User Tools

Site Tools


airtun-ng

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
airtun-ng [2010/03/07 23:17]
mister_x link to FAQ
airtun-ng [2015/04/12 23:15]
mister_x Updated usage.
Line 8: Line 8:
 In order to perform wIDS data gathering, you must have the encryption key and the bssid for the network you wish to monitor. Airtun-ng decrypts all the traffic for the specific network and passes it to a traditional IDS system such as [[http://​www.snort.org|snort]]. In order to perform wIDS data gathering, you must have the encryption key and the bssid for the network you wish to monitor. Airtun-ng decrypts all the traffic for the specific network and passes it to a traditional IDS system such as [[http://​www.snort.org|snort]].
  
-Traffic injection can be fully bidirectional if you have the full encyption ​key. It is outgoing unidirectional if you have the PRGA obtained via [[korek_chopchop|chopchop]] or [[fragmentation]] attacks. The prime advantage of airtun-ng over the other injection tools in the aircrack-ng suite is that you may use any tool subsequently to create, inject or sniff packets.+Traffic injection can be fully bidirectional if you have the full encryption ​key. It is outgoing unidirectional if you have the PRGA obtained via [[korek_chopchop|chopchop]] or [[fragmentation]] attacks. The prime advantage of airtun-ng over the other injection tools in the aircrack-ng suite is that you may use any tool subsequently to create, inject or sniff packets.
  
 Airtun-ng also has repeater and tcpreplay-type functionality. ​ There is a repeater function which allows you to replay all traffic sniffed through a wireless device (interface specified by -i at0) and optionally filter the traffic by a bssid together with a network mask and replay the remaining traffic. ​ While doing this, you can still use the tun interface while repeating. ​ As well, a pcap file read feature allows you to replay stored pcap-format packet captures just the way you captured them in the first place. ​ This is essentially tcpreplay functionality for wifi. Airtun-ng also has repeater and tcpreplay-type functionality. ​ There is a repeater function which allows you to replay all traffic sniffed through a wireless device (interface specified by -i at0) and optionally filter the traffic by a bssid together with a network mask and replay the remaining traffic. ​ While doing this, you can still use the tun interface while repeating. ​ As well, a pcap file read feature allows you to replay stored pcap-format packet captures just the way you captured them in the first place. ​ This is essentially tcpreplay functionality for wifi.
Line 16: Line 16:
 ===== Usage ===== ===== Usage =====
  
- usage: airtun-ng <​options>​ <replay interface>​+ Usage: airtun-ng <​options>​ <replay interface>​
  
       *-x nbpps : maximum number of packets per second (optional)       *-x nbpps : maximum number of packets per second (optional)
-      *-a bssid : set Access Point MAC address (mandatory)+      *-a bssid : set Access Point MAC address (mandatory). In WDS Mode this sets the Receiver
       *-i iface : capture packets from this interface (optional)       *-i iface : capture packets from this interface (optional)
       *-y file : read PRGA from this file (optional / one of -y or -w must be defined)       *-y file : read PRGA from this file (optional / one of -y or -w must be defined)
       *-w wepkey : use this WEP-KEY to encrypt packets (optional / one of -y or -w must be defined)       *-w wepkey : use this WEP-KEY to encrypt packets (optional / one of -y or -w must be defined)
-      *-t tods : send frames to AP (1) or to client (0) (optional ​defaults to 0)+      ​*-p pass : use this WPA passphrase to decrypt packets (use with -a and -e) 
 +      *-e essid : target network SSID (use with -p) 
 +      ​*-t tods : send frames to AP (1) or to client (0) or tunnel them into a WDS/Bridge (2)
       *-r file : read frames out of pcap file (optional)       *-r file : read frames out of pcap file (optional)
       *-h MAC  : source MAC address       *-h MAC  : source MAC address
       *-H      : Display help.  Long form --help       *-H      : Display help.  Long form --help
 +
 +WDS/Bridge Mode options:
 +  *-s transmitter : set Transmitter MAC address for WDS Mode
 +  *-b : bidirectional mode. This enables communication in Transmitter'​s AND Receiver'​s networks. Works only if you can see both stations.
  
 Repeater options (the following all require double dashes): Repeater options (the following all require double dashes):
Line 52: Line 58:
    ​FromDS bit set in all frames.    ​FromDS bit set in all frames.
  
-You notice above that it created the **at0** interface. Switch to another console ​sesssion ​and you must now bring this interface up in order to use it:+You notice above that it created the **at0** interface. Switch to another console ​session ​and you must now bring this interface up in order to use it:
  
    ​ifconfig at0 up    ​ifconfig at0 up
Line 203: Line 209:
 ==== Error creating tap interface: Permission denied ==== ==== Error creating tap interface: Permission denied ====
  
-See the followin ​[[faq#​why_do_i_get_error_creating_tap_interfacepermission_denied_or_a_similar_message|FAQ entry]].+See the following ​[[faq#​why_do_i_get_error_creating_tap_interfacepermission_denied_or_a_similar_message|FAQ entry]].
  
airtun-ng.txt · Last modified: 2015/04/12 23:15 by mister_x