diff options
-rwxr-xr-x | usr/local/www/interfaces_wlan.inc | 5 | ||||
-rwxr-xr-x | usr/local/www/wlan_strong_key_generator/generator.php | 367 |
2 files changed, 371 insertions, 1 deletions
diff --git a/usr/local/www/interfaces_wlan.inc b/usr/local/www/interfaces_wlan.inc index eafff4b..9ee10c5 100755 --- a/usr/local/www/interfaces_wlan.inc +++ b/usr/local/www/interfaces_wlan.inc @@ -267,6 +267,9 @@ function wireless_config_print() { 40 (64) bit keys may be entered as 5 ASCII characters or 10 hex digits preceded by '0x'.<br> 104 (128) bit keys may be entered as 13 ASCII characters or - 26 hex digits preceded by '0x'.</td> + 26 hex digits preceded by '0x'. + <p>For assistance creating keys, please see + <a href="javascript:if(openwindow('/wlan_strong_key_generator/generator.php') == false) alert('Popup blocker detected. Action aborted.');">WLAN Strong Key Generator</a>. + </td> </tr> <?php } ?> diff --git a/usr/local/www/wlan_strong_key_generator/generator.php b/usr/local/www/wlan_strong_key_generator/generator.php new file mode 100755 index 0000000..f222b09 --- /dev/null +++ b/usr/local/www/wlan_strong_key_generator/generator.php @@ -0,0 +1,367 @@ +<html> +<head> +<title>WLAN Strong Key Generator version 2.2 by Warewolf Labs ( formerly WEP Strong Key Generator )</title> +<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> +<script language="JavaScript"> +<!-- +/* + +Title: WLAN Strong Key Generator (wlanSKG) version 2.2 + + (formerly WEP Strong Key Generator) + +Author: Chris Elliott + Warewolf Labs + www.warewolflabs.com + +Release Notes: + +=== version 2.2 + +Date: 2005-01-25 + +Info: 1. Contains minor updates to the instructions in preparation for a full rewrite and + increase in functionality of this script (i.e. WPA-PSK generation, etc.), slated + for a later release (2.3+). + + +==== version 2.1 + + +Version: 2.1 +Date: 2002-12-14 + +Info: A JavaScript program written to enable Wireless LAN (WLAN) administrators + to quickly create strong keys for implementing Wired Equivalent Privacy + (WEP) as a first line of defense in strengthening the security of their + wireless networks. Keys can be selectively generated for use with 64-, + 128-, 152-, and 256-bit WEP key lengths. Additionally, user-defined pass + phrases can be converted to Hex format for use as WEP keys (more info below). + + It has been freely released to the public as part of an effort to increase + awareness of WLAN security issues, and to increase the baseline security + of current and future installations. + + While this file may be freely distributed, the copyright has been retained + for all code generated by Chris Elliott / Warewolf Labs, and this information + must remain intact (i.e. don't pretend that you or your company wrote this, or + offer it to your clients without giving due credit). + + The addition of the custom passphrase code in version 2.1 was based on a + suggestion/initial implementation by Kraix (www.kraix.com); additionally, Kraix + supplied some needed refinements to the instructions included for this program. + Much thanks is in order for those things, as they provided the impetus to update + this script from its original release in order to support 256-bit WEP keys along + with some other touch-ups. + +*/ + +// initialize WEP key variables + +var ascWEPkey = ''; +var hexWEPkey = ''; + +// creates an array of 95 possible characters from which to choose for generating our WEP key +var charArray = new Array(' ', '!', '"', '#', '$', '%', '&', '\'', '(', ')', '*', '+', ',', '-', '.', '/', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', ':', ';', '<', '=', '>', '?', '@', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '[', '\\', ']', '^', '_', '\'', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '{', '|', '}', '~'); + +// functions + +function gen_prn() { // generates a pseudo-random number + + return Math.floor(Math.random() * charArray.length); // range is 0 ~ 94 +} + +function gen_key(keyLengthInBytes) { // generate a WEP key with the specified key length in bytes (5/13/16/29 bytes for 64/128/152/256-bit WEP) + + for (i = 0; i < keyLengthInBytes; i++) + { + ascWEPkey += charArray[gen_prn()]; // creates the ASCII version of the WEP key + } + + for (i = 0; i < ascWEPkey.length; i++) + { + hexWEPkey += ascWEPkey.charCodeAt(i).toString(16); // creates the HEX WEP key from the ASCII + } +} + +function write_key(tf) { // write the WEP key into the form text fields + tf.ascKeyTextField.value = ascWEPkey; + tf.hexKeyTextField.value = hexWEPkey; +} + +function reset_key() { // reset the WEP key variables for further use + ascWEPkey = ''; + hexWEPkey = ''; +} + +function go(form, klib) { // trigger function to generate a key, display the output, and then reset the variables + + gen_key(klib); + write_key(form); + reset_key(); +} + +function go_ck(form) { // trigger function to generate a custom key from a user-supplied pass phrase + // checking for proper key lengths is left up to the user + + if ( form.customPhraseField.value != '') // did they actually enter anything? + { + ascWEPkey = form.customPhraseField.value; + for (i = 0; i < ascWEPkey.length; i++) + hexWEPkey += ascWEPkey.charCodeAt(i).toString(16); // creates the HEX WEP key from the ASCII + } + else + { + alert("Please enter a pass phrase."); + } + write_key(form); + reset_key(); +} + +// --> +</script> +<script language="Javascript"> +<!