User Tools

Site Tools


airdrop-ng

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
Last revision Both sides next revision
airdrop-ng [2010/05/24 04:02]
thex1le created
airdrop-ng [2010/05/24 17:57]
thex1le
Line 10: Line 10:
 Dependencies: Dependencies:
  
-[*lorcon-old aka lorcon version 1 (already installed on BT4 final) +  * lorcon-old aka lorcon version 1 (already installed on BT4 final) 
- +  * pylorcon 
-[*pylorcon +  * A lorcon supported wireless card with monitor mode and injection
- +
-[*A lorcon supported wireless card with monitor mode and injection+
  
 Optional Dependencies: Optional Dependencies:
  
-[*pysco JIT+  * pysco JIT
  
-**********************+=====Installing lorcon=====
  
-* Installing lorcon *+Currently we only support the older version of lorcon you can download these files from the following svn link:
  
-********************** +  svn co http://802.11ninja.net/svn/lorcon/branch/lorcon-old
- +
-Currently we only support the older version of lorcon you can download +
- +
-these files from the following svn link: +
- +
-[*] svn co http://802.11ninja.net/svn/lorcon/branch/lorcon-old+
  
 If pylorcon reports import errors you need to run the following command: If pylorcon reports import errors you need to run the following command:
  
-[*] ln -s /usr/local/lib/liborcon-1.0.0.so /usr/lib+  ln -s /usr/local/lib/liborcon-1.0.0.so /usr/lib
  
 This will create a symlink to the directory that pylorcon looks in for This will create a symlink to the directory that pylorcon looks in for
Line 44: Line 36:
 ===== Usage ===== ===== Usage =====
  
-  airdecap-ng [options] <pcap file>+  airdrop-ng [options] <pcap file>
  
 ^Option^Param.^Description^ ^Option^Param.^Description^
Line 54: Line 46:
 |-d|Driver|Injection driver. Default is mac80211| |-d|Driver|Injection driver. Default is mac80211|
 |-s|sleep|Time to sleep between sending each packet| |-s|sleep|Time to sleep between sending each packet|
-|-b|debug| Turn on Rule Debugging|+|-b|debug|Turn on Rule Debugging|
 |-l|key|Enable Logging to a file, if file path not provided airdrop will log to default location| |-l|key|Enable Logging to a file, if file path not provided airdrop will log to default location|
 |-n|nap| Time to sleep between loops| |-n|nap| Time to sleep between loops|
  
 ===== Usage Examples ===== ===== Usage Examples =====
 + Start airdrop-ng on mon0 reading from airodump.csv and kick on the rules in rulefile.txt
 +    airdrop-ng -i mon0 -t airodump.csv -r rulefile.txt
  
-The following removes the wireless headers from an open network (no WEP)  +===== Rule File Configuration Examples =====
-capture: +
-  airdecap-ng -b 00:09:5B:10:BC:5A open-network.cap +
- +
-The following decrypts a WEP-encrypted capture using a hexadecimal WEP  +
-key: +
-  airdecap-ng -w 11A3E229084349BC25D97E2939 wep.cap +
- +
-The following decrypts a WPA/WPA2 encrypted capture using the  +
-passphrase: +
-  airdecap-ng -e 'the ssid' -p passphrase  tkip.cap +
- +
-===== Usage Tips ===== +
- +
-Rule File Configuration Examples +
- +
-#[comments] +
-#All lines in this page are commented out +
-# The # symbol at the front of a line denotes a commented line +
-#airdrop-ng.py rule configuration file +
-#a is allow +
-#d is deny +
-#format is (a or d)/bssid|(any or client mac or list of client macs in format of mac1,mac2,mac3) +
- +
-#it is not wise to mix rule types for example +
-#d/any|00:17:AB:5C:DE:3A,00:1B:63:00:60:C4,apple +
-#While i may work i have no idea result it will have and at this time is not recomended +
- +
-#EX d/bssid|mac1,mac2  #note this is not a valid rule just shows format the / and | placement do matter +
- +
-#MORE EXAMPLE RULES +
-#d/00:1F:90:CA:0B:74|00:18:41:75:8E:4B +
-#deny rule with a single client +
- +
-#d/any|00:21:E9:3D:EB:45,00:17:AB:5C:DE:3A,00:1B:63:00:60:C4 +
-#a deny rule for several clients on any AP +
- +
-#d/any|any +
-#a global deny any any rule +
- +
-#A/00:17:3F:3A:F0:7E|00:21:E9:3D:EB:45,00:17:AB:5C:DE:3A,00:1B:63:00:60:C4 +
-#an allow rule with multiple clients +
- +
-#D/00-1E-58-00-FF-5E|00:19:7E:9A:66:96 +
-#another deny rule with a differnt mac format +
- +
-#d/12:02:DC:02:10:00|any +
-#a bssid deny any client rule +
- +
-#a/any|any +
-#a global allow, no idea why you would wanna use this ;) +
- +
-#oui examples +
- +
-#d/any|Apple, Inc;APPLE COMPUTER;APPLE COMPUTER, INC.;Apple Computer Inc.;APPLE COMPUTER INC.;APPLE, INC +
-#d/any|apple +
- +
-#d/action|broadcom #kicks only broadcom devices off actiontech routers +
- +
-#d/00:1F:3C|any #kicks all clients that match that oui +
- +
-#d/action|00:1F:3C kick any clinets off an actiontec router that match the oui +
- +
-#d/action|00:21:E9:3D:EB:45,00:17:AB:5C:DE:3A,00:1B:63:00:60:C4 #kick the following clients off an any actiontech router+
  
