp.buffer (wb_id,essid_id,passwd_id,essid,passwd) SELECT wb_id, essid.essid_id,passwd.passwd_id,essid,passwd FROM workbench CROSS JOIN essid ON essid.essid_id = workbench.essid_id CROSS JOIN passwd ON passwd.passwd_id = workbench.passwd_id ORDER BY lockid LIMIT 25000;");
- sql_exec(db,"UPDATE workbench SET lockid=lockid+1 WHERE wb_id IN (SELECT wb_id FROM buffer);");
- sql_exec(db,"COMMIT;");
- rc = query_int(db,"SELECT COUNT(*) FROM buffer;");
- if (rc > 0) {
- // now calculate all the PMKs with a single statement.
- // remember the update won't lock the db
- sql_exec(db,"UPDATE temp.buffer SET pmk = PMK(essid,passwd);");
- // commit work and delete package from workbench
- sql_exec(db,"BEGIN EXCLUSIVE;");
- sql_exec(db,"INSERT OR IGNORE INTO pmk (essid_id,passwd_id,pmk) SELECT essid_id,passwd_id,pmk FROM temp.buffer");
- sql_exec(db,"DELETE FROM workbench WHERE wb_id IN (SELECT wb_id FROM buffer);");
- sql_exec(db,"COMMIT;");
- rowcount += rc;
- gettimeofday(&curtime,NULL);
- int timediff = curtime.tv_sec - starttime.tv_sec;
- fprintf(stdout,"\rComputed %i PMK in %i seconds (%i PMK/s, %i in buffer). ",rowcount,timediff, timediff > 0 ? rowcount / timediff : rowcount, query_int(db,"SELECT COUNT(*) FROM workbench;"));
- fflush(stdout);
- }
- } while (rc > 0);
- sql = sqlite3_mprintf("INSERT OR IGNORE INTO workbench (essid_id,passwd_id) SELECT essid.essid_id,passwd.passwd_id FROM passwd CROSS JOIN essid LEFT JOIN pmk ON pmk.essid_id = essid.essid_id AND pmk.passwd_id = passwd.passwd_id WHERE essid.essid_id = %i AND pmk.essid_id IS NULL LIMIT 250000;",cur_essid);
- sql_exec(db,sql);
- sqlite3_free(sql);
- } while (query_int(db,"SELECT COUNT(*) FROM workbench INNER JOIN essid ON essid.essid_id = workbench.essid_id INNER JOIN passwd ON passwd.passwd_id = workbench.passwd_id;") > 0);
- cur_essid = query_int(db,"SELECT essid.essid_id FROM essid LEFT JOIN pmk USING (essid_id) WHERE VERIFY_ESSID(essid.essid) == 0 GROUP BY essid.essid_id HAVING COUNT(pmk.essid_id) < (SELECT COUNT(*) FROM passwd) ORDER BY essid.prio,COUNT(pmk.essid_id),RANDOM() LIMIT 1;");
- if (cur_essid == 0) {
- printf("All ESSID processed.\n\n");
- sqlite3_close(db);
- exit(0);
- /*
- printf("No free ESSID found. Will try determining new ESSID in 5 minutes...\n");
- sleep(60*5);
- // slower, yet certain. should never be any better than the above, unless users fumble with the db.
- cur_essid = query_int(db,"SELECT essid.essid_id FROM essid,passwd LEFT JOIN pmk ON pmk.essid_id = essid.essid_id AND pmk.passwd_id = passwd.passwd_id WHERE pmk.essid_id IS NULL LIMIT 1;");
- if (cur_essid == 0) {
- printf("No free ESSID found. Sleeping 25 additional minutes...\n");
- sleep(60*25);
- }
- */
- }
- }
- //never reached
- sql_exec(db,"DROP TABLE temp.buffer;");
- }
- // Verify an ESSID. Returns 1 if ESSID is invalid.
- //TODO More things to verify? Invalid chars?
