Eun0us/espilon-source
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
feat/v0.4-offensive
espilon-source/espilon_bot/components/mod_redteam/rt_capture.h
Eun0us 2315979db0
Some checks failed
Discord Push Notification / notify (push) Has been cancelled
Details
ε - Add WiFi offensive capabilities to mod_redteam 
Phase 1 of v0.4.0 offensive modules:

- Promiscuous dispatcher (rt_promisc): shared IRAM callback multiplexer
  for stealth scan, karma, capture — solves single-callback ESP-IDF limit
- Attack manager (rt_attack): mutual exclusion ensuring only one
  offensive operation runs at a time
- Deauth refactored to use shared promisc dispatcher + attack lock
- Stealth passive scan migrated to promisc dispatcher
- Karma attack (rt_karma): probe request listener + probe response
  injection + rogue SoftAP with most-requested SSID + DNS responder
- WPA handshake capture (rt_capture): EAPOL frame capture via
  promiscuous DATA filter, 4-way handshake identification, optional
  deauth burst to trigger reconnection
- Kconfig: RT_BEACON, RT_KARMA, RT_CAPTURE toggle options
- 5 new C2 commands: rt_karma, rt_karma_stop, rt_karma_clients,
  rt_capture, rt_capture_stop (14 total in mod_redteam)
2026-03-01 02:08:28 +01:00

52 lines
1.2 KiB
C
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/*
* rt_capture.h
* WPA/WPA2 4-way handshake (EAPOL) capture for offline cracking.
*/
#pragma once
#include <stdbool.h>
#include <stdint.h>
#ifdef __cplusplus
extern "C" {
#endif
#define RT_CAPTURE_MAX_EAPOL_LEN 256
/* Captured EAPOL frame */
typedef struct {
uint8_t data[RT_CAPTURE_MAX_EAPOL_LEN];
size_t len;
uint8_t msg_num; /* 1-4 for each handshake message */
} rt_eapol_frame_t;
/* Capture result */
typedef struct {
uint8_t bssid[6];
uint8_t client[6];
rt_eapol_frame_t frames[4]; /* M1..M4 */
uint8_t captured; /* bitmask: bit 0=M1, bit 1=M2, etc. */
bool complete; /* all 4 messages captured */
} rt_capture_result_t;
/*
* Start handshake capture.
* bssid target AP BSSID (6 bytes)
* channel WiFi channel (1-13), 0 = current
* send_deauth if true, send a few deauth frames to force reconnection
*/
void rt_capture_start(const uint8_t bssid[6], uint8_t channel, bool send_deauth);
/* Stop capture. */
void rt_capture_stop(void);
/* True if capture is running. */
bool rt_capture_is_active(void);
/* Get the current capture result (may be incomplete). */
const rt_capture_result_t *rt_capture_get_result(void);
#ifdef __cplusplus
}
#endif
Reference in New Issue View Git Blame Copy Permalink