krackattacks-scripts icon indicating copy to clipboard operation
krackattacks-scripts copied to clipboard
verified publisher icon vanhoefm

no module Crypto

Open Diablox00 opened this issue 1 year ago • 7 comments

└─$ ./krack-test-client.py --replay-broadcast Traceback (most recent call last): File "/opt/krackattacks-scripts/krackattack/./krack-test-client.py", line 12, in import libwifi File "/opt/krackattacks-scripts/krackattack/libwifi/init.py", line 1, in from .wifi import * File "/opt/krackattacks-scripts/krackattack/libwifi/wifi.py", line 6, in from Crypto.Cipher import AES ModuleNotFoundError: No module named 'Crypto'

┌──(diablo㉿diablo)-[/opt/krackattacks-scripts/krackattack] └─$ pip install Crypto DEPRECATION: Python 2.7 reached the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 is no longer maintained. pip 21.0 will drop support for Python 2.7 in January 2021. More details about Python 2 support in pip can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support pip 21.0 will remove support for this functionality. Defaulting to user installation because normal site-packages is not writeable Requirement already satisfied: Crypto in /home/diablo/.local/lib/python2.7/site-packages (1.4.1) Requirement already satisfied: shellescape in /home/diablo/.local/lib/python2.7/site-packages (from Crypto) (3.8.1) Requirement already satisfied: Naked in /home/diablo/.local/lib/python2.7/site-packages (from Crypto) (0.1.32) Requirement already satisfied: requests in /usr/local/lib/python2.7/dist-packages (from Naked->Crypto) (2.2.1) Requirement already satisfied: pyyaml in /home/diablo/.local/lib/python2.7/site-packages (from Naked->Crypto) (5.4.1)

┌──(diablo㉿diablo)-[/opt/krackattacks-scripts/krackattack] └─$ ./krack-test-client.py --replay-broadcast Traceback (most recent call last): File "/opt/krackattacks-scripts/krackattack/./krack-test-client.py", line 12, in import libwifi File "/opt/krackattacks-scripts/krackattack/libwifi/init.py", line 1, in from .wifi import * File "/opt/krackattacks-scripts/krackattack/libwifi/wifi.py", line 6, in from Crypto.Cipher import AES ModuleNotFoundError: No module named 'Crypto'

Diablox00 avatar Dec 29 '24 06:12 Diablox00

Did you create and load the python virtual environment?

vanhoefm avatar Dec 29 '24 09:12 vanhoefm

I'm also facing the same issue. Additionally, I believe the issue is related to OpenSSL. Because in latest version of Kali, the OpenSSL version is 3.

john19922 avatar Mar 17 '25 15:03 john19922

Same question: did you install and load the Python virtual environment? That should ensure that these dependencies are available. So first execute ./pysetup.sh then load using sudo su followed by source venv/bin/activate.

vanhoefm avatar Mar 17 '25 16:03 vanhoefm

Same question: did you install and load the Python virtual environment? That should ensure that these dependencies are available. So first execute ./pysetup.sh then load using sudo su followed by source venv/bin/activate.

I finally got it working, though I'm facing challenges because the USB dongle I'm using does not support disabling hardware encryption.

  1. I'm using RTL8821AU, tried both driver rtw88 & RTL8821AU Chipsets - v5.12.5.2
  2. Two dongle of MT7612u & MT7921 each