- int verify_essid(char* essid) {
- return essid == NULL || strlen(essid) < 1 || strlen(essid) > 32;
- }
- // sql function which checks a given ESSID
- void sql_verify_essid(sqlite3_context* context, int argc, sqlite3_value** values) {
- char* essid = (char*)sqlite3_value_text(values[0]);
- if (argc != 1 || essid == 0) {
- fprintf(stderr,"SQL function VERIFY_ESSID called with invalid arguments");
- return;
- }
- sqlite3_result_int(context,verify_essid(essid));
- }
- int verify_passwd(char* passwd) {
- return passwd == NULL || strlen(passwd) < 8 || strlen(passwd) > 63;
- }
- void sql_verify_passwd(sqlite3_context* context, int argc, sqlite3_value** values) {
- char* passwd = (char*)sqlite3_value_text(values[0]);
- if (argc != 1 || passwd == 0) {
- fprintf(stderr,"SQL function VERIFY_PASSWD called with invalid arguments");
- return;
- }
- sqlite3_result_int(context,verify_passwd(passwd));
- }
- // clean the db, analyze, maybe vacuum and check
- void vacuum(sqlite3* db, int deep) {
- printf("Deleting invalid ESSIDs and passwords...\n");
- sql_exec(db, "DELETE FROM essid WHERE VERIFY_ESSID(essid) != 0;");
- sql_exec(db, "DELETE FROM passwd WHERE VERIFY_PASSWD(passwd) != 0");
- printf("Deleting unreferenced PMKs...\n");
- sql_exec(db, "DELETE FROM pmk WHERE essid_id NOT IN (SELECT essid_id FROM essid)");
- sql_exec(db, "DELETE FROM pmk WHERE passwd_id NOT IN (SELECT passwd_id FROM passwd)");
- printf("Analysing index structure...\n");
- sql_exec(db, "ANALYZE;");
- if (deep != 0) {
- printf("Vacuum-cleaning the database. This could take a while...\n");
- sql_exec(db, "VACUUM;");
- printf("Checking database integrity...\n");
- sql_stdout(db, "PRAGMA integrity_check;",0);
- }
- printf("Done.\n");
- }
- // verify PMKs. If complete==1 we check all PMKs
- // returns 0 if ok, !=0 otherwise
- void verify(sqlite3* db, int complete) {
- if (complete != 1) {
- printf("Checking ~10.000 randomly chosen PMKs...\n");
- // this is faster than 'order by random()'. we need the subquery to trick the optimizer...
- sql_stdout(db,"select s.essid AS ESSID, COUNT(*) AS CHECKED, CASE WHEN MIN(s.pmk == PMK(essid,passwd)) == 0 THEN 'FAILED' ELSE 'OK' END AS STATUS FROM (select distinct essid,passwd,pmk FROM pmk INNER JOIN passwd ON passwd.passwd_id = pmk.passwd_id INNER JOIN essid ON essid.essid_id = pmk.essid_id WHERE abs(random() % (select count(*) from pmk)) < 10000) AS s GROUP BY s.essid;",0);
- } else {
- printf("Checking all PMKs. This could take a while...\n");
- sql_stdout(db,"select essid AS ESSID,passwd AS PASSWORD,HEX(pmk) AS PMK_DB, HEX(PMK(essid,passwd)) AS CORRECT FROM pmk INNER JOIN passwd ON passwd.passwd_id = pmk.passwd_id INNER JOIN essid ON essid.essid_id = pmk.essid_id WHERE pmk.pmk != PMK(essid,passwd);",0);
- }
- }
- // callback for export_cowpatty. takes the passwd and pmk from the query and writes another fileentry.
