Aircrack-ng

User Tools

Site Tools

Trace:
airtun-ng

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revisionBoth sides next revision
airtun-ng [2009/08/17 00:29] – Add WDS support aspjairtun-ng [2009/08/17 00:50] – Added chapter with WDS/Bridge mode instructions and examples aspj
Line 153: Line 153:
  
 Please note that the file contents are transmitted exactly as is.  You may ignore the message "FromDS bit set in all frames" The flags nor any other field are modified while  transmitting the file contents. Please note that the file contents are transmitted exactly as is.  You may ignore the message "FromDS bit set in all frames" The flags nor any other field are modified while  transmitting the file contents.
 +
 +==== Tunneling traffic into WDS networks or WiFi Bridges ====
 +
 +If you use a recent version of airtun-ng, you can use its WDS support to inject traffic into WDS networks and WiFi bridges.
 +Bridges are pretty secure since traffic may be sniffed, but it is impossible to connect with them to send data into the networks.
 +This is where airtun-ng comes into the game. With airtun-ng you can impersonate either of the two endpoints to interact with the other one. Lets assume you can only see one node of the bridge, this is how you can check if an attacker could inject traffic into this side of the network:
 +
 +   * There are two nodes AA:AA:AA:AA:AA:AA and BB:BB:BB:BB:BB:BB.
 +   * Your attacking client can only send to and receive from node A.
 +   * In this case you will only see packets with Transmitter = A and Receiver = B on your interface.
 +   * If you impersonate node B, you could inject traffic into the network behind node A.
 +
 +This is how to setup airtun-ng for this scenario:
 +
 +   airtun-ng -t 2 ath0 -s BB:BB:BB:BB:BB:BB -a AA:AA:AA:AA:AA:AA -i ath0
 +
 +If you are able to see both sides of a WDS/Bridge network, you can enable bidirectional mode. This enables communication with both endpoint's networks. Be aware that bidirectional mode keeps track of clients behind each node in a list in memory, since it needs to know to which of the two endpoints it needs to send a packet to reach a certain client. If you use an embedded system, or there are large amounts of clients connected, this may slow down your machine.
 +
 +   airtun-ng -t 2 ath0 -s BB:BB:BB:BB:BB:BB -a AA:AA:AA:AA:AA:AA -i ath0 -b
 +
 +WDS mode is fully compatible with WEP encryption, so you can use the -w and -y flags as usual.
 +However, Repeater Mode hasn't been tested with WDS.
  
 ===== Usage Tips ===== ===== Usage Tips =====
airtun-ng.txt · Last modified: 2015/04/12 23:15 by mister_x