edoardoColi
edoardoColi 2 years ago
parent 570d0a7c24
commit b5867b563c

@ -0,0 +1,34 @@
90:B8:32:37:1D:37 2
90:B8:32:37:1D:37 2
90:B8:32:37:1D:37 2
90:B8:32:37:1D:34 2
90:B8:32:37:1D:37 2
90:B8:32:37:1D:37 2
90:B8:32:37:1D:37 2
90:B8:32:37:1D:37 2
90:B8:32:37:1D:37 1
3C:22:FB:28:F7:91 0
90:B8:32:37:1D:37 1
90:B8:32:37:1D:37 2
3C:22:FB:28:F7:91 1
25:18:04:B1:31:E7,25:18:04:B1:31:E7 0X0006
C2:2B:FF:5D:B4:F3 1
90:B8:32:37:1D:37 1
90:B8:32:37:1D:37 1
C2:2B:FF:5D:B4:F3 1
3C:22:FB:28:F7:91 1
3C:22:FB:28:F7:91 2
90:B8:32:37:1D:37 1
90:B8:32:36:E8:77 2
F8:FF:C2:12:A7:E5 1
A2:1F:10:7D:D0:62 1
90:B8:32:36:E8:77 2
90:B8:32:36:E8:77 2
90:B8:32:36:E8:77 2
C2:2B:FF:5D:B4:F3 1
90:B8:32:37:1D:37 1
90:B8:32:37:1D:37 1
C2:2B:FF:5D:B4:F3 1
90:B8:32:37:1D:37 1
12:6E:38:87:38:7D 0
C2:2B:FF:5D:B4:F3 1

@ -18,7 +18,7 @@ _VERBOSE_FLAG='false'
_UNIQ_FLAG='false'
_PROBE_FLAG='false'
#Global parametric variable
_MAX_TO=50000
_UP_TO=50000
#Counters to show the results
_PCKS_CNTR=0
_PCKS_WLAN_CNTR=0
@ -136,17 +136,17 @@ function filtering_away()
verbose_msg "Counting packets with field 'wlan.ssid == $_SSID_REF' in $_FILE_REF"
fi
verbose_msg "Counting packets with filter '$filter' in $_FILE_REF"
(tshark -r $_FILE_REF -T fields -e frame.number -c $_MAX_TO | wc -l >$_TMP/pipe1) & #the symbol '&' runs the command in the background, allowing other commands to be run in parallel.
(tshark -r $_FILE_REF -Y "wlan" -T fields -e frame.number -c $_MAX_TO | wc -l >$_TMP/pipe2) & #the symbol '&' runs the command in the background, allowing other commands to be run in parallel.
(tshark -r $_FILE_REF -T fields -e frame.number -c $_UP_TO | wc -l >$_TMP/pipe1) & #the symbol '&' runs the command in the background, allowing other commands to be run in parallel.
(tshark -r $_FILE_REF -Y "wlan" -T fields -e frame.number -c $_UP_TO | wc -l >$_TMP/pipe2) & #the symbol '&' runs the command in the background, allowing other commands to be run in parallel.
if ! [[ $_SSID_REF == '' ]]; then
(tshark -r $_FILE_REF -Y "wlan.ssid == $_SSID_REF" -T fields -e frame.number -c $_MAX_TO | wc -l >$_TMP/pipe3) & #the symbol '&' runs the command in the background, allowing other commands to be run in parallel.
(tshark -r $_FILE_REF -Y "wlan.ssid == $_SSID_REF" -T fields -e frame.number -c $_UP_TO | wc -l >$_TMP/pipe3) & #the symbol '&' runs the command in the background, allowing other commands to be run in parallel.
else
(echo "(NaN)" >$_TMP/pipe3) &
fi
if [[ $_UNIQ_FLAG == 'true' ]]; then
(tshark -r $_FILE_REF -Y "$filter" -T fields -e wlan.ta -c $_MAX_TO | tr '[:lower:]' '[:upper:]' | sort | uniq | tee >(wc -l > $_TMP/pipe4) >"$_FILE2_TMP") & #the symbol '&' runs the command in the background, allowing other commands to be run in parallel.
