User Tools

Site Tools


airdrop-ng

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
airdrop-ng [2010/05/24 04:02]
thex1le created
airdrop-ng [2010/11/21 16:29]
sleek typos
Line 10: Line 10:
 Dependencies:​ Dependencies:​
  
-[*lorcon-old aka lorcon version 1 (already installed on BT4 final) +  ​* lorcon-old aka lorcon version 1 (already installed on BT4 final) 
- +  * pylorcon 
-[*pylorcon +  * A lorcon supported wireless card with monitor mode and injection
- +
-[*A lorcon supported wireless card with monitor mode and injection+
  
 Optional Dependencies:​ Optional Dependencies:​
  
-[*pysco JIT+  ​* pysco JIT
  
-**********************+=====Installing lorcon=====
  
-* Installing ​lorcon ​*+Currently we only support the older version of lorcon ​you can download these files from the following svn link:
  
-********************** +  ​svn co http://​802.11ninja.net/​svn/​lorcon/​branch/​lorcon-old
- +
-Currently we only support the older version of lorcon you can download +
- +
-these files from the following svn link: +
- +
-[*] svn co http://​802.11ninja.net/​svn/​lorcon/​branch/​lorcon-old+
  
 If pylorcon reports import errors you need to run the following command: If pylorcon reports import errors you need to run the following command:
  
-[*] ln -s /​usr/​local/​lib/​liborcon-1.0.0.so /usr/lib+  ​ln -s /​usr/​local/​lib/​liborcon-1.0.0.so /usr/lib
  
 This will create a symlink to the directory that pylorcon looks in for This will create a symlink to the directory that pylorcon looks in for
Line 44: Line 36:
 ===== Usage ===== ===== Usage =====
  
-  ​airdecap-ng [options] <pcap file>+  ​airdrop-ng [options] <pcap file>
  
 ^Option^Param.^Description^ ^Option^Param.^Description^
Line 54: Line 46:
 |-d|Driver|Injection driver. Default is mac80211| |-d|Driver|Injection driver. Default is mac80211|
 |-s|sleep|Time to sleep between sending each packet| |-s|sleep|Time to sleep between sending each packet|
-|-b|debug| Turn on Rule Debugging|+|-b|debug|Turn on Rule Debugging|
 |-l|key|Enable Logging to a file, if file path not provided airdrop will log to default location| |-l|key|Enable Logging to a file, if file path not provided airdrop will log to default location|
 |-n|nap| Time to sleep between loops| |-n|nap| Time to sleep between loops|
  
 ===== Usage Examples ===== ===== Usage Examples =====
 + Start airdrop-ng on mon0 reading from airodump.csv and kick on the rules in rulefile.txt
 +    airdrop-ng -i mon0 -t airodump.csv -r rulefile.txt
  
-The following removes the wireless headers from an open network (no WEP)  +===== Rule File Configuration Examples ​=====
-capture: +
-  airdecap-ng -b 00:​09:​5B:​10:​BC:​5A open-network.cap +
- +
-The following decrypts a WEP-encrypted capture using a hexadecimal WEP  +
-key: +
-  airdecap-ng -w 11A3E229084349BC25D97E2939 wep.cap +
- +
-The following decrypts a WPA/WPA2 encrypted capture using the  +
-passphrase:​ +
-  airdecap-ng -e 'the ssid' -p passphrase ​ tkip.cap +
- +
-===== Usage Tips ===== +
- +
-Rule File Configuration Examples +
- +
-#​[comments] +
-#All lines in this page are commented out +
-# The # symbol at the front of a line denotes a commented line +
-#​airdrop-ng.py rule configuration file +
-#a is allow +
-#d is deny +
-#format is (a or d)/​bssid|(any or client mac or list of client macs in format of mac1,​mac2,​mac3) +
- +
-#it is not wise to mix rule types for example +
-#​d/​any|00:​17:​AB:​5C:​DE:​3A,​00:​1B:​63:​00:​60:​C4,​apple +
-#While i may work i have no idea result it will have and at this time is not recomended +
- +
-#EX d/​bssid|mac1,​mac2 ​ #note this is not a valid rule just shows format the / and | placement do matter +
- +
-#MORE EXAMPLE RULES +
-#​d/​00:​1F:​90:​CA:​0B:​74|00:​18:​41:​75:​8E:​4B +
-#deny rule with a single client +
- +
-#​d/​any|00:​21:​E9:​3D:​EB:​45,​00:​17:​AB:​5C:​DE:​3A,​00:​1B:​63:​00:​60:​C4 +
-#a deny rule for several clients on any AP +
- +
-#​d/​any|any +
-#a global deny any any rule +
- +
-#​A/​00:​17:​3F:​3A:​F0:​7E|00:​21:​E9:​3D:​EB:​45,​00:​17:​AB:​5C:​DE:​3A,​00:​1B:​63:​00:​60:​C4 +
-#an allow rule with multiple clients +
- +
-#​D/​00-1E-58-00-FF-5E|00:​19:​7E:​9A:​66:​96 +
-#another deny rule with a differnt mac format +
- +
-#​d/​12:​02:​DC:​02:​10:​00|any +
-#a bssid deny any client rule +
- +
-#​a/​any|any +
-#a global allow, no idea why you would wanna use this ;) +
- +
-#oui examples +
- +
-#​d/​any|Apple,​ Inc;APPLE COMPUTER;​APPLE COMPUTER, INC.;Apple Computer Inc.;APPLE COMPUTER INC.;APPLE, INC +
-#​d/​any|apple +
- +
-#​d/​action|broadcom #kicks only broadcom devices off actiontech routers +
- +
-#​d/​00:​1F:​3C|any #kicks all clients that match that oui +
- +
-#​d/​action|00:​1F:​3C kick any clinets off an actiontec router that match the oui +
- +
-#​d/​action|00:​21:​E9:​3D:​EB:​45,​00:​17:​AB:​5C:​DE:​3A,​00:​1B:​63:​00:​60:​C4 #kick the following clients off an any actiontech router+
  