- int sql_exportcow(void* arg, int ccount, char** values, char** columnnames) {
- FILE *f = (FILE*)arg;
- struct hashdb_rec rec;
- if (ccount != 2 || values[0] == NULL || values[1] == NULL || fileno(f) == -1) {
- printf("Illegal call to sql_exportcow.\n");
- return -1;
- }
- if (columnnames) {} //XXX
- char* passwd = (char*)values[0];
- memcpy(rec.pmk,values[1],sizeof(rec.pmk));
- rec.rec_size = strlen(passwd) + sizeof(rec.pmk)+ sizeof(rec.rec_size);
- int rc = fwrite(&rec.rec_size,sizeof(rec.rec_size),1,f);
- rc += fwrite(passwd, strlen(passwd),1,f);
- rc += fwrite(rec.pmk, sizeof(rec.pmk), 1, f);
- if (rc != 3) {
- printf("Error while writing to export file. Query aborted...\n");
- return 1;
- }
- fflush(f);
- return 0;
- }
- // export to a cowpatty file
- void export_cowpatty(sqlite3* db, char* essid, char* filename) {
- struct hashdb_head filehead;
- memset(&filehead, 0, sizeof(filehead));
- FILE *f = NULL;
- if (access(filename, F_OK)==0) {
- printf("The file already exists and I won't overwrite it.\n");
- return;
- }
- // ensure that the essid is found in the db and has at least one entry in the pmk table.
- char *sql = sqlite3_mprintf("SELECT COUNT(*) FROM (SELECT passwd, pmk FROM essid,passwd INNER JOIN pmk ON pmk.passwd_id = passwd.passwd_id AND pmk.essid_id = essid.essid_id WHERE essid.essid = '%q' LIMIT 1);",essid);
- int rc = query_int(db,sql);
- sqlite3_free(sql);
- if (rc == 0) {
- printf("There is no such ESSID in the database or there are no PMKs for it.\n");
- return;
- }
- memcpy(filehead.ssid, essid,strlen(essid));
- filehead.ssidlen = strlen(essid);
- filehead.magic = GENPMKMAGIC;
- f = fopen(filename, "w");
- if (f == NULL || fwrite(&filehead, sizeof(filehead), 1, f) != 1) {
- printf("Couldn't open the export file for writing.\n");
- return;
- }
- // as we have an open filehandle, we now query the db to return passwds and associated PMKs for that essid. we pass the filehandle to a callback function which will write the rows to the file.
- sql = sqlite3_mprintf("SELECT passwd, pmk FROM essid,passwd INNER JOIN pmk ON pmk.passwd_id = passwd.passwd_id AND pmk.essid_id = essid.essid_id WHERE essid.essid = '%q'",essid);
- printf("Exporting...\n");
- rc = sql_exec_cb(db,sql,&sql_exportcow,f);
- sqlite3_free(sql);
- if (rc != SQLITE_OK) {
- printf("There was an error while exporting.\n");
- }
- fclose(f);
- printf("Done.\n");
- }
- // import a cowpatty file
- int import_cowpatty(sqlite3* db, char* filename) {
- struct hashdb_head filehead;
- struct hashdb_rec rec;
- FILE *f = NULL;
- int rc;
- sqlite3_stmt *stmt;
- char* sql;
- int essid_id;
- int wordlength;
- char passwd[63+1];
- if (strcmp(filename,"-") == 0) {
- f = stdin;
- } else {
- f = fopen(filename, "r");
- }
- if (f == NULL || fread(&filehead, sizeof(filehead),1,f) != 1) {
- printf("Couldn't open the import file for reading.\n");
- return 0;
- } else if (filehead.magic != GENPMKMAGIC) {
- printf("File doesn't seem to be a cowpatty file.\n");
- fclose(f);
- return 0;
- } else if (verify_essid((char *)filehead.ssid) != 0) {
- printf("The file's ESSID is invalid.\n");
- fclose(f);
- return 0;
- }
- printf("Reading header...\n");
- //We need protection so concurrent transactions can't smash the ID-references
- sql_exec(db,"BEGIN;");