(tshark -r $_FILE_REF -Y "$filter" -T fields -e wlan.ta -c $_UP_TO | tr '[:lower:]' '[:upper:]' | sort | uniq | tee >(wc -l > $_TMP/pipe4) >"$_FILE2_TMP") & #the symbol '&' runs the command in the background, allowing other commands to be run in parallel.
else
(tshark -r $_FILE_REF -Y "$filter" -T fields -e wlan.ta -e wlan.fc.type -c $_MAX_TO | tr '[:lower:]' '[:upper:]' | tee >(wc -l > $_TMP/pipe4) >"$_FILE2_TMP") & #the symbol '&' runs the command in the background, allowing other commands to be run in parallel.
(tshark -r $_FILE_REF -Y "$filter" -T fields -e wlan.ta -e wlan.fc.type -c $_UP_TO | tr '[:lower:]' '[:upper:]' | tee >(wc -l > $_TMP/pipe4) >"$_FILE2_TMP") & #the symbol '&' runs the command in the background, allowing other commands to be run in parallel.
fi
while read line; do
verbose_msg " '$line'"
@ -177,22 +177,22 @@ function filtering_away()
fi
#(SEQUENTIAL EXECUTION)
# verbose_msg "Counting packets in $_FILE_REF"
# _PCKS_CNTR=$(tshark -r $_FILE_REF -T fields -e frame.number -c $_MAX_TO | wc -l) #for details see 'man tshark'.
# _PCKS_CNTR=$(tshark -r $_FILE_REF -T fields -e frame.number -c $_UP_TO | wc -l) #for details see 'man tshark'.
# verbose_msg "=> $_PCKS_CNTR"
# verbose_msg "Counting packets with field 'wlan' in $_FILE_REF"
# _PCKS_WLAN_CNTR=$(tshark -r $_FILE_REF -Y "wlan" -T fields -e frame.number -c $_MAX_TO | wc -l) #for details see 'man tshark'.
# _PCKS_WLAN_CNTR=$(tshark -r $_FILE_REF -Y "wlan" -T fields -e frame.number -c $_UP_TO | wc -l) #for details see 'man tshark'.
# verbose_msg "=> $_PCKS_WLAN_CNTR"
# if ! [[ $_SSID_REF == '' ]]; then
# filterSSID="&& (wlan.ssid == $_SSID_REF)" #filter from command line to narrow the scope with a specific SSID.
# verbose_msg "Counting packets with field 'wlan.ssid == $_SSID_REF' in $_FILE_REF"
# _PCKS_SSID_CNTR=$(tshark -r $_FILE_REF -Y "wlan.ssid == $_SSID_REF" -T fields -e frame.number -c $_MAX_TO | wc -l) #for details see 'man tshark'.
# _PCKS_SSID_CNTR=$(tshark -r $_FILE_REF -Y "wlan.ssid == $_SSID_REF" -T fields -e frame.number -c $_UP_TO | wc -l) #for details see 'man tshark'.
# verbose_msg "=> $_PCKS_SSID_CNTR"
# fi
# filter="($scope) && (wlan) $filterSSID" #save the complete filter which wanna use to split the data.
# rm -f $_FILE_TMP $_FILE2_TMP #just as a precaution.
# if [[ $_UNIQ_FLAG == 'true' ]]; then
# verbose_msg "Counting packets with filter '$filter' in $_FILE_REF"
# _SCOPE_ALL_CNTR=$(tshark -r $_FILE_REF -Y "$filter" -T fields -e wlan.ta -c $_MAX_TO | tr '[:lower:]' '[:upper:]' | sort | uniq | tee >(wc -l) >"$_FILE2_TMP") #for details see 'man tshark'. tr swap all upper-case. sort+uniq remove the duplicates. tee split the data in the pipe.
# _SCOPE_ALL_CNTR=$(tshark -r $_FILE_REF -Y "$filter" -T fields -e wlan.ta -c $_UP_TO | tr '[:lower:]' '[:upper:]' | sort | uniq | tee >(wc -l) >"$_FILE2_TMP") #for details see 'man tshark'. tr swap all upper-case. sort+uniq remove the duplicates. tee split the data in the pipe.