-#​d/​00:​17:​3F:​3A:​F0:​7E|apple kick any apple device off that ap+  #​[comments] 
 +  #All lines in this page are commented out 
 +  # The # symbol at the front of a line denotes a commented line 
 +  #​airdrop-ng.py rule configuration file 
 +  #a is allow 
 +  #d is deny 
 +  #format is (a or d)/​bssid|(any or client mac or list of client macs in format of mac1,​mac2,​mac3) 
 +   
 +  #it is not wise to mix rule types for example 
 +  #​d/​any|00:​17:​AB:​5C:​DE:​3A,​00:​1B:​63:​00:​60:​C4,​apple 
 +  #While it may work i have no idea result it will have and at this time is not recommended 
 +   
 +  #EX d/​bssid|mac1,​mac2 ​ #note this is not a valid rule just shows format the / and | placement do matter 
 +   
 +  #MORE EXAMPLE RULES 
 +  #​d/​00:​1F:​90:​CA:​0B:​74|00:​18:​41:​75:​8E:​4B 
 +  #deny rule with a single client 
 +   
 +  #​d/​any|00:​21:​E9:​3D:​EB:​45,​00:​17:​AB:​5C:​DE:​3A,​00:​1B:​63:​00:​60:​C4 
 +  #a deny rule for several clients on any AP 
 +   
 +  #​d/​any|any 
 +  #a global deny any any rule 
 +   
 +  #​A/​00:​17:​3F:​3A:​F0:​7E|00:​21:​E9:​3D:​EB:​45,​00:​17:​AB:​5C:​DE:​3A,​00:​1B:​63:​00:​60:​C4 
 +  #an allow rule with multiple clients 
 +   
 +  #​D/​00-1E-58-00-FF-5E|00:​19:​7E:​9A:​66:​96 
 +  #another deny rule with a different mac format 
 +   
 +  #​d/​12:​02:​DC:​02:​10:​00|any 
 +  #a bssid deny any client rule 
 +   
 +  #​a/​any|any 
 +  #a global allow, no idea why you would wanna use this ;) 
 +   
 +  #oui examples 
 +   
 +  #​d/​any|Apple,​ Inc;APPLE COMPUTER;​APPLE COMPUTER, INC.;Apple Computer Inc.;APPLE COMPUTER INC.;APPLE, INC 
 +  #​d/​any|apple 
 +   
 +  #​d/​action|broadcom #kicks only broadcom devices off actiontech routers 
 +   
 +  #​d/​00:​1F:​3C|any #kicks all clients that match that oui 
 +   
 +  #​d/​action|00:​1F:​3C kick any clinets off an actiontec router that match the oui 
 +   
 +  #​d/​action|00:​21:​E9:​3D:​EB:​45,​00:​17:​AB:​5C:​DE:​3A,​00:​1B:​63:​00:​60:​C4 #kick the following clients off an any actiontech router 
 +   
 +  ​#​d/​00:​17:​3F:​3A:​F0:​7E|apple kick any apple device off that ap
  
airdrop-ng.txt · Last modified: 2010/11/21 16:29 by sleek