# WPA-SEC multiple improvements
This commit is a nearly complete rewrite of the wpa-sec plugin to add features and fix bugs.
Below I try to summarize my changes by dividing them into subchapters.
## Uploading handshakes and tracking their status
The most notable improvement brought by this commit is definitely the drastic increase in handshakes that are actually uploaded to the wpa-sec website.
There are several reasons why a handshake may be invalid and therefore rejected by the wpa-sec website, including:
- too much distance from the clients did not allow to capture all the packets needed to crack the handshake;
- the uploaded pcap file was not yet completed, for example because the pwnagotchi had started writing it when it sent the association frame to the AP but the AP had never responded with the PMKID.
The wpa-sec plugin implementation prior to this commit, uploaded any pcap file contained in the handshakes folder (even if its capture was not completed or if the file was still being written) and did not check the response from the wpa-sec website. If an invalid handshake was uploaded, it was still marked as reported by the plugin and was not retried in subsequent captures.
Additionally, this approach suffered from performance and reliability issues:
- as the number of pcap files in the handshakes folder increased, it became longer and longer to iterate
- the list of handshakes already uploaded was saved in a json file. This list was loaded into memory, so it took up more and more RAM as the number of handshakes increased. If pwnagotchi was turned off during writing, the json file was irreparably corrupted.
This commit instead uses a sqlite db to store the status of uploads, which should be a better choice from the point of view of performance, memory usage, and reliability.
Files are added to the database with status `TOUPLOAD` only when pwnagotchi calls the `on_handshake` function, that is, when it is guaranteed that a handshake has been captured and that writing to the pcap file has finished.
When there is an internet connection, all files with status `TOUPLOAD` are uploaded and the response of the wpa-sec API is checked. If a handshake is rejected by the website, it is marked with status `INVALID` and at the next capture it is set back to `TOUPLOAD` so it will be retried.
## Download cracked passwords into .pcap.cracked single files
The new `single_files` option is implemented in the `config.toml` file. This option (which already existed for the Onlinehashcrack plugin), if set to `true`, downloads the cracked passwords from the wpasec website into individual files with the `.pcap.cracked` extension, so you can see the cracked WiFi passwords directly in the webgpsmap plugin map.
## Download interval
This option was implemented by the commit aluminum-ice/pwnagotchi@b1343b2 and allows you to decide how often to download passwords cracked by wpa-sec. I have adjusted the implementation to make it falls back to the default value of 3600 without crashing the plugin if the option is not set in the `config.toml` file.
## On_webook
The previous implementation of the `on_webhook` function before this commit was broken. When clicking the plugin name in the Plugins tab of the pwnagotchi web UI, you were not actually authenticated to the wpa-sec website, because the code was trying to set the cookie containing the API key on the remote website's origin, so it was obviously not allowed to create cookies due to the Same Origin Policy. The new code implemented by this commit actually authenticates to the wpa-sec website by simulating entering the API key in the website's login form.
## Log messages and exception handling
While rewriting the code I improved the log messages and exception handling (for example, by using the `logging.exception()` method, which prints the exception stacktrace to the logs for easier debugging). Also, this plugin now writes a logging info every time it uploads an handshake to the wpa-sec website, because in my opinion this is a sensitive operation and should be logged.
This commit is a nearly complete rewrite of the webgpsmap plugin frontend to improve responsible design on mobile devices and usability and performance even with hundreds of thousands of markers on the map.
In detail, the following changes have been made:
- updated javascript libraries
- improved screen space management and responsive design (rewriting the html code in modern HTML5 using flexbox correctly)
- calibrated layers max zoom and markerClusterGroup settings to improve map usability based on the Access Point marker size
- the search field now shows an X button to clear the field in browsers that support it (e.g. Chrome)
- added first seen and last seen dates for each AP on the map
- added scale to the map
- implemented current location via leaflet-locatecontrol library (only in secure contexts)
- added offline map download button
- various tricks to improve performance in the case of maps with numerous APs (use of template literals, reduced complexity in creating and applying search filter, ...)
- improved code readability and general refactor (e.g., better subdivision into functions, removed unused or useless code, improved indentation, updated comments, moved variables as much as possible inside their scope)