Here is the log

./krack-test-client.py [23:27:08] Note: disable Wi-Fi in network manager & disable hardware encryption. Both may interfere with this script. [23:27:13] Starting hostapd ... Configuration file: /home/user/Desktop/krackattacks-scripts/krackattack/hostapd.conf Using interface wlan0 with hwaddr c0:06:c3:f6:84:f2 and ssid "testnetwork" wlan0: interface state UNINITIALIZED->ENABLED wlan0: AP-ENABLED [23:27:14] Ready. Connect to this Access Point to start the tests. Make sure the client requests an IP using DHCP! [23:27:15] Reset PN for GTK [23:27:18] Reset PN for GTK [23:27:20] Reset PN for GTK wlan0: STA 56:03:21:3d:85:df IEEE 802.11: authenticated wlan0: STA 56:03:21:3d:85:df IEEE 802.11: associated (aid 1) wlan0: AP-STA-CONNECTED 56:03:21:3d:85:df wlan0: STA 56:03:21:3d:85:df RADIUS: starting accounting session 598760320DBEABAE [23:27:22] 56:03:21:3d:85:df: 4-way handshake completed (RSN) [23:27:22] Reset PN for GTK [23:27:22] Hardware decryption detected! Attemping to still detect IV reuse, but this is unreliable. [23:27:22] !!! Ideally you disable hardware decryption or use a different network card !!! [23:27:22] E.g., detecting all-zero key use may currently be unreliable, and with some network [23:27:22] cards key reinstallations cannot be detected at all currently... [23:27:22] 56:03:21:3d:85:df: DHCP reply 192.168.100.2 to 56:03:21:3d:85:df [23:27:22] 56:03:21:3d:85:df: DHCP reply 192.168.100.2 to 56:03:21:3d:85:df [23:27:24] Reset PN for GTK [23:27:24] Failed to execute command RESEND_M3 9e:fa:5d:f9:f9:96 [23:27:24] Closing hostapd and cleaning up ... wlan0: interface state ENABLED->DISABLED wlan0: AP-STA-DISCONNECTED 56:03:21:3d:85:df wlan0: AP-DISABLED wlan0: CTRL-EVENT-TERMINATING nl80211: deinit ifname=wlan0 disabled_11b_rates=0

john19922 avatar Mar 18 '25 17:03 john19922

I finally got it working

Can you clarify what you did, so others with the same issue can also try your solution?

though I'm facing challenges because the USB dongle I'm using does not support disabling hardware encryption.

It's indeed best to disable hardware decryption. That being said, the error you got seems to be unrelated to hardware decryption. Can you execute the script with the extra parameter --debug?

vanhoefm avatar Mar 18 '25 18:03 vanhoefm

I finally got it working

Can you clarify what you did, so others with the same issue can also try your solution?

though I'm facing challenges because the USB dongle I'm using does not support disabling hardware encryption.

It's indeed best to disable hardware decryption. That being said, the error you got seems to be unrelated to hardware decryption. Can you execute the script with the extra parameter --debug?

I installed Python virtual environment with ./pysetup.sh Then disabled my wifi along with network manager nmcli radio wifi off & sudo systemctl stop NetworkManager. Then used sudo rfkill unblock wifi then load using sudo su followed by source venv/bin/activate.

Additionally, can you help, how to disable hardware encryption for below mentioned dongles

  • I'm using RTL8821AU, tried both driver rtw88 & RTL8821AU Chipsets - v5.12.5.2
  • Two dongle of MT7612u & MT7921 each

