User Tools

Site Tools


airtun-ng

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Last revision Both sides next revision
airtun-ng [2010/03/07 23:36]
darkaudax Fixed typo
airtun-ng [2010/11/21 16:14]
sleek typos
Line 8: Line 8:
 In order to perform wIDS data gathering, you must have the encryption key and the bssid for the network you wish to monitor. Airtun-ng decrypts all the traffic for the specific network and passes it to a traditional IDS system such as [[http://​www.snort.org|snort]]. In order to perform wIDS data gathering, you must have the encryption key and the bssid for the network you wish to monitor. Airtun-ng decrypts all the traffic for the specific network and passes it to a traditional IDS system such as [[http://​www.snort.org|snort]].
  
-Traffic injection can be fully bidirectional if you have the full encyption ​key. It is outgoing unidirectional if you have the PRGA obtained via [[korek_chopchop|chopchop]] or [[fragmentation]] attacks. The prime advantage of airtun-ng over the other injection tools in the aircrack-ng suite is that you may use any tool subsequently to create, inject or sniff packets.+Traffic injection can be fully bidirectional if you have the full encryption ​key. It is outgoing unidirectional if you have the PRGA obtained via [[korek_chopchop|chopchop]] or [[fragmentation]] attacks. The prime advantage of airtun-ng over the other injection tools in the aircrack-ng suite is that you may use any tool subsequently to create, inject or sniff packets.
  
 Airtun-ng also has repeater and tcpreplay-type functionality. ​ There is a repeater function which allows you to replay all traffic sniffed through a wireless device (interface specified by -i at0) and optionally filter the traffic by a bssid together with a network mask and replay the remaining traffic. ​ While doing this, you can still use the tun interface while repeating. ​ As well, a pcap file read feature allows you to replay stored pcap-format packet captures just the way you captured them in the first place. ​ This is essentially tcpreplay functionality for wifi. Airtun-ng also has repeater and tcpreplay-type functionality. ​ There is a repeater function which allows you to replay all traffic sniffed through a wireless device (interface specified by -i at0) and optionally filter the traffic by a bssid together with a network mask and replay the remaining traffic. ​ While doing this, you can still use the tun interface while repeating. ​ As well, a pcap file read feature allows you to replay stored pcap-format packet captures just the way you captured them in the first place. ​ This is essentially tcpreplay functionality for wifi.
Line 52: Line 52:
    ​FromDS bit set in all frames.    ​FromDS bit set in all frames.
  
-You notice above that it created the **at0** interface. Switch to another console ​sesssion ​and you must now bring this interface up in order to use it:+You notice above that it created the **at0** interface. Switch to another console ​session ​and you must now bring this interface up in order to use it:
  
    ​ifconfig at0 up    ​ifconfig at0 up
airtun-ng.txt ยท Last modified: 2015/04/12 23:15 by mister_x