- sql = sqlite3_mprintf("INSERT OR IGNORE INTO essid (essid) VALUES ('%q');",filehead.ssid);
- sql_exec(db,sql);
- sqlite3_free(sql);
- //since there is only one essid per file, we can determine it's ID now
- sql = sqlite3_mprintf("SELECT essid_id FROM essid WHERE essid = '%q'", filehead.ssid);
- essid_id = query_int(db,sql);
- sqlite3_free(sql);
- if (essid_id == 0) {
- fclose(f);
- sql_exec(db,"ROLLBACK;");
- printf("ESSID couldn't be inserted. I've given up.\n");
- return 0;
- }
- sql = sqlite3_mprintf("CREATE TEMPORARY TABLE import (passwd text, pmk blob);", essid_id);
- sql_exec(db,sql);
- sqlite3_free(sql);
- sql_prepare(db,"INSERT INTO import (passwd,pmk) VALUES (@pw,@pmk)",&stmt,-1);
- printf("Reading...\n");
- while ((rc = fread(&rec.rec_size, sizeof(rec.rec_size), 1, f)) == 1) {
- wordlength = abs(rec.rec_size) - (sizeof(rec.pmk) + sizeof(rec.rec_size));
- //prevent out of bounds writing (sigsegv guaranteed) but don't skip the whole file if wordlength < 8
- if (wordlength > 0 && wordlength < (int) sizeof(passwd)) {
- passwd[wordlength] = 0;
- rc += fread(passwd, wordlength, 1, f);
- if (rc == 2) rc += fread(&rec.pmk, sizeof(rec.pmk), 1, f);
- }
- if (rc != 3) {
- fprintf(stdout,"Error while reading record (%i).\n",rc);
- sqlite3_finalize(stmt);
- if (db == NULL) {
- printf("omg");
- fflush(stdout);
- }
- sql_exec(db, "ROLLBACK;");
- fclose(f);
- return 1;
- }
- if (verify_passwd(passwd) == 0) {
- sqlite3_bind_text(stmt,1,passwd, strlen(passwd),SQLITE_TRANSIENT);
- sqlite3_bind_blob(stmt,2,&rec.pmk, sizeof(rec.pmk),SQLITE_TRANSIENT);
- if (sql_step(stmt,-1) == SQLITE_DONE) {
- sqlite3_reset(stmt);
- } else {
- printf("Error while inserting record into database.\n");
- sqlite3_finalize(stmt);
- sql_exec(db, "ROLLBACK;");
- fclose(f);
- return 1;
- }
- } else {
- fprintf(stdout,"Invalid password %s will not be imported.\n",passwd);
- }
- }
- sqlite3_finalize(stmt);
- if (!feof(f)) {
- printf("Error while reading file.\n");
- sql_exec(db,"ROLLBACK;");
- fclose(f);
- return 1;
- }
- printf("Updating references...\n");
- sql_exec(db, "INSERT OR IGNORE INTO passwd (passwd) SELECT passwd FROM import;");
- //TODO Give the user a choice to either INSERT OR UPDATE or INSERT OR IGNORE
- printf("Writing...\n");
- sql = sqlite3_mprintf("INSERT OR IGNORE INTO pmk (essid_id,passwd_id,pmk) SELECT %i,passwd.passwd_id,import.pmk FROM import INNER JOIN passwd ON passwd.passwd = import.passwd;",essid_id);
- sql_exec(db,sql);
- sqlite3_free(sql);
- sql_exec(db,"COMMIT;");
- fclose(f);
- return 1;
- }
- int import_ascii(sqlite3* db, const char* mode, const char* filename) {
- FILE *f = NULL;
- sqlite3_stmt *stmt;
- char buffer[63+1];
- int imported=0;
- int ignored=0;
- int imode=0;
- if (strcasecmp(mode,IMPORT_ESSID) == 0) {
- imode = 0;
- } else if (strcasecmp(mode,IMPORT_PASSWD) == 0) {
- imode = 1;
- } else {
- printf("Specify either 'essid' or 'passwd' as import mode.\n");
- return 0;
- }
- if (strcmp(filename,"-") == 0) {
- f = stdin;
- } else {
- f = fopen(filename, "r");
- }
- if (f == NULL) {
- printf("Could not open file/stream for reading.\n");
- return 0;
- }
- char* sql = sqlite3_mprintf("INSERT OR IGNORE INTO %q (%q) VALUES (@v);",mode,mode);
- sql_prepare(db,sql,&stmt,-1);
- sqlite3_free(sql);
- sql_exec(db, "BEGIN;");
