OpenWifiPass : An Open Source Implementation Of Apple’s Wi-Fi Password

OpenWifiPass open source implementation of the grantor role in Apple’s Wi-Fi Password Sharing protocol.

Requirements

  • Hardware: Bluetooth Low Energy radio, e.g., Raspberry Pi 4
  • OS: Linux (due to the bluepy dependency)

Install

Clone this repository and install it:

git clone git@github.com/seemoo-lab/openwifipass.git
pip3 install ./openwifipass

Run

Run openwifipass to share Wi-Fi credentials (SSID and PSK) with any requestor (we need super user privileges to use the Bluetooth subsystem):

sudo -E python3 -m openwifipass –ssid <SSID> –psk <PSK>

Use quoting of your shell to remove special meaning of certain characters in SSID/PSK. In the example below, we use single quotes (') to prevent shell expansion of the $ character in the PSK.

A successful run of the protocol would look as follows:

pi@raspberrypi:~/openwifipass $ sudo -E python3 -m openwifipass –ssid OWL –psk ‘$uper$ecretPassword’
Start scanning…
SSID match in PWS advertisement from aa:bb:cc:dd:ee:ff
Connect to device aa:bb:cc:dd:ee:ff
Send PWS1
Receive PWS2
Send M1
Receive M2
Send M3
Receive M4
Send PWS3
Receive PWS4
Wi-Fi Password Sharing completed

OPACK

This projects contains a reusable OPACK (de)serializer. Read OPACK.md for more information.

Authors

  • Jannik Lorenz

Publications

  • Milan Stute, Alexander Heinrich, Jannik Lorenz, and Matthias Hollick. Disrupting Continuity of Apple’s Wireless Ecosystem Security: New Tracking, DoS, and MitM Attacks on iOS and macOS Through Bluetooth Low Energy, AWDL, and Wi-Fi. 30th USENIX Security Symposium (USENIX Security ’21), August 11–13, 2021, Vancouver, B.C., Canada. To appear.
  • Jannik Lorenz. Wi-Fi Sharing for All: Reverse Engineering and Breaking the Apple Wi-Fi Password Sharing Protocol. Bachelor thesis, Technical University of Darmstadt, March 2020.

Disclaimer

OpenWifiPass is experimental software and is the result of reverse engineering efforts by the Open Wireless Link project. The code serves solely documentary and educational purposes. It is untested and incomplete. For example, the code does not verify the identity of the requestor. So, do not use this implementation with sensitive Wi-Fi credentials. OpenWifiPass is not affiliated with or endorsed by Apple Inc.

Download
R K

Share
Published by
R K
Tags: Open SourceOpenWifiPassWi-Fi Password
4 years ago

Recent Posts

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

1 week ago

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

2 weeks ago

Red Team Certification – A Comprehensive Guide To Advancing In Cybersecurity Operations

Embark on the journey of becoming a certified Red Team professional with our definitive guide.…

3 weeks ago

CVE-2024-5836 / CVE-2024-6778 : Chromium Sandbox Escape via Extension Exploits

This repository contains proof of concept exploits for CVE-2024-5836 and CVE-2024-6778, which are vulnerabilities within…

3 weeks ago

Rust BOFs – Unlocking New Potentials In Cobalt Strike

This took me like 4 days (+2 days for an update), but I got it…

3 weeks ago

MaLDAPtive – Pioneering LDAP SearchFilter Parsing And Security Framework

MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection. Its foundation is…

3 weeks ago