10 files changed, 45 insertions, 6 deletions

diff --git a/recon/wifi_inspector/.gitignore b/recon/inspect_wifi/.gitignore
index 05ba1603..05ba1603 100644
--- a/recon/wifi_inspector/.gitignore
+++ b/recon/inspect_wifi/.gitignore
diff --git a/recon/wifi_inspector/README.md b/recon/inspect_wifi/README.md
index 3e0d8dce..3e0d8dce 100644
--- a/recon/wifi_inspector/README.md
+++ b/recon/inspect_wifi/README.md
diff --git a/recon/wifi_inspector/TODO b/recon/inspect_wifi/TODO
index ddd59818..ddd59818 100644
--- a/recon/wifi_inspector/TODO
+++ b/recon/inspect_wifi/TODO
diff --git a/recon/wifi_inspector/inspector_wifi b/recon/inspect_wifi/inspector_wifi
index 06f37ddb..06f37ddb 100755
--- a/recon/wifi_inspector/inspector_wifi
+++ b/recon/inspect_wifi/inspector_wifi
diff --git a/recon/wifi_inspector/plugins/01open b/recon/inspect_wifi/plugins/01open
index 881f47ea..881f47ea 100755
--- a/recon/wifi_inspector/plugins/01open
+++ b/recon/inspect_wifi/plugins/01open
diff --git a/recon/wifi_inspector/plugins/02alice b/recon/inspect_wifi/plugins/02alice
index 65ab34b1..f30acc3a 100755
--- a/recon/wifi_inspector/plugins/02alice
+++ b/recon/inspect_wifi/plugins/02alice
@@ -11,7 +11,10 @@ cd $(dirname $(readlink -f $0))
 
 parse_plugin_args "$@"
 
-! check_vendor_mac $VENDOR_MAC "00255E" && echo "$VENDOR_MAC not affected" && exit 1
+if ! check_vendor_mac $VENDOR_MAC "00255E" ;then
+  echo "$VENDOR_MAC not affected"
+  exit 1
+fi
 
 # printf always makes string to lower, need that for correct md5sum
 ETHMAC=$( printf "%012x" $((0x${MAC}-1)) ) 
diff --git a/recon/wifi_inspector/plugins/02easybox b/recon/inspect_wifi/plugins/02easybox
index 3bb1ee86..58816f25 100755
--- a/recon/wifi_inspector/plugins/02easybox
+++ b/recon/inspect_wifi/plugins/02easybox
@@ -5,11 +5,10 @@ cd $(dirname $(readlink -f $0))
 . ./plugin_core
 parse_plugin_args "$@"
 
-if ! echo "$ESSID" | egrep -i "(EasyBox-|Arcor-|Vodafone-)" >/dev/null; then
+if ! echo "$ESSID" | grep -q '\(EasyBox-\|Arcor-\|Vodafone-\)'; then
     echo "Essid $ESSID is not Default EasyBox|Arcor|Vodafone" 
     exit 1
 else
-
     # Fill up to 4 places with zeros, if necessary:
     deci=$(printf "%04d" "0x${MAC:8:4}" | sed 's/.*\(....\)/\1/;s/./& /g')
     #
diff --git a/recon/wifi_inspector/plugins/02tplink b/recon/inspect_wifi/plugins/02tplink
index 751ec209..522c0845 100755
--- a/recon/wifi_inspector/plugins/02tplink
+++ b/recon/inspect_wifi/plugins/02tplink
@@ -8,10 +8,17 @@ cd $(dirname $(readlink -f $0))
 
 parse_plugin_args "$@"
 
-! check_vendor_mac $VENDOR_MAC "F8D111" && echo "$VENDOR_MAC not affected" && exit 1
-! echo $ESSID | egrep  -q '^tp' && echo "$ESSID not affected" && exit 1
+if ! check_vendor_mac $VENDOR_MAC F8D111; then
+  echo "$VENDOR_MAC not affected"
+  exit 1
+fi
+
+if echo "$ESSID" | grep -q '^tp'; then
+  echo "$ESSID not affected" 
+  exit 1
+fi
 
 
 # printf always makes string to lower, need that for correct md5sum
-printf ${MAC:4:12} 
+printf "${MAC:4:12}" 
 exit 0
diff --git a/recon/inspect_wifi/plugins/11belkin_wps b/recon/inspect_wifi/plugins/11belkin_wps
new file mode 100755
index 00000000..65448ad0
--- /dev/null
+++ b/recon/inspect_wifi/plugins/11belkin_wps
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+cd $(dirname $(readlink -f $0))
+. ./plugin_core
+parse_plugin_args "$@"
+
+if ! check_vendor_mac "$VENDOR_MAC" 002275 001CDF 09863B; then
+  echo "VENDOR MAC $VENDOR_MAC not affected" 
+  exit 1
+fi
+
+calc_belkin(){
+  PRIVATE_MAC=${1}
+  p=$((0x$PRIVATE_MAC % 10000000))
+    wps_pin_checksum(){
+      pin=$1
+      accum=0
+      while [ $pin -ne 0 ];do
+        accum=$((accum + (3 * (pin % 10)) ))
+        pin=$((pin/10))
+        accum=$((accum + pin %10 ))
+        pin=$((pin/10))
+      done
+      echo $(( (10 - accum % 10) % 10))
+    }
+  printf "%07d%d" $p $(wps_pin_checksum $p)
+  return 0
+}
+
+printf "WPS-PIN: %s" $(calc_belkin ${PRIVATE_MAC})
diff --git a/recon/wifi_inspector/plugins/plugin_core b/recon/inspect_wifi/plugins/plugin_core
index e79a3c05..e79a3c05 100644
--- a/recon/wifi_inspector/plugins/plugin_core
+++ b/recon/inspect_wifi/plugins/plugin_core