User Tools

Site Tools


aireplay-ng

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
aireplay-ng [2009/09/26 21:06]
darkaudax Added links to new attacks
aireplay-ng [2018/03/11 19:06] (current)
mister_x updated link to bug tracker
Line 18: Line 18:
     * Attack 4: [[KoreK chopchop|KoreK chopchop attack]] ​     * Attack 4: [[KoreK chopchop|KoreK chopchop attack]] ​
     * Attack 5: [[Fragmentation|Fragmentation attack]]     * Attack 5: [[Fragmentation|Fragmentation attack]]
-    * Attack 6: [[cafe-latte|Cafe-latte attack]] ​(The documentation will be available shortly.) +    * Attack 6: [[cafe-latte|Cafe-latte attack]] 
-    * Attack 7: [[hirte|Client-oriented fragmentation attack]] ​(The documentation will be available shortly.)+    * Attack 7: [[hirte|Client-oriented fragmentation attack]] 
 +    * Attack 8: [[WPA Migration Mode]]
     * Attack 9: [[injection_test|Injection test]]     * Attack 9: [[injection_test|Injection test]]
  
 ===== Usage ===== ===== Usage =====
  
-This section provides a general overview. ​ Not all options apply to all attacks. ​ See the details of the sepcific ​attack for the relevant details.+This section provides a general overview. ​ Not all options apply to all attacks. ​ See the details of the specific ​attack for the relevant details.
  
 Usage: Usage:
Line 45: Line 46:
   *-w iswep  : frame control, WEP     bit   *-w iswep  : frame control, WEP     bit
  
-When replaying (injecting) packets, the following options apply. ​ Keep in mind that not every option is relevant for every attack. ​ The specific attack ​documention ​provides examples of the relevant options.+When replaying (injecting) packets, the following options apply. ​ Keep in mind that not every option is relevant for every attack. ​ The specific attack ​documentation ​provides examples of the relevant options.
  
 Replay options: Replay options:
Line 128: Line 129:
  
 These items apply to all modes of aireplay-ng. These items apply to all modes of aireplay-ng.
 +
 +==== aireplay-ng does not inject packets ====
 +Ensure you are using the correct monitor mode interface. ​ "​iwconfig"​ will show the wireless interfaces and their state. ​ For the mac80211 drivers, the monitor mode interface is typically "​mon0"​. ​ For ieee80211 madwifi-ng drivers, it is typically "​ath0"​. ​ For other drivers, the interface name may vary.
  
 ==== For madwifi-ng, ensure there are no other VAPs running ==== ==== For madwifi-ng, ensure there are no other VAPs running ====
Line 232: Line 236:
  
 For all of the above, running airodump-ng and the related text file should provide all the information you require identify and correct the problem. For all of the above, running airodump-ng and the related text file should provide all the information you require identify and correct the problem.
 +
 +
 +==== interfaceX is on channel Y, but the AP uses channel Z ====
 +
 +A typical example of this message is: "mon0 is on channel 1, but the AP uses channel 6"
 +
 +This means something is causing your card to channel hop.  Possible reasons is that failed to start airodump-ng locked to a single channel. ​ airodump-ng needs to be started with "-c <​channel-number>​.
 +
 +Another reason is that you have processes such as a network manager or wpa_supplicant channel hopping. ​ You must kill off all these processes. ​ See[airmon-ng] for details on checking what is running and how to kill the processes off.
  
 ==== General ==== ==== General ====
Line 247: Line 260:
   * If Prism2, make sure the firmware was updated.   * If Prism2, make sure the firmware was updated.
   * Ensure your are running the current stable version. ​ Some options are not available in older versions of the program. ​ Also, the current stable version contains many bug fixes.   * Ensure your are running the current stable version. ​ Some options are not available in older versions of the program. ​ Also, the current stable version contains many bug fixes.
-  * It does not hurt to check the [[http://trac.aircrack-ng.org/|Trac System]] to see if your "​problem"​ is actually a known bug in the current stable version. ​ Many times the current [[main#​development|development version]] has fixes to bugs within the current stable version.+  * It does not hurt to check the [[https://github.com/aircrack-ng/​aircrack-ng/​issues/|GitHub issues]] to see if your "​problem"​ is actually a known bug in the current stable version. ​ Many times the current [[main#​development|development version]] has fixes to bugs within the current stable version.
  
-===== Release Candidate or SVN Version Notes ===== 
- 
-This section ONLY applies the latest SVN version and to some release candidate versions of the aircrack-ng suite. ​ Once they are released as "​stable"​ then the documentation above will be updated. 
- 
-Changes: 
- 
-  * "-e <​ESSID>"​ is not needed provided the ESSID is not hidden. (Applies to fake auth and test) 
-  * "​-B"​ or "​--bittest"​ is a bit rate test (Applies to test) 
-  * "​-F"​ or "​--fast"​ is a fast test (Applies to test) 
-  * "​-D"​ disables AP detection. ​ Some modes will not proceed if the AP beacon is not heard. ​ This disables this functionality. 
-  * "​-F"​ chooses first matching packet 
-  * "​-R"​ disables /dev/rtc usage. ​ Some systems experience lockups or other problems with RTC.  This disables the usage. 
  
aireplay-ng.1253991979.txt.gz · Last modified: 2009/09/26 21:06 by darkaudax