# verbose_msg "=> $_SCOPE_ALL_CNTR"
# if [[ $_VERBOSE_FLAG == 'true' ]]; then
# _SCOPE_RAND_CNTR=$(cut -c 1-17 $_FILE2_TMP | awk '/^.[AE26]:..:..:..:..:../{print $1}' | sort | uniq | tee >(wc -l) >"$_FILE_TMP") #cut print selected parts of line. awk is used to consider only MAC specified(x[A E 2 6]:xx:xx:xx:xx:xx). sort+uniq remove the duplicates(seems useless but necessary). tee split the data in the pipe.
@ -201,7 +201,7 @@ function filtering_away()
# fi
# else
# verbose_msg "Counting packets with filter '$filter' in $_FILE_REF"
# _SCOPE_ALL_CNTR=$(tshark -r $_FILE_REF -Y "$filter" -T fields -e wlan.ta -e wlan.fc.type -c $_MAX_TO | tr '[:lower:]' '[:upper:]' | tee >(wc -l) >"$_FILE2_TMP") #for details see 'man tshark'. tr swap all upper-case. tee split the data in the pipe.
# _SCOPE_ALL_CNTR=$(tshark -r $_FILE_REF -Y "$filter" -T fields -e wlan.ta -e wlan.fc.type -c $_UP_TO | tr '[:lower:]' '[:upper:]' | tee >(wc -l) >"$_FILE2_TMP") #for details see 'man tshark'. tr swap all upper-case. tee split the data in the pipe.
# verbose_msg "=> $_SCOPE_ALL_CNTR"
# if [[ $_VERBOSE_FLAG == 'true' ]]; then
# _SCOPE_RAND_CNTR=$(cut -c 1-17 $_FILE2_TMP | awk '/^.[AE26]:..:..:..:..:../{print $1}' | tee >(wc -l) >"$_FILE_TMP") #cut print selected parts of line. awk is used to consider only MAC specified(x[A E 2 6]:xx:xx:xx:xx:xx). tee split the data in the pipe.
@ -279,7 +279,7 @@ else
h) usage $0
exit 0;;
i) _SSID_REF="${OPTARG}" ;;
n) _MAX_TO="${OPTARG}" ;;
n) _UP_TO="${OPTARG}" ;;
p) _PROBE_FLAG='true' ;;
u) _UNIQ_FLAG='true' ;;
v) _VERBOSE_FLAG='true' ;;

@ -6,6 +6,7 @@
3. [Comparison of 5G and 802.11](#comparison-of-5g-and-80211)
4. [Traffic MAC Analyzer (MACshuffle.sh)](#traffic-mac-analyzer-MACshufflesh)
- [Execution](#execution)
- [Security in WPA3](#security-in-wpa3)
## Overview of 5G
5G is the fifth generation of wireless technology that promises to deliver faster data transfer speeds, lower latency, and increased network capacity. It is designed to enable a wide range of new applications and use cases that were previously not possible with 4G technology. 5G technology is based on a new radio access technology which uses higher frequency bands (millimeter waves) than previous generations of wireless technology. This allows 5G networks to deliver much faster data transfer speed. In addition offer greater network capacity, which means they can support more devices for the growth of the Internet of Things (IoT) and also promises to reduce latency to under 1 millisecond, which is critical for real-time applications such as gaming, remote surgery, autonomous machines.
@ -27,23 +28,39 @@ Both 5G and 802.11 are wireless communication technologies that use radio waves
5G and 802.11 will continue to coexist and there would be the possibility for convergence between the two technologies.
## Traffic MAC Analyzer (MACshuffle.sh)
Network layers, play a crucial role in the design and operation of computer networks. These layers provide a structured approach to network communication by dividing the complex process into manageable tasks. Each layer has a specific set of functions and protocols that contribute to the overall operation of the network. From the physical layer responsible for transmitting bits over the physical medium to the application layer that interacts directly with user applications, each layer builds upon the services provided by the layer below it. This hierarchical arrangement allows for modular design, interoperability, and easier troubleshooting. The concept of protocol layers, as defined by models like OSI and TCP/IP, serves as a foundation for efficient and reliable network communication in today's interconnected world.
The MAC (Media Access Control) is a sublayer of the second layer called the "Data Link Layer" in the OSI reference model and the TCP/IP model. MAC is responsible for managing MAC addresses, which are unique identifiers associated with each device's network interface. MAC addresses are used to correctly route data packets to the correct recipient within a local area network.