- printf("Reading file...\n");
- while (fgets(buffer, sizeof(buffer), f) != 0) {
- int i = strlen(buffer);
- if (buffer[i-1] == '\n') buffer[--i] = '\0';
- if (buffer[i-1] == '\r') buffer[--i] = '\0';
- imported++;
- if ((imode == 0 && verify_essid(buffer)==0) || (imode == 1 && verify_passwd(buffer)==0)) {
- sqlite3_bind_text(stmt,1,buffer, strlen(buffer),SQLITE_TRANSIENT);
- if (sql_step(stmt,-1) == SQLITE_DONE) {
- sqlite3_reset(stmt);
- } else {
- printf("Error while inserting record into database.\n");
- sql_exec(db, "ROLLBACK;");
- sqlite3_finalize(stmt);
- fclose(f);
- return 1;
- }
- } else {
- ignored++;
- }
- if (imported % 1000 == 0) {
- fprintf(stdout,"%i lines read, %i invalid lines ignored.\r",imported,ignored);
- fflush(stdout);
- }
- }
- sqlite3_finalize(stmt);
- if (!feof(f)) {
- printf("Error while reading file.\n");
- sql_exec(db,"ROLLBACK;");
- fclose(f);
- return 1;
- }
- fclose(f);
- printf("Writing...\n");
- sql_exec(db,"COMMIT;");
- printf("Done.\n");
- return 1;
- }
- // sql function. takes ESSID and PASSWD, gives PMK
- void sql_calcpmk(sqlite3_context* context, int argc, sqlite3_value** values) {
- unsigned char pmk[40];
- char* passwd = (char*)sqlite3_value_blob(values[1]);
- char* essid = (char*)sqlite3_value_blob(values[0]);
- if (argc < 2 || passwd == 0 || essid == 0) {
- sqlite3_result_error(context, "SQL function PMK() called with invalid arguments.\n", -1);
- return;
- }
- calc_pmk(passwd,essid,pmk);
- sqlite3_result_blob(context,pmk,32,SQLITE_TRANSIENT);
- }
- #ifdef HAVE_REGEXP
- void sqlite_regexp(sqlite3_context* context, int argc, sqlite3_value** values) {
- int ret;
- regex_t regex;
- char* reg = (char*)sqlite3_value_text(values[0]);
- char* text = (char*)sqlite3_value_text(values[1]);
- if ( argc != 2 || reg == 0 || text == 0) {
- sqlite3_result_error(context, "SQL function regexp() called with invalid arguments.\n", -1);
- return;
- }
- ret = regcomp(®ex, reg, REG_EXTENDED | REG_NOSUB);
- if ( ret != 0 ) {
- sqlite3_result_error(context, "error compiling regular expression", -1);
- return;
- }
- ret = regexec(®ex, text , 0, NULL, 0);
- regfree(®ex);
- sqlite3_result_int(context, (ret != REG_NOMATCH));
- }
- #endif
- int initDataBase(const char * filename, sqlite3 ** db)
- {
- //int rc = sqlite3_open_v2(filename, &db, SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE, NULL);
- int rc = sqlite3_open(filename, &(*db));
- if (rc != SQLITE_OK) {
- sql_error(*db);
- sqlite3_close(*db);
- // May be usefull later
- return rc;
- }
- sql_exec(*db, "create table essid (essid_id integer primary key autoincrement, essid text, prio integer default 64);");
- sql_exec(*db, "create table passwd (passwd_id integer primary key autoincrement, passwd text);");
- sql_exec(*db, "create table pmk (pmk_id integer primary key autoincrement, passwd_id int, essid_id int, pmk blob);");
- sql_exec(*db, "create table workbench (wb_id integer primary key autoincrement, essid_id integer, passwd_id integer, lockid integer default 0);");
- sql_exec(*db, "create index lock_lockid on workbench (lockid);");
- sql_exec(*db, "create index pmk_pw on pmk (passwd_id);");
- sql_exec(*db, "create unique index essid_u on essid (essid);");
- sql_exec(*db, "create unique index passwd_u on passwd (passwd);");
