Add WLAN Strong Key Generator.

2 files changed, 371 insertions, 1 deletions

diff --git a/usr/local/www/interfaces_wlan.inc b/usr/local/www/interfaces_wlan.inc
index eafff4b..9ee10c5 100755
--- a/usr/local/www/interfaces_wlan.inc
+++ b/usr/local/www/interfaces_wlan.inc
@@ -267,6 +267,9 @@ function wireless_config_print() {
                     40 (64) bit keys may be entered as 5 ASCII characters or 10 
                     hex digits preceded by '0x'.<br>
                     104 (128) bit keys may be entered as 13 ASCII characters or 
-                    26 hex digits preceded by '0x'.</td>
+                    26 hex digits preceded by '0x'.
+		    <p>For assistance creating keys, please see
+		       <a href="javascript:if(openwindow('/wlan_strong_key_generator/generator.php') == false) alert('Popup blocker detected.  Action aborted.');">WLAN Strong Key Generator</a>.
+		   </td>
                 </tr>
 <?php } ?>
diff --git a/usr/local/www/wlan_strong_key_generator/generator.php b/usr/local/www/wlan_strong_key_generator/generator.php
new file mode 100755
index 0000000..f222b09
--- /dev/null
+++ b/usr/local/www/wlan_strong_key_generator/generator.php
@@ -0,0 +1,367 @@
+<html>
+<head>
+<title>WLAN Strong Key Generator version 2.2 by Warewolf Labs ( formerly WEP Strong Key Generator )</title>
+<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
+<script language="JavaScript">
+<!--
+/*
+
+Title:	WLAN Strong Key Generator (wlanSKG) version 2.2
+
+		(formerly WEP Strong Key Generator)
+
+Author: Chris Elliott
+		Warewolf Labs
+		www.warewolflabs.com
+
+Release Notes:
+
+=== 	version 2.2
+
+Date:	2005-01-25
+
+Info:	1. Contains minor updates to the instructions in preparation for a full rewrite and
+		increase in functionality of this script (i.e. WPA-PSK generation, etc.), slated
+		for a later release (2.3+).	
+
+
+====	version 2.1
+
+
+Version: 2.1		
+Date:	2002-12-14
+
+Info:	A JavaScript program written to enable Wireless LAN (WLAN) administrators 
+        to quickly create strong keys for implementing Wired Equivalent Privacy 
+        (WEP) as a first line of defense in strengthening the security of their 
+        wireless networks. Keys can be selectively generated for use with 64-, 
+        128-, 152-, and 256-bit WEP key lengths.  Additionally, user-defined pass
+		phrases can be converted to Hex format for use as WEP keys (more info below).
+
+	    It has been freely released to the public as part of an effort to increase 
+        awareness of WLAN security issues, and to increase the baseline security 
+        of current and future installations.
+		
+		While this file may be freely distributed, the copyright has been retained
+		for all code generated by Chris Elliott / Warewolf Labs, and this information 
+        must remain intact (i.e. don't pretend that you or your company wrote this, or
+        offer it to your clients without giving due credit).
+		
+		The addition of the custom passphrase code in version 2.1 was based on a 
+		suggestion/initial implementation by Kraix (www.kraix.com); additionally, Kraix 
+		supplied some needed refinements to the instructions included for this program.  
+		Much thanks is in order for those things, as they provided the impetus to update 
+		this script from its original release in order to support 256-bit WEP keys along 
+		with some other touch-ups.
