User Tools

Site Tools


packetforge-ng

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
packetforge-ng [2007/04/27 16:58] – added examples for v.8 new features darkaudaxpacketforge-ng [2010/08/22 20:59] (current) – update "Usage" and fixed "mode" rendering mister_x
Line 10: Line 10:
 Usage: packetforge-ng <mode> <options> Usage: packetforge-ng <mode> <options>
  
-====Forge options:====+====Forge options====
  
       *-p <fctrl>     : set frame control word (hex)       *-p <fctrl>     : set frame control word (hex)
Line 20: Line 20:
       *-e             : disables WEP encryption       *-e             : disables WEP encryption
       *-k <ip[:port]> : set Destination IP [Port]       *-k <ip[:port]> : set Destination IP [Port]
-      *-l <ip[:port]> : set Source      IP [Port]+      *-l <ip[:port]> : set Source      IP [Port] (Dash lowercase letter L)
       *-t ttl         : set Time To Live       *-t ttl         : set Time To Live
       *-w <file>      : write packet to this pcap file       *-w <file>      : write packet to this pcap file
  
-====Source options:====+====Source options====
  
       *-r <file>      : read packet from this raw file       *-r <file>      : read packet from this raw file
       *-y <file>      : read PRGA from this file       *-y <file>      : read PRGA from this file
  
-====Modes (long modes use double dashes):====+====Modes ====
  
-      *--arp          : forge an ARP packet    (-0) +      *-''''-arp          : forge an ARP packet    (-0) 
-      *--udp          : forge an UDP packet    (-1) +      *-''''-udp          : forge an UDP packet    (-1) 
-      *--icmp         : forge an ICMP packet   (-2) +      *-''''-icmp         : forge an ICMP packet   (-2) 
-      *--null         : build a null packet (-3) +      *-''''-null         : build a null packet (-3) 
-      *--custom       : build a custom packet  (-9)+      *-''''-custom       : build a custom packet  (-9)
  
  
Line 121: Line 121:
  
 ==== Generating a custom packet ==== ==== Generating a custom packet ====
-If you want to generate a customer packet, first create a packet with the tool of your choice.  This could a specialized tool, a hex editor or even from a previous capture.  Then save it as a pcap file.  Following this, run the command:+If you want to generate a customer packet, first create a packet with the tool of your choice.  This could be a specialized tool, a hex editor or even from a previous capture.  Then save it as a pcap file.  Following this, run the command:
  
    packetforge-ng -9 -r input.cap -y keystream.xor -w output.cap    packetforge-ng -9 -r input.cap -y keystream.xor -w output.cap
Line 132: Line 132:
  
 When it runs, packetforge-ng will ask you which packet to use and then output the file. When it runs, packetforge-ng will ask you which packet to use and then output the file.
 +
  
  
Line 139: Line 140:
  
 So the packetforge-ng command becomes: So the packetforge-ng command becomes:
-   packetforge-ng -0 -a 00:14:6C:7E:40:80 -h 00:0F:B5:AB:CB:9D -k 192.168.1.100 -l 192.168.1.-y fragment-0124-161129.xor -w arp-request+   packetforge-ng -0 -a 00:14:6C:7E:40:80 -h 00:0F:B5:AB:CB:9D -k 255.255.255.255 -l 255.255.255.255 -y fragment-0124-161129.xor -w arp-request 
  
 ===== Usage Troubleshooting ===== ===== Usage Troubleshooting =====
 +
 +==== Including both -j and -o flags ====
 +
 A common mistake people make is to include either or both -j and -o flags and create invalid packets.  These flags adjust the FromDS and ToDS flages in the packet generated.  Unless you are doing something special and really know what you are doing, don't use them.  In general, they are not needed. A common mistake people make is to include either or both -j and -o flags and create invalid packets.  These flags adjust the FromDS and ToDS flages in the packet generated.  Unless you are doing something special and really know what you are doing, don't use them.  In general, they are not needed.
 +
 +
 +==== Error message "Mode already specified" ====
 +
 +This is commonly caused by using the number one (-1) instead of dash lowercase L (-l) in the command.
 +
 +Entering:
 +   packetforge-ng -0 -a 00:14:6C:7E:40:80 -h 00:09:5B:EC:EE:F2 -k 255.255.255.255 -1 255.255.255.255 -y 00:14:6C:7E:40:80-03-00-14-6C-7E-40-80.xor -w arp-request 
 +
 +Gives:
 +   Mode already specified.
 +   "packetforge-ng --help" for help.
 +
 +This because -1 (number one) was used instead of the correct -l (the letter ell).  So simply use "-l".
 +
packetforge-ng.1177685901.txt.gz · Last modified: 2007/04/27 16:58 by darkaudax