wpa_cli commands verify
一个wpa的客户端工具,需要在arm上用qt实现一个这样的网络管理工具。
唉,真是麻烦。
yantai:/home/shell.albert # wpa_cli
wpa_cli v2.2
Copyright (c) 2004-2014, Jouni Malinen <j@w1.fi> and contributors
This software may be distributed under the terms of the BSD license.
See README for more details.
Selected interface 'wlp5s0'
Interactive mode
> SCAN //这条命令扫描一下无线信号
OK
<3>CTRL-EVENT-SCAN-STARTED
<3>CTRL-EVENT-SCAN-RESULTS
> >
> SCAN_RESULTS //显示扫描结果
bssid / frequency / signal level / flags / ssid
ec:26:ca:62:2e:94 2412 -43 [WPA-PSK-CCMP][WPA2-PSK-CCMP][ESS] dyzdb
08:57:00:c7:17:7b 2457 -57 [WPA2-PSK-CCMP][ESS] \xe7\x8c\x8e\xe8\xb1\xb9\xe5\x85\x8d\xe8\xb4\xb9WiFi119
00:36:76:64:01:f6 2462 -71 [WPA-PSK-CCMP][WPA2-PSK-CCMP][ESS] \xe8\xb9\xad\xe8\xb9\xad
22:12:7b:15:be:95 2412 -76 [WPA2-PSK-CCMP][ESS] ticket999999
24:05:0f:2d:71:75 2437 -81 [WPA-PSK-CCMP][WPA2-PSK-CCMP][ESS] \xe4\xbd\xa0\xe6\x98\xaf\xe5\x82\xbb\xe5\xad\x90\xe5\x90\x97\xef\xbc\x9f
24:05:0f:2d:eb:19 2437 -83 [WPA-PSK-CCMP][WPA2-PSK-CCMP][ESS] \xef\xbc\x88\xe6\x9c\xaa\xe7\x9f\xa5\xe4\xbf\xa1\xe5\x8f\xb7\xef\xbc\x89
00:b0:c6:02:f1:b0 2437 -17 [ESS] IP-COM
> STATUS //查询当前状态
wpa_state=DISCONNECTED
ip_address=192.168.0.146
address=00:26:c7:24:28:f4
uuid=513b3680-d82c-5e7c-a253-e980306b2cd5
>
> BSS 0 //查询id为0的节点信息。
id=9
bssid=ec:26:ca:62:2e:94
freq=2412
beacon_int=100
capabilities=0x0431
qual=0
noise=0
level=-43
tsf=0003132973678391
age=134
ie=000564797a6462010882848b960c1218240301010706434e20010d202a010030140100000fac040100000fac040100000fac02000032043048606c2d1a6e101bffffff0000000000000000008000000000000000000000331a6e101bffffff00000000000000000080000000000000000000003d1601050500000000000000000000000000000000000000341601050500000000000000000000000000000000000000dd160050f20101000050f20401000050f20401000050f202dd180050f2020101030003a4000027a4000042435e0062322f00dd0900037f01010000ff7f
flags=[WPA-PSK-CCMP][WPA2-PSK-CCMP][ESS]
ssid=dyzdb
> BSS 1 //查询id为1的节点信息。
id=10
bssid=08:57:00:c7:17:7b
freq=2457
beacon_int=100
capabilities=0x0431
qual=0
noise=0
level=-57
tsf=0000280076787261
age=139
ie=0013e78c8ee8b1b9e5858de8b4b957694669313139010882848b968c12982403010a30140100000fac040100000fac040100000fac0200002a01003204b048606cdd180050f2020101800003a4000027a4000042435e0062322f002d1a6e1802ff000000000000000000000000000000000000000000003d160a070200000000000000000000000000000000000000dd0700e04c02021000
flags=[WPA2-PSK-CCMP][ESS]
ssid=\xe7\x8c\x8e\xe8\xb1\xb9\xe5\x85\x8d\xe8\xb4\xb9WiFi119
> BSS 9999 //查询id为9999的节点信息,该节点无信息返回。
> BSS 100 //查询id为100的节点信息,该节点无信息返回。
> BSS 3 查询id为3的节点信息.