-- + +/* +Highlight and Copy form element script- By Dynamicdrive.com +For full source, Terms of service, and 100s DTHML scripts +Visit http://www.dynamicdrive.com +*/ + +//specify whether contents should be auto copied to clipboard (memory) +//Applies only to IE 4+ +var copytoclip=1 + +function HighlightAll(theField) { +var tempval=eval("document."+theField) +tempval.focus() +tempval.select() +if (document.all&©toclip==1){ +therange=tempval.createTextRange() +therange.execCommand("Copy") +window.status="Contents highlighted and copied to clipboard!" +setTimeout("window.status=''",1800) +} +} +//--> +</script> + +<style type="text/css"> +<!-- +.button { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10px; font-weight: bold; color: #FFFFFF; background-color: #6699FF} +.header { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 14px; font-weight: bold; color: #000000; background-color: #FFFFFF; border-color: #999999 #999999 #000000 #000000; text-decoration: underline} +.textfield { font-family: "Courier New", Courier, mono; font-size: 12px} +.header2 { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; font-weight: bold; color: #000000; background-color: #FFFFFF; border-color: #999999 #999999 #000000 #000000; text-decoration: underline} +p { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10px; color: #000000} +--> +</style> +</head> +<body bgcolor="#FFFFFF" text="#000000"> +<form name="sweps" method="post" action=""> + <p class="header">WLAN STRONG KEY GENERATOR v2.2 by Warewolf Labs</p> + + <p><b>NEWS & UPDATES</b>:</p> + <p><u>2005-01-25</u>: This program was originally written and freely + distributed in 2001 with the goal of allowing the average consumer to easily + lock down their wireless network with WEP, while at the same time employing + something stronger than simple, easily-guessed words or phrases that were + susceptible to offline dictionary attacks. </p> + <p>Much has changed in the wireless network security landscape since the + inception of this program. Techniques and programs are now available + (cf. the article + <a target="_blank" href="http://securityfocus.com/infocus/1814">here</a>) + which can crack a WEP key in such a short period, that any + last vestiges of credibility that WEP may have once held in providing + effective security have been cast out.</p> + + <p>Therefore, it is important to realize that WEP (regardless of key + strength) will only keep out casual + intruders, and any concerted effort will allow an attacker into your network + without too much trouble. With this caveat in mind, the generation of + WEP keys will remain intact in this tool to allow for some (albeit slim) + measure of protection for network devices which are limited to WEP-based + protective measures. </p> + <p>A future release of the WLAN Strong Key Generator will provide the + capability to generate a strong Wi-Fi Protected Access Pre-Shared Key + (WPA-PSK).</p> + <p><b>INSTRUCTIONS</b>:</p> + <p>To generate a <a href="#random">random WEP key</a>, select the bit key length + to generate and press the corresponding button; the ASCII or HEX key can then + be copied to your clipboard manually or via the "<b>copy to clipboard</b>" button to + the right of the <a href="#generated_key">Generated Key</a> text fields. + Note that in order to be as platform-independent as possible, characters + used for generation of these keys are limited to a subset of + the basic ASCII code table (95 elements, including the letters "a" to "z", "A" to "Z", + and most + punctuation and other standard symbols; at the time that this original + program was written, support for Unicode was not widely present + among the installed base of consumer operating systems to allow for the inclusion of extended characters which would increase the strength of WEP + keys generated with this program).</p> + + <p>You can also generate a <a href="#custom">custom WEP key</a> based on your + own pass phrase or other input. <u>IMPORTANT:</u> this function simply + converts your supplied input from ASCII to HEX form; it does not apply + any other transformations or algorithms upon it, therefore <i>your custom + key will only be as strong as your source material</i>.