Here is the debug

./krack-test-client.py --debug           
[23:37:12] Note: disable Wi-Fi in network manager & disable hardware encryption. Both may interfere with this script.
[23:37:17] Starting hostapd ...
Configuration file: /home/user/Desktop/krackattacks-scripts/krackattack/hostapd.conf
Using interface wlan0 with hwaddr c0:06:c3:f6:84:f2 and ssid "testnetwork"
wlan0: interface state UNINITIALIZED->ENABLED
wlan0: AP-ENABLED 
[23:37:18] Ready. Connect to this Access Point to start the tests. Make sure the client requests an IP using DHCP!
[23:37:19] Reset PN for GTK
[23:37:21] Reset PN for GTK
[23:37:23] Reset PN for GTK
[23:37:25] Reset PN for GTK
[23:37:28] Reset PN for GTK
[23:37:30] Reset PN for GTK
[23:37:32] Reset PN for GTK
[23:37:34] Reset PN for GTK
[23:37:36] Reset PN for GTK
[23:37:38] Reset PN for GTK
[23:37:40] Reset PN for GTK
[23:37:42] Reset PN for GTK
[23:37:45] Reset PN for GTK
wlan0: STA 56:03:21:3d:85:df IEEE 802.11: authenticated
wlan0: STA 56:03:21:3d:85:df IEEE 802.11: associated (aid 1)
wlan0: AP-STA-CONNECTED 56:03:21:3d:85:df
wlan0: STA 56:03:21:3d:85:df RADIUS: starting accounting session 559F846030232993
[23:37:46] 56:03:21:3d:85:df: 4-way handshake completed (RSN)
[23:37:46] Hardware decryption detected! Attemping to still detect IV reuse, but this is unreliable.
[23:37:46] !!! Ideally you disable hardware decryption or use a different network card !!!
[23:37:46] E.g., detecting all-zero key use may currently be unreliable, and with some network
[23:37:46]       cards key reinstallations cannot be detected at all currently...
[23:37:46] 56:03:21:3d:85:df: transmitted data using IV=1 (seq=0)
[23:37:46] 56:03:21:3d:85:df: transmitted data using IV=1 (seq=0)
[23:37:46] 56:03:21:3d:85:df: transmitted data using IV=2 (seq=1)
[23:37:46] 56:03:21:3d:85:df: DHCP reply 192.168.100.2 to 56:03:21:3d:85:df
[23:37:46] 56:03:21:3d:85:df: transmitted data using IV=3 (seq=2)
[23:37:46] 56:03:21:3d:85:df: transmitted data using IV=4 (seq=3)
[23:37:46] 56:03:21:3d:85:df: transmitted data using IV=5 (seq=4)
[23:37:47] 56:03:21:3d:85:df: transmitted data using IV=6 (seq=5)
[23:37:47] 56:03:21:3d:85:df: transmitted data using IV=7 (seq=6)
[23:37:47] 56:03:21:3d:85:df: transmitted data using IV=8 (seq=7)
[23:37:47] 56:03:21:3d:85:df: transmitted data using IV=9 (seq=8)
[23:37:47] 56:03:21:3d:85:df: transmitted data using IV=10 (seq=9)
[23:37:47] 56:03:21:3d:85:df: transmitted data using IV=11 (seq=10)
[23:37:47] 56:03:21:3d:85:df: transmitted data using IV=12 (seq=11)
[23:37:47] Reset PN for GTK
[23:37:47] 56:03:21:3d:85:df: sending a new 4-way message 3 where the GTK has a zero RSC
[23:37:47] 56:03:21:3d:85:df: received a new message 4
[23:37:48] 56:03:21:3d:85:df: client has IP address -> now sending replayed broadcast ARP packets
[23:37:48] 56:03:21:3d:85:df: sending broadcast ARP to 192.168.100.2 from 192.168.100.1 (sent 0 ARPs this interval)
[23:37:48] 56:03:21:3d:85:df: transmitted data using IV=13 (seq=12)
[23:37:48] 56:03:21:3d:85:df: transmitted data using IV=14 (seq=13)
[23:37:48] 56:03:21:3d:85:df: transmitted data using IV=15 (seq=14)
[23:37:48] 56:03:21:3d:85:df: transmitted data using IV=16 (seq=15)
[23:37:48] 56:03:21:3d:85:df: transmitted data using IV=17 (seq=16)
[23:37:48] 56:03:21:3d:85:df: transmitted data using IV=18 (seq=17)
[23:37:48] 56:03:21:3d:85:df: transmitted data using IV=19 (seq=18)
[23:37:48] 56:03:21:3d:85:df: transmitted data using IV=20 (seq=19)
[23:37:48] 56:03:21:3d:85:df: transmitted data using IV=21 (seq=20)
[23:37:48] 56:03:21:3d:85:df: transmitted data using IV=22 (seq=21)