+
+*/
+
+// initialize WEP key variables
+
+var ascWEPkey = '';
+var hexWEPkey = '';
+
+// creates an array of 95 possible characters from which to choose for generating our WEP key
+var charArray = new Array(' ', '!', '"', '#', '$', '%', '&', '\'', '(', ')', '*', '+', ',', '-', '.', '/', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', ':', ';', '<', '=', '>', '?', '@', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '[', '\\', ']', '^', '_', '\'', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '{', '|', '}', '~');
+
+// functions
+
+function gen_prn() {					// generates a pseudo-random number
+
+	return Math.floor(Math.random() * charArray.length); // range is 0 ~ 94
+}
+
+function gen_key(keyLengthInBytes) {	// generate a WEP key with the specified key length in bytes (5/13/16/29 bytes for 64/128/152/256-bit WEP)
+	
+	for (i = 0; i < keyLengthInBytes; i++)
+	{
+		ascWEPkey += charArray[gen_prn()];  // creates the ASCII version of the WEP key
+	}
+
+	for (i = 0; i < ascWEPkey.length; i++)
+	{
+    	hexWEPkey += ascWEPkey.charCodeAt(i).toString(16);   // creates the HEX WEP key from the ASCII 
+	}
+}
+
+function write_key(tf) {	// write the WEP key into the form text fields
+    tf.ascKeyTextField.value = ascWEPkey;
+    tf.hexKeyTextField.value = hexWEPkey;
+}
+
+function reset_key() {		// reset the WEP key variables for further use
+	ascWEPkey = '';
+	hexWEPkey = '';
+}
+
+function go(form, klib) {	// trigger function to generate a key, display the output, and then reset the variables
+
+	gen_key(klib);
+	write_key(form);
+	reset_key();
+}
+
+function go_ck(form) {		// trigger function to generate a custom key from a user-supplied pass phrase
+							// checking for proper key lengths is left up to the user
+							
+	if ( form.customPhraseField.value != '') // did they actually enter anything?
+	{
+		ascWEPkey = form.customPhraseField.value;
+		for (i = 0; i < ascWEPkey.length; i++)
+			hexWEPkey += ascWEPkey.charCodeAt(i).toString(16);   // creates the HEX WEP key from the ASCII
+	}
+	else
+	{
+		alert("Please enter a pass phrase.");
+	}
+	write_key(form);
+	reset_key();
+}
+
+// -->
+</script>
+<script language="Javascript">
+<!--
+
+/*
+Highlight and Copy form element script- By Dynamicdrive.com
+For full source, Terms of service, and 100s DTHML scripts
+Visit http://www.dynamicdrive.com
+*/
+
+//specify whether contents should be auto copied to clipboard (memory)
+//Applies only to IE 4+
+var copytoclip=1
+
+function HighlightAll(theField) {
+var tempval=eval("document."+theField)
+tempval.focus()
+tempval.select()
+if (document.all&&copytoclip==1){
+therange=tempval.createTextRange()
+therange.execCommand("Copy")
+window.status="Contents highlighted and copied to clipboard!"
+setTimeout("window.status=''",1800)
+}
+}
+//-->
+</script>
+
+<style type="text/css">
+<!--
+.button {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10px; font-weight: bold; color: #FFFFFF; background-color: #6699FF}
+.header {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 14px; font-weight: bold; color: #000000; background-color: #FFFFFF; border-color: #999999 #999999 #000000 #000000; text-decoration: underline}
+.textfield {  font-family: "Courier New", Courier, mono; font-size: 12px}
+.header2 { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; font-weight: bold; color: #000000; background-color: #FFFFFF; border-color: #999999 #999999 #000000 #000000; text-decoration: underline}
+p {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10px; color: #000000}
+-->
+</style>
+</head>
+<body bgcolor="#FFFFFF" text="#000000">
+<form name="sweps" method="post" action="">
+  <p class="header">WLAN STRONG KEY GENERATOR v2.2 by Warewolf Labs</p>
+
+  <p><b>NEWS &amp; UPDATES</b>:</p>
+	<p><u>2005-01-25</u>: This program was originally written and freely 
+	distributed in 2001 with the goal of allowing the average consumer to easily 
+	lock down their wireless network with WEP, while at the same time employing 
