airtun-ng
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
airtun-ng [2009/09/25 22:55] – Fixed typos darkaudax | airtun-ng [2015/04/12 23:15] (current) – Updated usage. mister_x | ||
---|---|---|---|
Line 8: | Line 8: | ||
In order to perform wIDS data gathering, you must have the encryption key and the bssid for the network you wish to monitor. Airtun-ng decrypts all the traffic for the specific network and passes it to a traditional IDS system such as [[http:// | In order to perform wIDS data gathering, you must have the encryption key and the bssid for the network you wish to monitor. Airtun-ng decrypts all the traffic for the specific network and passes it to a traditional IDS system such as [[http:// | ||
- | Traffic injection can be fully bidirectional if you have the full encyption | + | Traffic injection can be fully bidirectional if you have the full encryption |
Airtun-ng also has repeater and tcpreplay-type functionality. | Airtun-ng also has repeater and tcpreplay-type functionality. | ||
Line 16: | Line 16: | ||
===== Usage ===== | ===== Usage ===== | ||
- | usage: airtun-ng < | + | Usage: airtun-ng < |
*-x nbpps : maximum number of packets per second (optional) | *-x nbpps : maximum number of packets per second (optional) | ||
- | *-a bssid : set Access Point MAC address (mandatory) | + | *-a bssid : set Access Point MAC address (mandatory). In WDS Mode this sets the Receiver |
*-i iface : capture packets from this interface (optional) | *-i iface : capture packets from this interface (optional) | ||
*-y file : read PRGA from this file (optional / one of -y or -w must be defined) | *-y file : read PRGA from this file (optional / one of -y or -w must be defined) | ||
*-w wepkey : use this WEP-KEY to encrypt packets (optional / one of -y or -w must be defined) | *-w wepkey : use this WEP-KEY to encrypt packets (optional / one of -y or -w must be defined) | ||
- | *-t tods : send frames to AP (1) or to client (0) (optional | + | |
+ | *-e essid : target network SSID (use with -p) | ||
+ | | ||
*-r file : read frames out of pcap file (optional) | *-r file : read frames out of pcap file (optional) | ||
+ | *-h MAC : source MAC address | ||
+ | *-H : Display help. Long form --help | ||
+ | |||
+ | WDS/Bridge Mode options: | ||
+ | *-s transmitter : set Transmitter MAC address for WDS Mode | ||
+ | *-b : bidirectional mode. This enables communication in Transmitter' | ||
Repeater options (the following all require double dashes): | Repeater options (the following all require double dashes): | ||
Line 30: | Line 38: | ||
*- -bssid <mac> : BSSID to repeat. | *- -bssid <mac> : BSSID to repeat. | ||
*- -netmask < | *- -netmask < | ||
+ | |||
===== Scenarios ===== | ===== Scenarios ===== | ||
Line 49: | Line 58: | ||
| | ||
- | You notice above that it created the **at0** interface. Switch to another console | + | You notice above that it created the **at0** interface. Switch to another console |
| | ||
Line 167: | Line 176: | ||
This is how to setup airtun-ng for this scenario: | This is how to setup airtun-ng for this scenario: | ||
- | | + | |
If you are able to see both sides of a WDS/Bridge network, you can enable bidirectional mode. This enables communication with both endpoint' | If you are able to see both sides of a WDS/Bridge network, you can enable bidirectional mode. This enables communication with both endpoint' | ||
- | | + | |
WDS mode is fully compatible with WEP encryption, so you can use the -w and -y flags as usual. | WDS mode is fully compatible with WEP encryption, so you can use the -w and -y flags as usual. | ||
Line 197: | Line 206: | ||
This loads the " | This loads the " | ||
+ | |||
+ | ==== Error creating tap interface: Permission denied ==== | ||
+ | |||
+ | See the following [[faq# | ||
+ |
airtun-ng.1253912116.txt.gz · Last modified: 2009/09/25 22:55 by darkaudax