</p> + <p>A good primer on WEP key setup and terms is located <a href="http://www.practicallynetworked.com/support/mixed_wep.htm" target="_blank">here</a>.</p> + + <p><b>NOTES</b>:</p> + <p><!-- begin / added by Kraix --> + - If your product vendor requests 40-bit keys, use the 64-bit key<br> + - If your product vendor requests 104-bit keys, use the 128-bit key<br> + <!-- end / added by Kraix --> + - Apple users can enter HEX keys into their AirPort setup by prefixing the + generated string with a"<b>$</b>" symbol<br> + + (i.e. if the generated HEX code is <span class="textfield"><b>6b5e454532</b></span> + then you would enter <span class="textfield"><b>$6b5e454532</b></span> into + your configuration)</p> + <table border="0" cellspacing="0" cellpadding="0"> + <tr> + <td align="right" class="header2" width="120"><a name="random">Random WEP Key</a></td> + <td width="10"> </td> + + <td width="150"> </td> + </tr> + <tr> + <td align="right" width="120"><img src="images/key_64.gif" width="81" height="42"></td> + <td> </td> + <td width="150"> + <input type="button" class="button" name="gen64" value="generate 64-bit key" onClick="javascript:go(this.form, 5)"> + </td> + </tr> + <tr> + <td align="right" width="120"> </td> + + <td> </td> + <td width="150"> </td> + </tr> + <tr> + <td align="right" width="120"><img src="images/key_128.gif" width="94" height="42"></td> + <td> </td> + <td width="150"> + <input type="button" class="button" name="gen128" value="generate 128-bit key" onClick="javascript:go(this.form, 13)"> + </td> + </tr> + + <tr> + <td align="right" width="120"> </td> + <td> </td> + <td width="150"> </td> + </tr> + <tr> + <td align="right" width="120"><img src="images/key_152.gif" width="94" height="42"></td> + <td> </td> + <td width="150"> + <input type="button" class="button" name="gen152" value="generate 152-bit key" onClick="javascript:go(this.form, 16)"> + + </td> + </tr> + <tr> + <td width="120"> </td> + <td> </td> + <td width="150"> </td> + </tr> + <tr> + <td align="right" width="120"><img src="images/key_256.gif" width="94" height="42"></td> + <td> </td> + + <td width="150"> + <input type="button" class="button" name="gen256" value="generate 256-bit key" onClick="javascript:go(this.form, 29)"> + </td> + </tr> + <tr> + <td width="120"> </td> + <td> </td> + <td width="150"> </td> + </tr> + <tr> + <td width="120"> + <p align="left" class="header2"><a name="custom">Custom WEP Key</a></p> + + </td> + <td> </td> + <td width="150"> </td> + </tr> + <tr> + <td colspan="3"> + <p align="left"><b>NOTE</b>: 5/13/16/29 characters are needed for 64/128/152/256-bit + WEP</p> + </td> + </tr> + + <tr> + <td width="120"> + <p align="right">Custom Phrase</p> + </td> + <td> </td> + <td width="150" valign="top"> + <p> + <input type="text" name="customPhraseField" size="30" class="textfield" maxlength="29" value="enter your phrase here" onClick="this.value=''"; onChange="document.sweps.customPhraseCCField.value=document.sweps.customPhraseField.value.length;" onBlur="document.sweps.customPhraseCCField.value=document.sweps.customPhraseField.value.length;"> + </p> + </td> + + </tr> + <tr> + <td width="120"> + <p align="right">Character Count</p> + </td> + <td> </td> + <td width="150" valign="middle"> + <p> + <input type="text" name="customPhraseCCField" size="2" class="textfield" maxlength="2"> + </p> + + </td> + </tr> + <tr> + <td width="120"> </td> + <td> </td> + <td width="150" valign="middle"> + <input type="button" class="button" name="genck" value="generate custom key" onClick="javascript:go_ck(this.form)"> + </td> + </tr> + </table> + + <br> + <table width="500" border="0" cellspacing="0" cellpadding="0"> + <tr> + <td align="left" colspan="3"> + <p></p> + <p class="header2"><a name="generated_key">Generated Key</a></p> + </td> + <td> </td> + </tr> + + <tr> + <td align="right" width="125"> + <p></p> + <p>ASCII</p> + </td> + <td width="10"> </td> + <td> + <input type="text" name="ascKeyTextField" size="60" class="textfield" maxlength="29"> + </td> + <td> + <input type="button" name="copyASCII" value="copy to clipboard" onClick="javascript:HighlightAll('sweps.ascKeyTextField')" class="button"> + + </td> + </tr> + <tr> + <td align="right" width="125"> + <p>HEX</p> + </td> + <td> </td> + <td> + <input type="text" name="hexKeyTextField" size="60" class="textfield" maxlength="58"> + </td> + + <td> + <input type="button" name="copyHEX" value="copy to clipboard" onClick="javascript:HighlightAll('sweps.hexKeyTextField')" class="button"> + </td> + </tr> + </table> +</form> +</body> +</html> |