- sql_exec(*db, "create unique index ep_u on pmk (essid_id,passwd_id);");
- sql_exec(*db, "create unique index wb_u on workbench (essid_id,passwd_id);");
- sql_exec(*db, "CREATE TRIGGER delete_essid DELETE ON essid BEGIN DELETE FROM pmk WHERE pmk.essid_id = OLD.essid_id; DELETE FROM workbench WHERE workbench.essid_id = OLD.essid_id; END;");
- sql_exec(*db, "CREATE TRIGGER delete_passwd DELETE ON passwd BEGIN DELETE FROM pmk WHERE pmk.passwd_id = OLD.passwd_id; DELETE FROM workbench WHERE workbench.passwd_id = OLD.passwd_id; END;");
- #ifdef SQL_DEBUG
- sql_exec(*db, "begin;");
- sql_exec(*db, "insert into essid (essid,prio) values ('e',random())");
- sql_exec(*db, "insert into passwd (passwd) values ('p')");
- sql_exec(*db, "insert into essid (essid,prio) select essid||'a',random() from essid;");
- sql_exec(*db, "insert into essid (essid,prio) select essid||'b',random() from essid;");
- sql_exec(*db, "insert into essid (essid,prio) select essid||'c',random() from essid;");
- sql_exec(*db, "insert into essid (essid,prio) select essid||'d',random() from essid;");
- sql_exec(*db, "insert into passwd (passwd) select passwd||'a' from passwd;");
- sql_exec(*db, "insert into passwd (passwd) select passwd||'b' from passwd;");
- sql_exec(*db, "insert into passwd (passwd) select passwd||'c' from passwd;");
- sql_exec(*db, "insert into passwd (passwd) select passwd||'d' from passwd;");
- sql_exec(*db, "insert into passwd (passwd) select passwd||'e' from passwd;");
- sql_exec(*db, "insert into pmk (essid_id,passwd_id) select essid_id,passwd_id from essid,passwd limit 1000000;");
- sql_exec(*db,"commit;");
- #endif
- sqlite3_close(*db);
- printf("Database <%s> successfully created\n", filename);
- return 0;
- }
- int check_for_db(sqlite3 ** db, const char * filename, int can_create, int readonly)
- {
- struct stat dbfile;
- int rc;
- int accessflags = R_OK | W_OK;
- if (readonly)
- accessflags = R_OK;
- // Check if DB exist. If it does not, initialize it
- if (access(filename, accessflags)) {
- printf("Database <%s> does not already exist, ", filename);
- if (can_create)
- {
- printf("creating it...\n");
- rc = initDataBase(filename, db);
- if (rc)
- {
- printf("Error initializing database (return code: %d), exiting...\n", rc);
- return 1;
- }
- }
- else
- {
- printf("exiting ...\n");
- return 1;
- }
- }
- else
- {
- if (stat(filename, &dbfile))
- {
- perror("stat()");
- return 1;
- }
- if ((S_ISREG(dbfile.st_mode) && !S_ISDIR(dbfile.st_mode)) == 0)
- {
- printf("\"%s\" does not appear to be a file.\n", filename);
- return 1;
- }
- }
- rc = sqlite3_open(filename, &(*db));
- if(rc) {
- sql_error(*db);
- sqlite3_close(*db);
- return 1;
- }
- // TODO: Sanity check: Table definitions, index
- // register new functions to be used in SQL statements
- if (sqlite3_create_function(*db, "PMK", 2, SQLITE_ANY, 0, &sql_calcpmk,0,0) != SQLITE_OK) {
- printf("Failed creating PMK function.\n");
- sql_error(*db);
- sqlite3_close(*db);
- return 1;
- }
- if (sqlite3_create_function(*db, "VERIFY_ESSID", 1, SQLITE_ANY, 0, &sql_verify_essid,0,0) != SQLITE_OK) {
- printf("Failed creating VERIFY_ESSID function.\n");
- sql_error(*db);
- sqlite3_close(*db);
- return 1;
- }
- if (sqlite3_create_function(*db, "VERIFY_PASSWD", 1, SQLITE_ANY, 0, &sql_verify_passwd,0,0) != SQLITE_OK) {
