Embed a DES implementation rather than relying on lib(x)crypt

COMPILING.md

@@ -1,24 +1,13 @@
 # Compiling the Source
 
-To compile this source you will need the [libxcrypt](https://github.com/besser82/libxcrypt/)
-library. At the time of this writing, this is `libxcrypt-dev` on Debian-like systems. Check 
-your Linux distribution for installation directions. For Debian systems:
+To compile this source you will need libpcap.  Check your Linux
+distribution for installation instructions.  On Debian-like systems:
 
 ```
-$ sudo apt update && sudo apt install libxcrypt-dev -y
+$ sudo apt update && sudo apt install libpcap-dev
 ```
 
-To build this tool, change to the `asleap` directory and run `make`:
+No other external libraries are required.
 
-```
-$ make
-gcc -pipe -Wall -D_LINUX -D_OPENSSL_MD4 -g3    -c -o sha1.o sha1.c
-gcc -pipe -Wall -D_LINUX -D_OPENSSL_MD4 -g3    -c -o common.o common.c
-gcc -pipe -Wall -D_LINUX -D_OPENSSL_MD4 -g3    -c -o utils.o utils.c
-gcc -pipe -Wall -D_LINUX -D_OPENSSL_MD4 -g3  asleap.c -o asleap common.o utils.o sha1.o -lpcap -lxcrypt -lcrypto
-gcc -pipe -Wall -D_LINUX -D_OPENSSL_MD4 -g3  md4.c genkeys.c -o genkeys common.o utils.o -lpcap -lxcrypt -lcrypto
-gcc -pipe -Wall -D_LINUX -D_OPENSSL_MD4 -g3    -c -o asleap.o asleap.c
-gcc -pipe -Wall -D_LINUX -D_OPENSSL_MD4 -g3    -c -o genkeys.o genkeys.c
-```
-
-Optionally you can edit the `Makefile` and change the compiler to clang as desired.
+To build this tool, change to the `asleap` directory and run `make`.
+You can override CC and/or CFLAGS on the `make` command line as usual.

Makefile

@@ -7,35 +7,34 @@
 # <dragorn> i think thats all anyone does
 # <dragorn> make is a twisted beast
 ##################################
-LDLIBS		= -lpcap -lxcrypt
-CFLAGS		= -pipe -Wall -D_LINUX -D_OPENSSL_MD4
-LDLIBS		+= -lcrypto
-CFLAGS		+= -g3 #-ggdb -g
-PROGOBJ		= asleap.o genkeys.o utils.o common.o sha1.o
-PROG		= asleap genkeys
-#CC		    = clang-10
-CC          = gcc
-
-all: $(PROG) $(PROGOBJ)
+CFLAGS		= -g3 -Og -std=gnu11 \
+		  -Wall -Wextra -Wpedantic -Wstrict-prototypes
+CPPFLAGS	= -D_FILE_OFFSET_BITS=64
+LDLIBS		= -lpcap
 
-utils: utils.c utils.h
-	$(CC) $(CFLAGS) utils.c -c 
+PROG		= asleap genkeys
+COMMON_OBJS	= common.o des.o des-tables.o md4.o sha1.o utils.o
 
-common: common.c common.h
-	$(CC) $(CFLAGS) common.c -c
+all: $(PROG)
 
-sha1: sha1.c sha1.h
-	$(CC) $(CFLAGS) sha1.c -c
+asleap: asleap.o $(COMMON_OBJS)
+	$(CC) $(CFLAGS) -o $@ $^ $(LDLIBS)
 
-asleap: asleap.c asleap.h sha1.o common.o common.h utils.o version.h sha1.c \
-	sha1.h 
-	$(CC) $(CFLAGS) asleap.c -o asleap common.o utils.o sha1.o $(LDLIBS)
+genkeys: genkeys.o $(COMMON_OBJS)
+	$(CC) $(CFLAGS) -o $@ $^ $(LDLIBS)
 
-genkeys: genkeys.c md4.c md4.h common.o utils.o version.h common.h
-	$(CC) $(CFLAGS) md4.c genkeys.c -o genkeys common.o utils.o $(LDLIBS)
+asleap.o: asleap.c asleap.h utils.h common.h version.h sha1.h radiotap.h \
+ byteswap.h ieee80211.h ieee8021x.h ietfproto.h
+common.o: common.c common.h utils.h md4.h
+des.o: des.c des.h
+des-tables.o: des-tables.c des.h
+genkeys.o: genkeys.c common.h version.h utils.h
+sha1.o: sha1.c common.h sha1.h
+md4.o: md4.c md4.h
+utils.o: utils.c utils.h
 
 clean:
-	$(RM) $(PROGOBJ) $(PROG) *~
+	-rm -f $(PROG) asleap.o genkeys.o $(COMMON_OBJS)
 
 strip:
 	@ls -l $(PROG)

README.md

@@ -3,6 +3,13 @@
 Pronounced "asleep". Copyright(c) 2004-2020, [Joshua Wright](https://github.com/joswr1ght)
 
 -------------------------------------------------------------------------------
+## UPDATE - 2021-06-20
+
+Due to setkey and encrypt being slated to be removed from libxcrypt as
+well, bundle our own DES implementation.  Also use our existing
+bundled MD4 implementation on all operating systems, rather than
+depending on OpenSSL.
+
 ## UPDATE - 2020-11-28
 