id=12
bssid=22:12:7b:15:be:95
freq=2412
beacon_int=100
capabilities=0x0431
qual=0
noise=0
level=-76
tsf=0000194420380241
age=151
ie=000c7469636b6574393939393939010882848b960c1218240301010706434e20010d142a010030140100000fac040100000fac040100000fac02000032043048606c2d1a2c0103ff000000000000000000000000000000000000000000003d16010511000000000000000000000000000000000000004a0e14000a002c01c8001400050019007f080100000000000000dd180050f20201010c0003a4000027a4000042435e0062322f00dd1e00904c332c0103ff00000000000000000000000000000000000000000000dd1a00904c3401051100000000000000000000000000000000000000dd0900037f01010000ff7f
flags=[WPA2-PSK-CCMP][ESS]
ssid=ticket999999
>
> GET_CAPABILITY eap //获取支持的加密算法
MD5 TLS MSCHAPV2 PEAP TTLS GTC OTP LEAP AKA AKA' FAST PAX SAKE GPSK WSC IKEV2 TNC
> ADD_NETWORK //添加一个网络,返回其ID为1.
1
> SET_NETWORK 1 ssid "dyzdbzhangshaoyan" //设置id为1的网络的ssid为"dyzdbzhangshaoyan".
OK
> SET_NETWORK 1 auth_alg OPEN
OK
> SET_NETWORK 1 proto WPA2 //设置id为1的网络的协议,成功返回OK,失败返回FAIL.
OK
> SET_NETWORK 1 key_mgmt WPA-PSK
OK
> SET_NETWORK 1 pairwise CCMP
OK
> SET_NETWORK 1 group TKIP CCMP WEP104 WEP40
OK
> SET_NETWORK 1 psk "zhongduanbu" //这里是设置密码了吧.
OK
> SET_NETWORK 1 phase2 NULL
OK
> SET_NETWORK 1 identity NULL
OK
> SET_NETWORK 1 password NULL
OK
> SET_NETWORK 1 ca_cert NULL
OK
> SET_NETWORK 1 id_str NULL
OK
> SET_NETWORK 1 priority 0
OK
> ENABLE_NETWORK 0
OK
> ENABLE_NETWORK 1 //这里是使能id为1的网络.
OK
> STATUS //获取当前wpa_supplicant状态。
wpa_state=DISCONNECTED
ip_address=192.168.0.146
address=00:26:c7:24:28:f4
uuid=513b3680-d82c-5e7c-a253-e980306b2cd5
> LIST_NETWORKS //列出当前可用的网络配置。可以看到了2个,因为之前已经添加了1个。
network id / ssid / bssid / flags
0 dyzdb any
1 dyzdbzhangshaoyan any //这里NetworkID为1的就是我们现在添加的。
> ENABLE_NETWORK 1
OK
> REASSOCIATE //这条命令很关键,命令wpa_supplicant使用ID为1的配置进行连接。
OK
<3>CTRL-EVENT-SCAN-STARTED
<3>CTRL-EVENT-SCAN-RESULTS
<3>SME: Trying to authenticate with ec:26:ca:62:2e:94 (SSID='dyzdb' freq=2412 MHz)
<3>Trying to associate with ec:26:ca:62:2e:94 (SSID='dyzdb' freq=2412 MHz)
<3>Associated with ec:26:ca:62:2e:94
<3>CTRL-EVENT-REGDOM-CHANGE init=USER type=COUNTRY alpha2=CN
<3>WPA: Key negotiation completed with ec:26:ca:62:2e:94 [PTK=CCMP GTK=CCMP]
<3>CTRL-EVENT-CONNECTED - Connection to ec:26:ca:62:2e:94 completed [id=0 id_str=] //连接成功了吧?