-#d/00:17:3F:3A:F0:7E|apple kick any apple device off that ap+  #[comments] 
 +  #All lines in this page are commented out 
 +  # The # symbol at the front of a line denotes a commented line 
 +  #airdrop-ng.py rule configuration file 
 +  #a is allow 
 +  #d is deny 
 +  #format is (a or d)/bssid|(any or client mac or list of client macs in format of mac1,mac2,mac3) 
 +   
 +  #it is not wise to mix rule types for example 
 +  #d/any|00:17:AB:5C:DE:3A,00:1B:63:00:60:C4,apple 
 +  #While it may work i have no idea result it will have and at this time is not recomended 
 +   
 +  #EX d/bssid|mac1,mac2  #note this is not a valid rule just shows format the / and | placement do matter 
 +   
 +  #MORE EXAMPLE RULES 
 +  #d/00:1F:90:CA:0B:74|00:18:41:75:8E:4B 
 +  #deny rule with a single client 
 +   
 +  #d/any|00:21:E9:3D:EB:45,00:17:AB:5C:DE:3A,00:1B:63:00:60:C4 
 +  #a deny rule for several clients on any AP 
 +   
 +  #d/any|any 
 +  #a global deny any any rule 
 +   
 +  #A/00:17:3F:3A:F0:7E|00:21:E9:3D:EB:45,00:17:AB:5C:DE:3A,00:1B:63:00:60:C4 
 +  #an allow rule with multiple clients 
 +   
 +  #D/00-1E-58-00-FF-5E|00:19:7E:9A:66:96 
 +  #another deny rule with a differnt mac format 
 +   
 +  #d/12:02:DC:02:10:00|any 
 +  #a bssid deny any client rule 
 +   
 +  #a/any|any 
 +  #a global allow, no idea why you would wanna use this ;) 
 +   
 +  #oui examples 
 +   
 +  #d/any|Apple, Inc;APPLE COMPUTER;APPLE COMPUTER, INC.;Apple Computer Inc.;APPLE COMPUTER INC.;APPLE, INC 
 +  #d/any|apple 
 +   
 +  #d/action|broadcom #kicks only broadcom devices off actiontech routers 
 +   
 +  #d/00:1F:3C|any #kicks all clients that match that oui 
 +   
 +  #d/action|00:1F:3C kick any clinets off an actiontec router that match the oui 
 +   
 +  #d/action|00:21:E9:3D:EB:45,00:17:AB:5C:DE:3A,00:1B:63:00:60:C4 #kick the following clients off an any actiontech router 
 +   
 +  #d/00:17:3F:3A:F0:7E|apple kick any apple device off that ap
  
airdrop-ng.txt · Last modified: 2010/11/21 16:29 by sleek