 Due to GLIBC removal of setkey and crypt functions, link to libxcrypt to

asleap.c

@@ -72,14 +72,14 @@ unsigned long pcount=0;
 
 /* prototypes */
 void usage(char *message);
-void cleanup();
+void cleanup(void);
 void print_leapexch(struct asleap_data *asleap_ptr);
 void print_hashlast2(struct asleap_data *asleap_ptr);
 void print_leappw(struct asleap_data *asleap_ptr);
 int gethashlast2(struct asleap_data *asleap_ptr);
 int getmschappw(struct asleap_data *asleap_ptr);
 int getpacket(pcap_t *p);
-int listdevs();
+int listdevs(void);
 int testleapchal(struct asleap_data *asleap_ptr, int plen, int offset);
 int testleapsuccess(struct asleap_data *asleap_ptr, int plen, int offset);
 int testleapresp(struct asleap_data *asleap_ptr, int plen, int offset);
@@ -235,7 +235,7 @@ void print_leappw(struct asleap_data *asleap_ptr)
 
 }
 
-void cleanup()
+void cleanup(void)
 {
 
     if (p != NULL) {
@@ -352,7 +352,7 @@ int getmschappw(struct asleap_data *asleap_ptr)
     struct hashpass_rec rec;
     struct hashpassidx_rec idxrec;
     char password_buf[MAX_NT_PASSWORD];
-    int passlen, recordlength, passwordlen, i;
+    int passlen, recordlength, passwordlen;
     FILE *buffp, *idxfp;
 
     /* If the user passed an index file for our reference, fseek to
@@ -449,7 +449,7 @@ int getmschappw(struct asleap_data *asleap_ptr)
             return (-1);
         }
 
-        for (i = 0; i < idxrec.numrec; i++) {
+        for (size_t i = 0; i < idxrec.numrec; i++) {
 
             memset(&rec, 0, sizeof(rec));
             memset(&password_buf, 0, sizeof(password_buf));
@@ -1029,7 +1029,7 @@ int testpptpchal(struct asleap_data *asleap_ptr, int plen, int offset)
 
 int testpptpresp(struct asleap_data *asleap_ptr, int plen, int offset)
 {
-    int usernamelen;
+    unsigned long usernamelen;
     struct pppchaphdr *pppchap;
 
     pppchap = (struct pppchaphdr *)(packet+offset);
@@ -1324,7 +1324,7 @@ char *getdevice(char *optarg)
 }
 
 /* List all the available interfaces, adapted from WinDump code */
-int listdevs()
+int listdevs(void)
 {
 
     pcap_if_t *devpointer;
@@ -1353,7 +1353,7 @@ int radiotap_offset(pcap_t *p, struct pcap_pkthdr *h)
 {
 
     struct ieee80211_radiotap_header *rtaphdr;
-    int rtaphdrlen=0;
+    uint32_t rtaphdrlen=0;
 
     /* Grab a packet to examine radiotap header */
     if (pcap_next_ex(p, &h, (const u_char **)&packet) > -1) {
@@ -1376,7 +1376,8 @@ int radiotap_offset(pcap_t *p, struct pcap_pkthdr *h)
 int main(int argc, char *argv[])
 {
 
-    int c, opt_verbose = 0, offset = 0;
+    int c, opt_verbose = 0;
+    size_t offset = 0;
     char *device, dictfile[255], dictidx[255], pcapfile[255];
     struct asleap_data asleap;
     struct stat dictstat, capturedatastat;
@@ -1391,9 +1392,9 @@ int main(int argc, char *argv[])
     memset(&asleap, 0, sizeof(asleap));
     device = NULL;
 
-    signal(SIGINT, cleanup);
-    signal(SIGTERM, cleanup);
-    signal(SIGQUIT, cleanup);
+    signal(SIGINT, (void (*)(int))cleanup);
+    signal(SIGTERM, (void (*)(int))cleanup);
+    signal(SIGQUIT, (void (*)(int))cleanup);
 
     printf("asleap %s - actively recover LEAP/PPTP passwords. "
            "<[email protected]>\n", VER);
@@ -1559,7 +1560,7 @@ int main(int argc, char *argv[])
         offset = radiotap_offset(p, &h);
         if (offset < sizeof(struct ieee80211_radiotap_header)) {
             fprintf(stderr, "Unable to determine offset "
-                "from radiotap header (%d).\n", offset);
+                "from radiotap header (%zd).\n", offset);
             return(-1);
         }
         break;

common.c

@@ -26,19 +26,10 @@
 #include <string.h>
 #include <stdlib.h>
 #include <stdint.h>
+
 #include "common.h"
 #include "utils.h"
-
-#ifdef _OPENSSL_MD4
-#include <openssl/md4.h>
-#define MD4Init MD4_Init
-#define MD4Update MD4_Update
-#define MD4Final MD4_Final
-#define MD4WRAP MD4
-#else
 #include "md4.h"
-#define MD4WRAP md4
-#endif
 
 /* written from scratch
  * Copyright (C) 2001 Jochen Eisinger, University of Freiburg
@@ -125,5 +116,5 @@ void NtPasswordHash(char *secret, int secret_len, unsigned char *hash)
         unicodePassword[i * 2] = (unsigned char)secret[i];
 
     /* Unicode is 2 bytes per char */
-    MD4WRAP(unicodePassword, secret_len * 2, hash);
+    md4(unicodePassword, secret_len * 2, hash);
 }