在程序中显示状态信息,可以分析返回的字符串,
从上面的信息中我们可以看到:
CTRL-EVENT-SCAN-STARTED这是表示开始扫描。
CTRL-EVENT-SCAN-RESULTS这是扫描结果吧
CTRL-EVENT-REGDOM-CHANGE这个不知道是什么改变了
CTRL-EVENT-CONNECTED这个表示连接成功了。
> >
> STATUS //连接成功后,再来看一下信息。
bssid=ec:26:ca:62:2e:94
ssid=dyzdb
id=0
mode=station
pairwise_cipher=CCMP
group_cipher=CCMP
key_mgmt=WPA2-PSK
wpa_state=COMPLETED
address=00:26:c7:24:28:f4
uuid=513b3680-d82c-5e7c-a253-e980306b2cd5
>
现在使用dhclient wlp5s0 自动分配一下IP地址。
然后继教使用wpa_cli发送命令。
> STATUS
bssid=ec:26:ca:62:2e:94
ssid=dyzdb
id=0
mode=station
pairwise_cipher=CCMP
group_cipher=CCMP
key_mgmt=WPA2-PSK
wpa_state=COMPLETED
ip_address=192.168.0.146
address=00:26:c7:24:28:f4
uuid=513b3680-d82c-5e7c-a253-e980306b2cd5
>
Okay好了,现在网络已经通了。
感觉这个dhclient并没有获取到DNS呀。记得以前在arm上调的时候那个busybox中的udhcpc就是
自动获取到DNS,并加到/etc/resolve.conf中。先不管了,最近太累了。
yantai:/home/shell.albert # dhclient wlp5s0 -v
Internet Systems Consortium DHCP Client 4.2.6
Copyright 2004-2014 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Listening on LPF/wlp5s0/00:26:c7:24:28:f4
Sending on LPF/wlp5s0/00:26:c7:24:28:f4
Sending on Socket/fallback
DHCPREQUEST on wlp5s0 to 255.255.255.255 port 67 (xid=0x27cfed25)
DHCPACK from 192.168.0.1 (xid=0x27cfed25)
bound to 192.168.0.146 -- renewal in 2702 seconds.
yantai:/home/shell.albert #
yantai:/home/shell.albert # ping www.baidu.com
PING www.a.shifen.com (220.181.112.244) 56(84) bytes of data.
64 bytes from 220.181.112.244: icmp_seq=1 ttl=51 time=7.87 ms
64 bytes from 220.181.112.244: icmp_seq=2 ttl=51 time=9.19 ms
^C64 bytes from 220.181.112.244: icmp_seq=3 ttl=51 time=7.08 ms
--- www.a.shifen.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 6020ms
rtt min/avg/max/mdev = 7.088/8.055/9.199/0.870 ms
来看一下路由表:
可以看到目标为default和192.168.0.0的网段均从wlp5s0接口送出。
yantai:/home/shell.albert # route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 192.168.0.1 0.0.0.0 UG 0 0 0 wlp5s0
default 172.23.143.254 0.0.0.0 UG 1024 0 0 enp8s0
10.12.21.12 172.23.143.254 255.255.255.255 UGH 1 0 0 enp8s0
172.23.140.0 * 255.255.252.0 U 0 0 0 enp8s0
192.168.0.0 * 255.255.255.0 U 0 0 0 wlp5s0
yantai:/home/shell.albert #
by zhangshaoyan at May 20,2015.
