The variable 'i' was of type uint_fast8_t which most compiler typedef as
unsigned char or uint8_t which both (in C99) can hold a number between 0
and 255. This could cause an integer overflow when seed was found in
mode 3 but the the program was unsuccessful to recover the PIN within
the first 255 tries of the first time window set in the future.
This bug was introduced when the constant MODE3_TRIES was increased to
10 minutes (60 * 10 = 600 which is > 255) in commit (d3e4aab).
Removed all the code non relevant for the current implementation. This
should make a noticeable difference in speed and possibly allow the
compiler to optimize even more.
This option is used to optionally decrypt ES-1 directly from M5, when
the Enrollee proves to the Registrar to know the PIN. As of right now it
must be used in conjunction with -7. With the introduction of this new
option, the display of ES-2 (and ES-1 when -5 is supplied) has been
added to the output.
DESTDIR gets only used in the install target, so prefix doesn't get
cluttered and can be used internally to reference file dependencies.
e.g. if for example a DB would be used, the filename to the DB could
be passed in CPPFLAGS like "-DDBPATH=$(PREFIX)/share/pixiewps.db".
this doesn't happen at the moment, but it's good practice to follow
the conventions.
additionally, remove the "rm" command in the install target - running
`make install` should never ever delete files from user's prefix.
toolchains from https://sourceforge.net/projects/mingw-w64/ don't
define PTHREAD_STACK_MIN, and when using pthread_attr_t fail due to
internal bugs in their atomics implementation:
__buildlogicali(_InterlockedAnd, __LONG32, and)
mingw32/include/psdk_inc/intrin-impl.h:977:1:
error: static declaration of '_InterlockedAnd' follows non-static declaration
OTOH, they implement pthread support without the need of external DLL's,
so using them might be preferable.
This option is used to decrypt the field encrypted settings in M7, which
contains the wireless configuration of the AP. This option exploits a
misconfigured crypto library that always generates the same random
number, resulting in always generating the same static Private key (and
Public key). Hence, Diffie-Hellman encryption can be broken and the
passphrase recovered by anyone passively sniffing the air.
GLIBC defaults to giving new threads an insanely huge 8MB stack each, which
causes unnecessary memory waste. we set it to a conservative 64KB, even though
we need less than 1KB ourselves, to give sufficient leeway to buffers used
by libc itself when calling out to some of its functions.
a user-defined number of jobs (N) is started, each one is assigned
SECS_PER_JOB_BLOCK seeds to iterate over, after finishing the block
N * SECS_PER_JOB_BLOCK jobs are skipped, and it goes on again.
that way it is assured that more recent seeds get treated first.
in preliminary tests with a seed 2 years ago, using 8 jobs the
cracking time was reduced from 77 to 24 seconds.
it is possible that adjusting SECS_PER_JOB_BLOCK to a higher value
than currently speeds up cracking even more, since there will be
less "interruptions" in the CPUs branch prediction.
for compatibility with POSIX getopt, non-option arguments
should be grouped together, since on the first occurence
of such an argument, it will consider all following arguments
non-option arguments too. this could be an issue with alternative
libc implementations.
