airdecloak-ng
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
airdecloak-ng [2008/11/15 00:10] – mister_x | airdecloak-ng [2023/01/17 09:55] – update usage info (1.4 --> 1.7) gemesa | ||
---|---|---|---|
Line 13: | Line 13: | ||
===== Usage ===== | ===== Usage ===== | ||
- | Airdecloak-ng 1.0 rc1 r1193 - (C) 2008 Thomas d' | + | Airdecloak-ng 1.7 |
- | | + | |
| | ||
usage: airdecloak-ng [options] | usage: airdecloak-ng [options] | ||
Line 27: | Line 27: | ||
| | ||
| | ||
+ | -o < | ||
+ | -c < | ||
+ | -u < | ||
| | ||
| | ||
Line 47: | Line 50: | ||
| | ||
| | ||
+ | |||
==== Options ==== | ==== Options ==== | ||
- | ^Option^Explanation| | + | ^Option^Param.^Description| |
- | |-i <input file>|Path to the capture file.| | + | |-i|input file|Path to the capture file.| |
- | |--bssid | + | |--bssid|BSSID|BSSID of the network to filter.| |
- | |--ssid | + | |--ssid|ESSID|ESSID of the network to filter (not yet implemented).| |
- | |--filters | + | |--filters|filters|Apply theses filters in this specific order. They have to be separated by a ',' |
- | |--null-packets|Assume that null packets can be cloaked (not yet implemented).| | + | |--null-packets|-|Assume that null packets can be cloaked (not yet implemented).| |
- | |--disable-base_filter|Disable the base filter.| | + | |--disable-base-filter|-|Disable the base filter.| |
- | |--drop-frag|Drop all fragmented packets. In most networks, fragmentation is not needed.| | + | |--drop-frag|-|Drop all fragmented packets. In most networks, fragmentation is not needed.| |
==== Tests ==== | ==== Tests ==== | ||
Line 63: | Line 68: | ||
=== Capturing traffic === | === Capturing traffic === | ||
- | Destroy all VAP | + | Destroy all VAP (only needed for madwifi-ng): |
airmon-ng stop ath0 | airmon-ng stop ath0 | ||
Line 81: | Line 86: | ||
=== Trying to crack the WEP key === | === Trying to crack the WEP key === | ||
- | aircrack-ng.exe wep_cloaking_full_speed_dl.pcap -b 00: | + | aircrack-ng wep_cloaking_full_speed_dl.pcap -b 00: |
| | ||
{{http:// | {{http:// | ||
Line 196: | Line 201: | ||
=== Timing === | === Timing === | ||
- | The time needed to receive a cloaked frame could be analysed; compared to its uncloaked equivalent since the sensor | + | The time needed to receive a cloaked frame could be analyzed; compared to its uncloaked equivalent since the sensor |
For this, 2 packets are needed (one real and one cloaked) and we have to make sure the " | For this, 2 packets are needed (one real and one cloaked) and we have to make sure the " | ||
Line 226: | Line 231: | ||
{{http:// | {{http:// | ||
- | There' | + | There are a few possibilities |
- both packets can be discarded since they have the same sequence number. | - both packets can be discarded since they have the same sequence number. | ||
- use signal/ | - use signal/ | ||
- | For packet 7538/7539, it will be easier, it's easy to find out which one is cloaked, a beacon has the same sequence | + | For packet 7538/7539, it will be easier, it's easy to find out which one is cloaked, a beacon has the same sequence |
Line 246: | Line 251: | ||
... so other ways have to be used. Beacon will still be used but in another way: since 1319 is a valid sequence number, the previous (1318) and the next (1320) sequence numbers of valid packets are known. It's getting more complicated, | ... so other ways have to be used. Beacon will still be used but in another way: since 1319 is a valid sequence number, the previous (1318) and the next (1320) sequence numbers of valid packets are known. It's getting more complicated, | ||
- | Since it is known that wep cloaking | + | Since it is known that wep cloaking |
^Position^Uncloaked^Cloaked^Frame size^Reason| | ^Position^Uncloaked^Cloaked^Frame size^Reason| | ||
Line 316: | Line 321: | ||
Remove all duplicate sequence numbers for both the AP and the client (that are close to each other). | Remove all duplicate sequence numbers for both the AP and the client (that are close to each other). | ||
- | Basically it apply '' | + | Basically it applies |
== consecutive_sn == | == consecutive_sn == | ||
Line 362: | Line 367: | ||
===== Thanks ===== | ===== Thanks ===== | ||
- | Thanks to Alex Hernandez aka alt3kx from [[http:// | + | Thanks to Alex Hernandez aka alt3kx from [[http:// |
airdecloak-ng.txt · Last modified: 2023/01/17 09:58 by gemesa