下面再附加上wpa_supplicant daemon server的输出状态信息:
yantai:/home/shell.albert # wpa_supplicant -i wlp5s0 -c /etc/wpa_supplicant/wpa_supplicant.conf
Successfully initialized wpa_supplicant
wlp5s0: CTRL-EVENT-SCAN-STARTED
wlp5s0: CTRL-EVENT-SCAN-STARTED
wlp5s0: SME: Trying to authenticate with ec:26:ca:62:2e:94 (SSID='dyzdb' freq=2412 MHz)
wlp5s0: Trying to associate with ec:26:ca:62:2e:94 (SSID='dyzdb' freq=2412 MHz)
wlp5s0: Associated with ec:26:ca:62:2e:94
wlp5s0: CTRL-EVENT-REGDOM-CHANGE init=USER type=COUNTRY alpha2=CN
wlp5s0: WPA: Key negotiation completed with ec:26:ca:62:2e:94 [PTK=CCMP GTK=CCMP]
wlp5s0: CTRL-EVENT-CONNECTED - Connection to ec:26:ca:62:2e:94 completed [id=0 id_str=]
wlp5s0: SME: Trying to authenticate with ec:26:ca:62:2e:94 (SSID='dyzdb' freq=2412 MHz)
wlp5s0: Trying to associate with ec:26:ca:62:2e:94 (SSID='dyzdb' freq=2412 MHz)
wlp5s0: CTRL-EVENT-REGDOM-CHANGE init=DRIVER type=WORLD
wlp5s0: Associated with ec:26:ca:62:2e:94
wlp5s0: CTRL-EVENT-REGDOM-CHANGE init=USER type=COUNTRY alpha2=CN
wlp5s0: WPA: Key negotiation completed with ec:26:ca:62:2e:94 [PTK=CCMP GTK=CCMP]
wlp5s0: CTRL-EVENT-CONNECTED - Connection to ec:26:ca:62:2e:94 completed [id=0 id_str=]
wlp5s0: WPA: Group rekeying completed with ec:26:ca:62:2e:94 [GTK=CCMP]
wlp5s0: CTRL-EVENT-DISCONNECTED bssid=ec:26:ca:62:2e:94 reason=3 locally_generated=1
wlp5s0: CTRL-EVENT-REGDOM-CHANGE init=DRIVER type=WORLD
wlp5s0: CTRL-EVENT-SCAN-STARTED
wlp5s0: CTRL-EVENT-SCAN-STARTED
wlp5s0: SME: Trying to authenticate with ec:26:ca:62:2e:94 (SSID='dyzdb' freq=2412 MHz)
wlp5s0: Trying to associate with ec:26:ca:62:2e:94 (SSID='dyzdb' freq=2412 MHz)
wlp5s0: Associated with ec:26:ca:62:2e:94
wlp5s0: CTRL-EVENT-REGDOM-CHANGE init=USER type=COUNTRY alpha2=CN
wlp5s0: WPA: Key negotiation completed with ec:26:ca:62:2e:94 [PTK=CCMP GTK=CCMP]
wlp5s0: CTRL-EVENT-CONNECTED - Connection to ec:26:ca:62:2e:94 completed [id=0 id_str=]
wlp5s0: WPA: Group rekeying completed with ec:26:ca:62:2e:94 [GTK=CCMP]
wlp5s0: WPA: Group rekeying completed with ec:26:ca:62:2e:94 [GTK=CCMP]
wlp5s0: WPA: Group rekeying completed with ec:26:ca:62:2e:94 [GTK=CCMP]
wlp5s0: WPA: Group rekeying completed with ec:26:ca:62:2e:94 [GTK=CCMP]
wlp5s0: WPA: Group rekeying completed with ec:26:ca:62:2e:94 [GTK=CCMP]
wlp5s0: WPA: Group rekeying completed with ec:26:ca:62:2e:94 [GTK=CCMP]
好了就到这里吧,有了这些信息,我想实现一个WPA的网络管理工具已经足够了,余下来的就是时间的问题了。
俺真的没有太多的时间。时间都去哪里了,每个项目都很紧,很急。没有时间让我做得更加完美。
唉。。。。。。。。。。。。。。。。。。。。。。。。
by zhangshaoyan at May 20,2015.
原来这些命令都有呀,老天呀!!!!而且用小写也行呀。
你知道按住Shift打大写字母是多少的费力呀。!
