User Tools

Site Tools


packetforge-ng

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
packetforge-ng [2007/04/27 16:58]
darkaudax added examples for v.8 new features
packetforge-ng [2010/08/22 20:59] (current)
mister_x update "Usage" and fixed "mode" rendering
Line 10: Line 10:
 Usage: packetforge-ng <​mode>​ <​options>​ Usage: packetforge-ng <​mode>​ <​options>​
  
-====Forge options:====+====Forge options====
  
       *-p <​fctrl> ​    : set frame control word (hex)       *-p <​fctrl> ​    : set frame control word (hex)
Line 20: Line 20:
       *-e             : disables WEP encryption       *-e             : disables WEP encryption
       *-k <​ip[:​port]>​ : set Destination IP [Port]       *-k <​ip[:​port]>​ : set Destination IP [Port]
-      *-l <​ip[:​port]>​ : set Source ​     IP [Port]+      *-l <​ip[:​port]>​ : set Source ​     IP [Port] ​(Dash lowercase letter L)
       *-t ttl         : set Time To Live       *-t ttl         : set Time To Live
       *-w <​file> ​     : write packet to this pcap file       *-w <​file> ​     : write packet to this pcap file
  
-====Source options:====+====Source options====
  
       *-r <​file> ​     : read packet from this raw file       *-r <​file> ​     : read packet from this raw file
       *-y <​file> ​     : read PRGA from this file       *-y <​file> ​     : read PRGA from this file
  
-====Modes ​(long modes use double dashes):====+====Modes ====
  
-      *--arp ​         : forge an ARP packet ​   (-0) +      *-''''​-arp          : forge an ARP packet ​   (-0) 
-      *--udp ​         : forge an UDP packet ​   (-1) +      *-''''​-udp          : forge an UDP packet ​   (-1) 
-      *--icmp ​        : forge an ICMP packet ​  ​(-2) +      *-''''​-icmp         : forge an ICMP packet ​  ​(-2) 
-      *--null ​        : build a null packet (-3) +      *-''''​-null         : build a null packet (-3) 
-      *--custom ​      : build a custom packet ​ (-9)+      *-''''​-custom ​      : build a custom packet ​ (-9)
  
  
Line 121: Line 121:
  
 ==== Generating a custom packet ==== ==== Generating a custom packet ====
-If you want to generate a customer packet, first create a packet with the tool of your choice. ​ This could a specialized tool, a hex editor or even from a previous capture. ​ Then save it as a pcap file.  Following this, run the command:+If you want to generate a customer packet, first create a packet with the tool of your choice. ​ This could be a specialized tool, a hex editor or even from a previous capture. ​ Then save it as a pcap file.  Following this, run the command:
  
    ​packetforge-ng -9 -r input.cap -y keystream.xor -w output.cap    ​packetforge-ng -9 -r input.cap -y keystream.xor -w output.cap
Line 132: Line 132:
  
 When it runs, packetforge-ng will ask you which packet to use and then output the file. When it runs, packetforge-ng will ask you which packet to use and then output the file.
 +
  
  
Line 139: Line 140:
  
 So the packetforge-ng command becomes: So the packetforge-ng command becomes:
-   ​packetforge-ng -0 -a 00:​14:​6C:​7E:​40:​80 -h 00:​0F:​B5:​AB:​CB:​9D -k 192.168.1.100 -l 192.168.1.-y fragment-0124-161129.xor -w arp-request+   ​packetforge-ng -0 -a 00:​14:​6C:​7E:​40:​80 -h 00:​0F:​B5:​AB:​CB:​9D -k 255.255.255.255 -l 255.255.255.255 -y fragment-0124-161129.xor -w arp-request 
  
 ===== Usage Troubleshooting ===== ===== Usage Troubleshooting =====
 +
 +==== Including both -j and -o flags ====
 +
 A common mistake people make is to include either or both -j and -o flags and create invalid packets. ​ These flags adjust the FromDS and ToDS flages in the packet generated. ​ Unless you are doing something special and really know what you are doing, don't use them.  In general, they are not needed. A common mistake people make is to include either or both -j and -o flags and create invalid packets. ​ These flags adjust the FromDS and ToDS flages in the packet generated. ​ Unless you are doing something special and really know what you are doing, don't use them.  In general, they are not needed.
 +
 +
 +==== Error message "Mode already specified"​ ====
 +
 +This is commonly caused by using the number one (-1) instead of dash lowercase L (-l) in the command.
 +
 +Entering:
 +   ​packetforge-ng -0 -a 00:​14:​6C:​7E:​40:​80 -h 00:​09:​5B:​EC:​EE:​F2 -k 255.255.255.255 -1 255.255.255.255 -y 00:​14:​6C:​7E:​40:​80-03-00-14-6C-7E-40-80.xor -w arp-request ​
 +
 +Gives:
 +   Mode already specified.
 +   "​packetforge-ng --help"​ for help.
 +
 +This because -1 (number one) was used instead of the correct -l (the letter ell).  So simply use "​-l"​.
 +
packetforge-ng.1177685901.txt.gz · Last modified: 2007/04/27 16:58 by darkaudax