[23:37:48] 56:03:21:3d:85:df: transmitted data using IV=24 (seq=23)
[23:37:48] 56:03:21:3d:85:df: transmitted data using IV=25 (seq=24)
[23:37:48] 56:03:21:3d:85:df: transmitted data using IV=26 (seq=25)
[23:37:49] 56:03:21:3d:85:df: transmitted data using IV=27 (seq=26)
[23:37:49] Reset PN for GTK
[23:37:49] 56:03:21:3d:85:df: sending a new 4-way message 3 where the GTK has a zero RSC
[23:37:49] 56:03:21:3d:85:df: received a new message 4
[23:37:50] 56:03:21:3d:85:df: sending broadcast ARP to 192.168.100.2 from 192.168.100.1 (sent 1 ARPs this interval)
[23:37:50] 56:03:21:3d:85:df: transmitted data using IV=28 (seq=27)
[23:37:50] 56:03:21:3d:85:df: transmitted data using IV=29 (seq=28)
[23:37:50] 56:03:21:3d:85:df: transmitted data using IV=30 (seq=29)
[23:37:50] 56:03:21:3d:85:df: transmitted data using IV=31 (seq=30)
[23:37:50] 56:03:21:3d:85:df: transmitted data using IV=32 (seq=31)
[23:37:51] Reset PN for GTK
[23:37:51] 56:03:21:3d:85:df: sending a new 4-way message 3 where the GTK has a zero RSC
[23:37:51] 56:03:21:3d:85:df: received a new message 4
[23:37:52] 56:03:21:3d:85:df: sending broadcast ARP to 192.168.100.2 from 192.168.100.1 (sent 2 ARPs this interval)
[23:37:52] 56:03:21:3d:85:df: transmitted data using IV=33 (seq=32)
[23:37:52] 56:03:21:3d:85:df: no pairwise IV resets seem to have occured for one interval
[23:37:52] 56:03:21:3d:85:df: transmitted data using IV=34 (seq=33)
[23:37:52] 56:03:21:3d:85:df: transmitted data using IV=35 (seq=34)
[23:37:52] 56:03:21:3d:85:df: transmitted data using IV=36 (seq=35)
[23:37:52] 56:03:21:3d:85:df: transmitted data using IV=37 (seq=36)
[23:37:52] 56:03:21:3d:85:df: transmitted data using IV=38 (seq=37)
[23:37:52] 56:03:21:3d:85:df: transmitted data using IV=39 (seq=38)
[23:37:52] 56:03:21:3d:85:df: transmitted data using IV=40 (seq=39)
[23:37:52] 56:03:21:3d:85:df: transmitted data using IV=41 (seq=40)
[23:37:52] 56:03:21:3d:85:df: transmitted data using IV=42 (seq=41)
[23:37:53] Reset PN for GTK
[23:37:53] 56:03:21:3d:85:df: sending a new 4-way message 3 where the GTK has a zero RSC
[23:37:53] 56:03:21:3d:85:df: received a new message 4
[23:37:54] 56:03:21:3d:85:df: sending broadcast ARP to 192.168.100.2 from 192.168.100.1 (sent 3 ARPs this interval)
[23:37:54] 56:03:21:3d:85:df: transmitted data using IV=43 (seq=42)
[23:37:54] 9e:fa:5d:f9:f9:96: transmitted data using IV=44 (seq=43)
[23:37:54] 56:03:21:3d:85:df: transmitted data using IV=45 (seq=44)
[23:37:55] 56:03:21:3d:85:df: transmitted data using IV=46 (seq=45)
[23:37:55] 56:03:21:3d:85:df: transmitted data using IV=47 (seq=46)
[23:37:55] 56:03:21:3d:85:df: transmitted data using IV=48 (seq=47)
[23:37:55] 56:03:21:3d:85:df: transmitted data using IV=49 (seq=48)
[23:37:55] Reset PN for GTK
[23:37:55] 56:03:21:3d:85:df: sending a new 4-way message 3 where the GTK has a zero RSC
[23:37:55] 56:03:21:3d:85:df: received a new message 4
[23:37:56] 56:03:21:3d:85:df: sending broadcast ARP to 192.168.100.2 from 192.168.100.1 (sent 4 ARPs this interval)
[23:37:56] Failed to execute command RESEND_M3 9e:fa:5d:f9:f9:96
[23:37:56] Closing hostapd and cleaning up ...
wlan0: interface state ENABLED->DISABLED
wlan0: AP-STA-DISCONNECTED 56:03:21:3d:85:df
wlan0: AP-DISABLED 
wlan0: CTRL-EVENT-TERMINATING 
nl80211: deinit ifname=wlan0 disabled_11b_rates=0

john19922 avatar Mar 18 '25 18:03 john19922

Can you try the command ./krack-test-client.py --debug -dd -K. Disabling hardware encryption depends on the specific network card, did you try sudo ./disable-hwcrypto.sh?

vanhoefm avatar Mar 18 '25 19:03 vanhoefm