> help
commands:
status [verbose] = get current WPA/EAPOL/EAP status 这个前面用过
ifname = get current interface name
ping = pings wpa_supplicant
relog = re-open log-file (allow rolling logs)
note <text> = add a note to wpa_supplicant debug log
mib = get MIB variables (dot1x, dot11)
help [command] = show usage help
interface [ifname] = show interfaces/select interface
level <debug level> = change debug level
license = show full wpa_cli license
quit = exit wpa_cli
set = set variables (shows list of variables when run without arguments)
get <name> = get information
logon = IEEE 802.1X EAPOL state machine logon
logoff = IEEE 802.1X EAPOL state machine logoff
pmksa = show PMKSA cache
reassociate = force reassociation 这个前面用过
reattach = force reassociation back to the same BSS
preauthenticate <BSSID> = force preauthentication
identity <network id> <identity> = configure identity for an SSID
password <network id> <password> = configure password for an SSID
new_password <network id> <password> = change password for an SSID
pin <network id> <pin> = configure pin for an SSID
otp <network id> <password> = configure one-time-password for an SSID
passphrase <network id> <passphrase> = configure private key passphrase
for an SSID
sim <network id> <pin> = report SIM operation result
bssid <network id> <BSSID> = set preferred BSSID for an SSID
blacklist <BSSID> = add a BSSID to the blacklist
blacklist clear = clear the blacklist
blacklist = display the blacklist
log_level <level> [<timestamp>] = update the log level/timestamp
log_level = display the current log level and log options
list_networks = list configured networks 这个前面用过
select_network <network id> = select a network (disable others) 这个前面用过
enable_network <network id> = enable a network 这个前面用过
disable_network <network id> = disable a network
add_network = add a network 这个前面用过
remove_network <network id> = remove a network
set_network <network id> <variable> <value> = set network variables (shows
list of variables when run without arguments)
get_network <network id> <variable> = get network variables
dup_network <src network id> <dst network id> <variable> = duplicate network variables
list_creds = list configured credentials
add_cred = add a credential
remove_cred <cred id> = remove a credential
set_cred <cred id> <variable> <value> = set credential variables
get_cred <cred id> <variable> = get credential variables
save_config = save the current configuration
disconnect = disconnect and wait for reassociate/reconnect command before
connecting
reconnect = like reassociate, but only takes effect if already disconnected
scan = request new BSS scan 这个前面用过
scan_results = get latest scan results 这个前面用过
bss <<idx> | <bssid>> = get detailed scan result info
get_capability <eap/pairwise/group/key_mgmt/proto/auth_alg/channels/freq/modes> = get capabilies 这个前面用过
reconfigure = force wpa_supplicant to re-read its configuration file
terminate = terminate wpa_supplicant
interface_add <ifname> <confname> <driver> <ctrl_interface> <driver_param>
<bridge_name> = adds new interface, all parameters but <ifname>
are optional
interface_remove <ifname> = removes the interface
interface_list = list available interfaces
ap_scan <value> = set ap_scan parameter
scan_interval <value> = set scan_interval parameter (in seconds)
bss_expire_age <value> = set BSS expiration age parameter
bss_expire_count <value> = set BSS expiration scan count parameter
bss_flush <value> = set BSS flush age (0 by default)
stkstart <addr> = request STK negotiation with <addr>
ft_ds <addr> = request over-the-DS FT with <addr>
wps_pbc [BSSID] = start Wi-Fi Protected Setup: Push Button Configuration
wps_pin <BSSID> [PIN] = start WPS PIN method (returns PIN, if not hardcoded)
wps_check_pin <PIN> = verify PIN checksum
wps_cancel Cancels the pending WPS operation
wps_nfc [BSSID] = start Wi-Fi Protected Setup: NFC
wps_nfc_config_token <WPS|NDEF> = build configuration token
