Add support for WPA2 Enterprise networks in WIFI_CLIENT

boot/boot_P4wnP1

@@ -129,8 +129,7 @@ fi
 
 # change hostname to make P4wnP1 resolveable on "name.local"
 if $WIFI || $USB_ETHERNET; then
-	hostname="MAME82-P4WNP1"
-
+	hostname=$P4WNP1_HOSTNAME # Makes hostname configurable
 	hostname $hostname
 	echo $hostname > /etc/hostname
 

boot/init_usb.sh

@@ -63,9 +63,9 @@ function init_usb()
 	echo "deadbeefdeadbeef" > strings/0x409/serialnumber
 #	echo "deadbeefdeadbe11" > strings/0x409/serialnumber
 	# set manufacturer
-	echo "MaMe82" > strings/0x409/manufacturer
+	echo $USB_MANUFACTURER > strings/0x409/manufacturer
 	# set product
-	echo "P4wnP1 by MaMe82" > strings/0x409/product
+	echo $USB_PRODUCT_NAME > strings/0x409/product
 
 	# create configuration instance (for RNDIS, ECM and HDI in a SINGLE CONFIGURATION to support Windows composite device enumeration)
 	# ================================================================================================================================

boot/init_wifi.sh

@@ -215,6 +215,25 @@ function generate_wpa_entry()
 	res=$(wpa_passphrase "$1" "$2") && echo "$res" | grep -v -e "#psk"
 }
 
+function generate_wpa_enterprise_entry()
+{
+
+	#wpa_passphrase $1 $2 | grep -v -e "#psk"
+	# output result only if valid password was used (8..63 characters)
+	echo "network={
+    	ssid=\"$1\"
+		scan_ssid=1
+    	key_mgmt=WPA-EAP
+    	group=CCMP TKIP
+    	eap=PEAP
+    	identity=\"$2\"
+    	password=\"$3\"
+    	phase1=\"peapver=0\"
+    	phase2=\"MSCHAPV2\"
+}"
+
+}
+
 function scan_for_essid()
 {
 	# scan for given ESSID, needs root privs (sudo appended to allow running from user pi if needed)
@@ -228,6 +247,9 @@ function scan_for_essid()
 			# check for PSK CCMP
 			if (echo "$scanres" | grep -q -e "CCMP" && echo "$scanres" | grep -q -e "PSK"); then
 				echo "WPA2_PSK" # confirm WPA2 usage
+			# check for WPA2 enterprise
+			elif (echo "$scanres" | grep -q -e "CCMP" && echo "$scanres" | grep -q -e "802.1x"); then
+				echo "WPA2_802"
 			else
 				echo "WPA2 no CCMP PSK"
 			fi
@@ -252,9 +274,13 @@ function generate_wpa_supplicant_conf()
 	# if
 	#	WIFI_CLIENT_STORE_NETWORK == false
 	# delete the network entry, to overwrite the old entry in next step (but don't store it later on)
-
-	generate_wpa_entry "$1" "$2" > /tmp/current_wpa.conf
-	sudo bash -c 'cat /tmp/current_wpa.conf >> /tmp/wpa_supplicant.conf'
+	if [ $3 == "WPA_PSK" ]; then
+		generate_wpa_entry "$1" "$2" > /tmp/current_wpa.conf
+		sudo bash -c 'cat /tmp/current_wpa.conf >> /tmp/wpa_supplicant.conf'
+	else
+		generate_wpa_enterprise_entry "$1" "$2" "$3" > /tmp/current_wpa.conf
+		sudo bash -c 'cat /tmp/current_wpa.conf >> /tmp/wpa_supplicant.conf'
+	fi
 
 	# ToDo: store the new network back to persistent config
 	# if
@@ -284,10 +310,16 @@ function start_wifi_client()
 		if [ "$res" == "WPA2_PSK" ]; then
 			echo "Network $WIFI_CLIENT_SSID found"
 			echo "... creating config"
-			generate_wpa_supplicant_conf "$WIFI_CLIENT_SSID" "$WIFI_CLIENT_PSK"
+			generate_wpa_supplicant_conf "$WIFI_CLIENT_SSID" "$WIFI_CLIENT_PSK" "$res" # Pass wifi auth type
 			echo "... connecting ..."
 			start_wpa_supplicant
 			return 0
+		elif [ "$res" == "WPA2_802" ]; then
+			echo "Network $WIFI_CLIENT_SSID found"
+			echo "... creating config"
+			generate_wpa_supplicant_conf "$WIFI_CLIENT_SSID" "$WIFI_CLIENT_USERNAME" "$WIFI_CLIENT_PASSWORD" "$res" # Pass wifi credentials instead of PSK
+			echo "... connecting ..."
+			start_wpa_supplicant
 		else
 			echo "Network $WIFI_CLIENT_SSID not found"
 			return 1 # indicate error

setup.cfg

@@ -5,6 +5,8 @@
 #   	these are the default settings
 #	the setting are only used, if not defined in the payload itself
 ###########################
+# A settings to change the internal hostname
+P4WNP1_HOSTNAME="MAME82-P4WNP1"
 
 # USB setup
 # ---------------------------
@@ -20,6 +22,11 @@ USE_HID_MOUSE=true            # if true HID mouse will be enabled
 USE_RAWHID=false         # if true a raw HID device will be enabled
 USE_UMS=false           # if true USB Mass Storage will be enabled
 
+# Settings to change USB manufacturer and product name which will appear
+# when the drivers are being installed on victim
+USB_MANUFACTURER="MaMe82"
+USB_PRODUCT_NAME="P4wnP1 by MaMe82"
+
 # ===========================================
 # Network and DHCP options USB over Ethernet
 # ===========================================
@@ -75,6 +82,8 @@ WIFI_CLIENT_SSID="Accespoint Name" # name of target network
 WIFI_CLIENT_PSK="AccessPoint password" # passphrase for target network
 WIFI_CLIENT_STORE_NETWORK=false # unused right now, should be used to store known networks, but priority has to be given if multiple known networks are present
 WIFI_CLIENT_OVERWRITE_PSK=true # unused right now, in case the network WIFI_CLIENT_STORE_NETWORK is set an existing PSK gets overwritten
+WIFI_CLIENT_USERNAME="Anon" # Username for WPA2 Enterprise
+WIFI_CLIENT_PASSWORD="Some password" # Password for WPA2 Enterprise
 
 # ==================================
 # Keyboard settings for HID keyboard