Support for randomized MAC addresses is not always available on all Android devices due to hardware or software limitations. In some cases, older devices may not be able to support randomized MAC address functionality. In addition, the implementation of randomized MAC addresses may also be affected by the privacy and security policies of the device manufacturer or mobile network operator. Some manufacturers may decide not to implement this feature because it is not part of their security and privacy goals, or because their security policy is to use static MAC addresses for traceability and device identification reasons.
i livelli nei pacchetti. a quale livello esiste il mac. cosa centra WPA3 con 802.11
cosa significa avere usa scheda di rete in monitor mode.
requisiti per l'uso e scopo del programma.
WPA3 (Wi-Fi Protected Access 3) was introduced to improve the security of Wi-Fi networks over the previous version of WPA2 security. Among the main reasons why WPA3 was introduced are:
-Greater resistance to brute-force attacks: WPA3 uses a more robust authentication system than WPA2, based on the Dragonfly authentication algorithm. This makes it harder for attackers to crack down Wi-Fi network passwords.
-Privacy improvements: WPA3 introduces a new forward secrecy encryption protocol that improves user privacy. This means that even if an attacker manages to decrypt the traffic of a Wi-Fi network session, they will not be able to decrypt the traffic of previous or subsequent sessions.
-Security key management vulnerabilities: WPA3 improves security key management over WPA2 by introducing the Simultaneous Authentication of Equals (SAE) key exchange protocol. SAE provides greater protection against dictionary attacks and allows you to set stronger passwords.
Support for randomized MAC addresses is not always available on all Android devices due to hardware or software limitations. In some cases, older devices may not be able to support randomized MAC address functionality. In addition, the implementation of randomized MAC addresses may also be affected by the privacy and security policies of the device manufacturer or mobile network operator. Some manufacturers may decide not to implement this feature because it is not part of their security and privacy goals, or because their security policy is to use static MAC addresses for traceability and device identification reasons.
### Execution
To ensure seamless compatibility the program requires at least Bash v4.4.20, a popular and widely supported shell for Unix-like operating systems. Additionally, it utilizes TShark 3.6.7, a powerful command-line tool for capturing and analyzing network traffic based on the Wireshark engine.
By leveraging the capabilities of Bash and TShark, the MAC Packet Analyzer script provides a user-friendly interface to facilitate counting random MACs against those encountered. We can run the program with the -h flag to get more detailed information.
Below we find some execution references
![Image description](https://github.com/edoardoColi/42_Roma_Luiss/blob/edoardoColi/42cursus/Born2beroot/Installer.png)
<img src=https://github.com/edoardoColi/42_Roma_Luiss/blob/edoardoColi/42cursus/Born2beroot/Installer.png width="60%" height="60%">
cartella con immagini di esecuzioni
```
./MACshuffle.sh -h
```
<img src=https://github.com/edoardoColi/5G_Sandbox/blob/edoardoColi/images/MACshuffle/NOME.png width="60%" height="60%">
### Security in WPA3
WPA3 is a security protocol for Wi-Fi networks introduced by the Wi-Fi Alliance. WPA3 is a security technology that is implemented on Wi-Fi networks based on the 802.11 standard.
WPA3 (Wi-Fi Protected Access 3) was introduced to improve the security of Wi-Fi networks over the previous version of WPA2 security. Among the main reasons why WPA3 was introduced are:
- Greater resistance to brute-force attacks:
WPA3 uses a more robust authentication system than WPA2, based on the Dragonfly authentication algorithm. This makes it harder for attackers to crack down Wi-Fi network passwords.
- Privacy improvements:
WPA3 introduces a new forward secrecy encryption protocol that improves user privacy. This means that even if an attacker manages to decrypt the traffic of a Wi-Fi network session, they will not be able to decrypt the traffic of previous or subsequent sessions.
- Security key management vulnerabilities:
WPA3 improves security key management over WPA2 by introducing the Simultaneous Authentication of Equals (SAE) key exchange protocol. SAE provides greater protection against dictionary attacks and allows you to set stronger passwords.

Loading…
Cancel
Save