wps_nfc_token <WPS|NDEF> = create password token
wps_nfc_tag_read <hexdump of payload> = report read NFC tag with WPS data
nfc_get_handover_req <NDEF> <WPS> = create NFC handover request
nfc_get_handover_sel <NDEF> <WPS> = create NFC handover select
nfc_report_handover <role> <type> <hexdump of req> <hexdump of sel> = report completed NFC handover
wps_reg <BSSID> <AP PIN> = start WPS Registrar to configure an AP
wps_ap_pin [params..] = enable/disable AP PIN
wps_er_start [IP address] = start Wi-Fi Protected Setup External Registrar
wps_er_stop = stop Wi-Fi Protected Setup External Registrar
wps_er_pin <UUID> <PIN> = add an Enrollee PIN to External Registrar
wps_er_pbc <UUID> = accept an Enrollee PBC using External Registrar
wps_er_learn <UUID> <PIN> = learn AP configuration
wps_er_set_config <UUID> <network id> = set AP configuration for enrolling
wps_er_config <UUID> <PIN> <SSID> <auth> <encr> <key> = configure AP
wps_er_nfc_config_token <WPS/NDEF> <UUID> = build NFC configuration token
ibss_rsn <addr> = request RSN authentication with <addr> in IBSS
sta <addr> = get information about an associated station (AP)
all_sta = get information about all associated stations (AP)
deauthenticate <addr> = deauthenticate a station
disassociate <addr> = disassociate a station
chan_switch <cs_count> <freq> [sec_channel_offset=] [center_freq1=] [center_freq2=] [bandwidth=] [blocktx] [ht|vht] = CSA parameters
suspend = notification of suspend/hibernate
resume = notification of resume/thaw
roam <addr> = roam to the specified BSS
p2p_find [timeout] [type=*] = find P2P Devices for up-to timeout seconds
p2p_stop_find = stop P2P Devices search
p2p_connect <addr> <"pbc"|PIN> [ht40] = connect to a P2P Device
p2p_listen [timeout] = listen for P2P Devices for up-to timeout seconds
p2p_group_remove <ifname> = remove P2P group interface (terminate group if GO)
p2p_group_add [ht40] = add a new P2P group (local end as GO)
p2p_prov_disc <addr> <method> = request provisioning discovery
p2p_get_passphrase = get the passphrase for a group (GO only)
p2p_serv_disc_req <addr> <TLVs> = schedule service discovery request
p2p_serv_disc_cancel_req <id> = cancel pending service discovery request
p2p_serv_disc_resp <freq> <addr> <dialog token> <TLVs> = service discovery response
p2p_service_update = indicate change in local services
p2p_serv_disc_external <external> = set external processing of service discovery
p2p_service_flush = remove all stored service entries
p2p_service_add <bonjour|upnp> <query|version> <response|service> = add a local service
p2p_service_del <bonjour|upnp> <query|version> [|service] = remove a local service
p2p_reject <addr> = reject connection attempts from a specific peer
p2p_invite <cmd> [peer=addr] = invite peer
p2p_peers [discovered] = list known (optionally, only fully discovered) P2P peers
p2p_peer <address> = show information about known P2P peer
p2p_set <field> <value> = set a P2P parameter
p2p_flush = flush P2P state
p2p_cancel = cancel P2P group formation
p2p_unauthorize <address> = unauthorize a peer
p2p_presence_req [<duration> <interval>] [<duration> <interval>] = request GO presence
p2p_ext_listen [<period> <interval>] = set extended listen timing
p2p_remove_client <address|iface=address> = remove a peer from all groups
wfd_subelem_set <subelem> [contents] = set Wi-Fi Display subelement
wfd_subelem_get <subelem> = get Wi-Fi Display subelement
sta_autoconnect <0/1> = disable/enable automatic reconnection
tdls_discover <addr> = request TDLS discovery with <addr>
tdls_setup <addr> = request TDLS setup with <addr>
tdls_teardown <addr> = tear down TDLS with <addr>
signal_poll = get signal parameters
pktcnt_poll = get TX/RX packet counters
reauthenticate = trigger IEEE 802.1X/EAPOL reauthentication
raw <params..> = Sent unprocessed command
flush = flush wpa_supplicant state
radio_work = radio_work <show/add/done>
vendor <vendor id> <command id> [<hex formatted command argument>] = Send vendor command
>
//