Unable to compile
Opened this issue · 21 comments
Due to setkey and encrypt being remove, gcc is unable to compile. I tried this night night to fix this and its too blunt for me to recode the thing. Found out theyre using EVP encryption right now however i tried to change encrypt to crypt and recompile it with -lcrypt seems wokring but the setkey has not alternative to it. hope you can still fix it.
I don't mean to be one of those developers who never maintains a project, but I wrote this a LONG time ago, and have moved on to other projects. I did spend some time this morning updating the code to use libxcrypt as the modern replacement for GLIBC's deprecation if crypt() and setkey().
After getting the latest source, you'll need to install libxcrypt-dev using your Linux package manager. You don't say which version of Linux you are using, but if it's Debian-like that will be sudo apt update && sudo apt install libcrypt-dev. Then a normal make should build the source as desired.
Great job, thanx.
Unfortunately i tried to make it, but still missing lxcrypt. Don't know why, because i already have installed latest version of libcrypt-dev :(
Im using Ubuntu 20.04
yeah still the same, this might just be considered as a failing build after all :(
I'm sorry, not libcrypt-dev, libxcrypt-dev. It's correct in the README.md, just incorrect in my prior message.
What Linux distro are you using? I'll see if I can get a VM running and take a look.
It appears that libxcrypt does not do what I think it did, sorry for the runaround. I need to reimplement the crypto functionality using openssl des_fcrypt, but that will require me to read up on that. I'll follow up. Thank you @purpleSkies26 @gordat.
still broken. Please specify what version is required instead of "dev". libxcrypt has 2.x and 4.x lines with incompatible APIs.
make -j4 CC=x86_64-pc-linux-gnu-gcc
x86_64-pc-linux-gnu-gcc -D_LINUX -D_OPENSSL_MD4 -g3 -c -o sha1.o sha1.c
x86_64-pc-linux-gnu-gcc -D_LINUX -D_OPENSSL_MD4 -g3 -c -o common.o common.c
x86_64-pc-linux-gnu-gcc -D_LINUX -D_OPENSSL_MD4 -g3 -c -o utils.o utils.c
x86_64-pc-linux-gnu-gcc -D_LINUX -D_OPENSSL_MD4 -g3 -c -o asleap.o asleap.c
utils.c: In function ‘DesEncrypt’:
utils.c:179:5: warning: implicit declaration of function ‘setkey’ [-Wimplicit-function-declaration]
179 | setkey((char *)crypt_key);
| ^~~~~~
utils.c:182:5: warning: implicit declaration of function ‘encrypt’; did you mean ‘crypt’? [-Wimplicit-function-declaration]
182 | encrypt((char *)des_input, 0);
| ^~~~~~~
| crypt
x86_64-pc-linux-gnu-gcc -D_LINUX -D_OPENSSL_MD4 -g3 -c -o genkeys.o genkeys.c
x86_64-pc-linux-gnu-gcc -D_LINUX -D_OPENSSL_MD4 -g3 md4.c genkeys.c -o genkeys common.o utils.o -lpcap -lxcrypt -lcrypto
x86_64-pc-linux-gnu-gcc -D_LINUX -D_OPENSSL_MD4 -g3 asleap.c -o asleap common.o utils.o sha1.o -lpcap -lxcrypt -lcrypto
/usr/lib/gcc/x86_64-pc-linux-gnu/9.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: cannot find -lxcrypt
collect2: error: ld returned 1 exit status
make: *** [Makefile:35: genkeys] Error 1
make: *** Waiting for unfinished jobs....
/usr/lib/gcc/x86_64-pc-linux-gnu/9.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: cannot find -lxcrypt
collect2: error: ld returned 1 exit status
make: *** [Makefile:32: asleap] Error 1
The issue is that GLIBC has removed the crypt(3) functionality that Asleap uses to calculate the MS-CHAPv2 challenge/response hash values. I haven't had time to dig into how to do that using the native DES crypto library. As an open-source project, I welcome patches and pull requests to add this functionality!
It sounds like the problem most of you are trying to overcome is that Airgeddon requires Asleap as one of the components. Frankly, it's very rare to see LEAP network activity anymore, so I find it hard to justify the time working on addressing this vs. other more currently relevant projects I'm working on.
How about customizing Airgeddon to not use Asleap at all? Or, can you write a little shell script such as echo "Airgeddon ran asleap on $(date)" >>/tmp/airgeddon.log; echo $* >>/tmp/airgeddon.log and save it as /usr/local/bin/asleap or whatever Airgeddon expects? Or, heck, don't use Airgeddon at all and investigate how to attack wireless networks without an aggregate automation tool as a learning opportunity to build and develop your skills?
I'll keep this ticket open since I do feel responsibility to maintain this code, but I don't think this is something that's going to be fixed in the very near future without some community support to help me figure out an alternative to the GLIBC DES crypt(3) functionality.
Thank you all,
-Josh
I am one of the maintainers of libxcrypt. Please be advised that we provide encrypt and setkey for backward compatibility with glibc only. Depending on how libxcrypt is configured, it may not be possible to use them from newly compiled code -- for instance, I'm fairly sure you will get the same link errors as before if you try to compile asleap on the latest Fedora, where -lcrypt and -lxcrypt are both configured to exclude backward compatibility code. (You can tell by checking lib(x)crypt's soname; if it's libcrypt.so.2, the legacy APIs are excluded.)
I don't know what you're using encrypt and setkey for, but since this program appears already to be linked with OpenSSL's libcrypto, the most straightforward replacement will probably be the evp.h symmetric cipher API.
upon actually looking at the code, I had a better idea, see the PR.
Great work, thank you!
Easy Peasy solution, no code experience just pure hard search skill, first google asleap bin on google, you'll find that most offinsive oses like kali linux already have natively on their packages so,
1- Install A virtual Machine simulator like virtualbox or anything really
2- Download kali linux, and configure virtualbox to use it
3- get into the os terminal, and execute this command "sudo apt install asleap"
4- create a shared folder in your host "e.g:ubuntu" with your guest "kali"
5- copy the asleap binary from "/usr/bin" in kali to the shared forlder, then from the shared folder copy it again to the same folder "/usr/bin" but this time on your host machine "ubuntu"
6- enjoy the binary
Hope it helped if your goal was only to get the binary in order to run airgeddon directly on the host machine