+	something stronger than simple, easily-guessed words or phrases that were 
+	susceptible to offline dictionary attacks.&nbsp; </p>
+	<p>Much has changed in the wireless network security landscape since the 
+	inception of this program.&nbsp; Techniques and programs are now available 
+	(cf. the article
+	<a target="_blank" href="http://securityfocus.com/infocus/1814">here</a>) 
+	which can crack a WEP key in such a short period, that any 
+	last vestiges of credibility that WEP may have once held in providing 
+	effective security have been cast out.</p>
+
+	<p>Therefore, it is important to realize that WEP (regardless of key 
+	strength) will only keep out casual 
+	intruders, and any concerted effort will allow an attacker into your network 
+	without too much trouble.&nbsp; With this caveat in mind, the generation of 
+	WEP keys will remain intact in this tool to allow for some (albeit slim) 
+	measure of protection for network devices which are limited to WEP-based 
+	protective measures. </p>
+	<p>A future release of the WLAN Strong Key Generator will provide the 
+	capability to generate a strong Wi-Fi Protected Access Pre-Shared Key 
+	(WPA-PSK).</p>
+	<p><b>INSTRUCTIONS</b>:</p>
+	<p>To generate a <a href="#random">random WEP key</a>, select the bit key length 
+    to generate and press the corresponding button; the ASCII or HEX key can then 
+    be copied to your clipboard manually or via the &quot;<b>copy to clipboard</b>&quot; button to 
+    the right of the <a href="#generated_key">Generated Key</a> text fields.&nbsp; 
+	Note that in order to be as platform-independent as possible, characters 
+	used for generation of these keys are limited to a subset of 
+	the basic ASCII code table (95 elements, including the letters &quot;a&quot; to &quot;z&quot;, &quot;A&quot; to &quot;Z&quot;, 
+	and most 
+	punctuation and other standard symbols; at the time that this original 
+	program was written, support for Unicode was not widely present 
+	among the installed base of consumer operating systems to allow for the inclusion of extended characters which would increase the strength of WEP 
+	keys generated with this program).</p>
+
+  <p>You can also generate a <a href="#custom">custom WEP key</a> based on your 
+    own pass phrase or other input.&nbsp; <u>IMPORTANT:</u> this function simply 
+	converts your supplied input from ASCII to HEX form; it does not apply 
+	any other transformations or algorithms upon it, therefore <i>your custom 
+	key will only be as strong as your source material</i>.</p>
+  <p>A good primer on WEP key setup and terms is located <a href="http://www.practicallynetworked.com/support/mixed_wep.htm" target="_blank">here</a>.</p>
+
+  <p><b>NOTES</b>:</p>
+  <p><!-- begin / added by Kraix -->
+   - If your product vendor requests 40-bit keys, use the 64-bit key<br>
+    - If your product vendor requests 104-bit keys, use the 128-bit key<br>
+	<!-- end / added by Kraix -->
+    - Apple users can enter HEX keys into their AirPort setup by prefixing the 
+    generated string with a&quot;<b>$</b>&quot; symbol<br>
+
+    (i.e. if the generated HEX code is <span class="textfield"><b>6b5e454532</b></span> 
+    then you would enter <span class="textfield"><b>$6b5e454532</b></span> into 
+    your configuration)</p>
+  <table border="0" cellspacing="0" cellpadding="0">
+    <tr> 
+      <td align="right" class="header2" width="120"><a name="random">Random WEP Key</a></td>
+      <td width="10">&nbsp;</td>
+
+      <td width="150">&nbsp;</td>
+    </tr>
+    <tr> 
+      <td align="right" width="120"><img src="images/key_64.gif" width="81" height="42"></td>
+      <td>&nbsp;</td>
+      <td width="150"> 
+        <input type="button" class="button" name="gen64" value="generate 64-bit key" onClick="javascript:go(this.form, 5)">
+      </td>
+    </tr>
+    <tr> 
+      <td align="right" width="120">&nbsp;</td>
+
+      <td>&nbsp;</td>
+      <td width="150">&nbsp;</td>