- printf("Failed creating VERIFY_PASSWD function.\n");
- sql_error(*db);
- sqlite3_close(*db);
- return 1;
- }
- #ifdef HAVE_REGEXP
- if (sqlite3_create_function(*db, "regexp", 2, SQLITE_ANY,0, &sqlite_regexp,0,0) != SQLITE_OK) {
- printf("Failed creating regexp() handler.\n");
- sql_error(*db);
- sqlite3_close(*db);
- return 1;
- }
- #endif
- return 0;
- }
- int main(int argc, char **argv) {
- sqlite3 *db;
- int option_index, option;
- if( argc < 3 ){
- print_help(NULL);
- return 1;
- }
- db = NULL;
- option_index = 0;
- static struct option long_options[] = {
- {"batch", 0, 0, 'b'},
- {"clean", 2, 0, 'c'},
- {"export", 2, 0, 'e'},
- {"h", 0, 0, 'h'},
- {"help", 0, 0, 'h'},
- {"import", 2, 0, 'i'},
- {"sql", 1, 0, 's'},
- {"stats", 2, 0, 't'},
- {"statistics", 2, 0, 't'},
- {"verify", 2, 0, 'v'},
- {"vacuum", 2, 0, 'c'},
- // TODO: implement options like '-e essid' to limit
- // operations to a certain essid where possible
- {"essid", 1, 0, 'd'},
- {0, 0, 0, 0 }
- };
- option = getopt_long( argc, argv, "bc:d:e:hi:s:t:v:", long_options, &option_index );
- if( option > 0 )
- {
- switch (option)
- {
- case 'b':
- // Batch
- if ( check_for_db(&db, argv[1], 0, 1) ) {
- return 1;
- }
- batch_process(db);
- break;
- case 'c':
- // Clean
- if ( check_for_db(&db, argv[1], 0, 0) ) {
- return 1;
- }
- vacuum(db, (argc > 3 && strcasecmp(argv[3],"all") == 0) ? 1 : 0);
- break;
- case 'e':
- if (argc < 4) {
- print_help("You must specify an export format.");
- } else if (strcmp(argv[3],"cowpatty")==0) {
- if (argc < 6) {
- print_help("You must specify essid and output file.");
- } else {
- // Export
- if ( check_for_db(&db, argv[1], 0, 0) ) {
- return 1;
- }
- export_cowpatty(db,argv[4],argv[5]);
- }
- } else {
- print_help("Invalid export format specified.");
- }
- break;
- case ':' :
- case '?' :
- case 'h':
- // Show help
- print_help(NULL);
- break;
- case 'i':
- // Import
- if (argc < 5) {
- print_help("You must specifiy an import format and a file.");
- } else if (strcasecmp(argv[3], IMPORT_COWPATTY) == 0) {
- if ( check_for_db(&db, argv[1], 1, 0) ) {
- return 1;
- }
- import_cowpatty(db,argv[4]);
- } else if (strcasecmp(argv[3], IMPORT_ESSID) == 0) {
- if ( check_for_db(&db, argv[1], 1, 0) ) {
- return 1;
- }
- import_ascii(db, IMPORT_ESSID,argv[4]);
- } else if (strcasecmp(argv[3], IMPORT_PASSWD) == 0 || strcasecmp(argv[3],"password") == 0) {
- if ( check_for_db(&db, argv[1], 1, 0) ) {
- return 1;
- }
- import_ascii(db,IMPORT_PASSWD, argv[4]);
- } else {
- print_help("Invalid import format specified.");
- return 1;
- }
- break;
- case 's':
- // SQL
- // We don't know if the SQL order is changing the file or not
- if ( check_for_db(&db, argv[1], 0, 0) ) {
- return 1;
- }
- sql_stdout(db, argv[3], 0);
- break;
- case 't':
- // Stats
- if ( check_for_db(&db, argv[1], 0, 1) ) {
- return 1;
- }
- show_stats(db, (argv[3] == NULL) ? 0 : 1);
- break;
- case 'v':
- // Verify
- if ( check_for_db(&db, argv[1], 0, (argc > 3 && strcasecmp(argv[3],"all")==0) ? 0 : 1) ) {
- return 1;
- }
- verify(db, (argc > 3 && strcasecmp(argv[3],"all")==0) ? 1 : 0);
- break;
- default:
- print_help("Invalid option");
- break;
- }
- }
- else
- {
- print_help(NULL);
- }
- if (db)
- sqlite3_close(db);
- return 0;
- }