+    </tr>
+    <tr> 
+      <td align="right" width="120"><img src="images/key_128.gif" width="94" height="42"></td>
+      <td>&nbsp;</td>
+      <td width="150"> 
+        <input type="button" class="button" name="gen128" value="generate 128-bit key" onClick="javascript:go(this.form, 13)">
+      </td>
+    </tr>
+
+    <tr> 
+      <td align="right" width="120">&nbsp;</td>
+      <td>&nbsp;</td>
+      <td width="150">&nbsp;</td>
+    </tr>
+    <tr> 
+      <td align="right" width="120"><img src="images/key_152.gif" width="94" height="42"></td>
+      <td>&nbsp;</td>
+      <td width="150"> 
+        <input type="button" class="button" name="gen152" value="generate 152-bit key" onClick="javascript:go(this.form, 16)">
+
+      </td>
+    </tr>
+    <tr> 
+      <td width="120">&nbsp;</td>
+      <td>&nbsp;</td>
+      <td width="150">&nbsp;</td>
+    </tr>
+    <tr> 
+      <td align="right" width="120"><img src="images/key_256.gif" width="94" height="42"></td>
+      <td>&nbsp;</td>
+
+      <td width="150"> 
+        <input type="button" class="button" name="gen256" value="generate 256-bit key" onClick="javascript:go(this.form, 29)">
+      </td>
+    </tr>
+    <tr> 
+      <td width="120">&nbsp;</td>
+      <td>&nbsp;</td>
+      <td width="150">&nbsp;</td>
+    </tr>
+    <tr> 
+      <td width="120"> 
+        <p align="left" class="header2"><a name="custom">Custom WEP Key</a></p>
+
+      </td>
+      <td>&nbsp;</td>
+      <td width="150">&nbsp;</td>
+    </tr>
+    <tr> 
+      <td colspan="3"> 
+        <p align="left"><b>NOTE</b>: 5/13/16/29 characters are needed for 64/128/152/256-bit 
+          WEP</p>
+      </td>
+    </tr>
+
+    <tr> 
+      <td width="120"> 
+        <p align="right">Custom Phrase</p>
+      </td>
+      <td>&nbsp;</td>
+      <td width="150" valign="top"> 
+        <p> 
+          <input type="text" name="customPhraseField" size="30" class="textfield" maxlength="29" value="enter your phrase here" onClick="this.value=''"; onChange="document.sweps.customPhraseCCField.value=document.sweps.customPhraseField.value.length;" onBlur="document.sweps.customPhraseCCField.value=document.sweps.customPhraseField.value.length;">
+        </p>
+      </td>
+
+    </tr>
+    <tr> 
+      <td width="120"> 
+        <p align="right">Character Count</p>
+      </td>
+      <td>&nbsp;</td>
+      <td width="150" valign="middle"> 
+        <p> 
+          <input type="text" name="customPhraseCCField" size="2" class="textfield" maxlength="2">
+        </p>
+
+      </td>
+    </tr>
+    <tr> 
+      <td width="120">&nbsp;</td>
+      <td>&nbsp;</td>
+      <td width="150" valign="middle"> 
+        <input type="button" class="button" name="genck" value="generate custom key" onClick="javascript:go_ck(this.form)">
+      </td>
+    </tr>
+  </table>
+
+  <br>
+  <table width="500" border="0" cellspacing="0" cellpadding="0">
+    <tr> 
+      <td align="left" colspan="3"> 
+        <p></p>
+        <p class="header2"><a name="generated_key">Generated Key</a></p>
+      </td>
+      <td>&nbsp; </td>
+    </tr>
+
+    <tr> 
+      <td align="right" width="125"> 
+        <p></p>
+        <p>ASCII</p>
+      </td>
+      <td width="10">&nbsp;</td>
+      <td> 
+        <input type="text" name="ascKeyTextField" size="60" class="textfield" maxlength="29">
+      </td>
+      <td> 
+        <input type="button" name="copyASCII" value="copy to clipboard" onClick="javascript:HighlightAll('sweps.ascKeyTextField')" class="button">
+
+      </td>
+    </tr>
+    <tr> 
+      <td align="right" width="125"> 
+        <p>HEX</p>
+      </td>
+      <td>&nbsp;</td>
+      <td> 
+        <input type="text" name="hexKeyTextField" size="60" class="textfield" maxlength="58">
+      </td>
+
+      <td> 
+        <input type="button" name="copyHEX" value="copy to clipboard" onClick="javascript:HighlightAll('sweps.hexKeyTextField')" class="button">
+      </td>
+    </tr>
+  </table>
+</form>
+</body>
+</html>