User Tools

Site Tools


airtun-ng

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
airtun-ng [2010/03/07 23:14]
mister_x old revision restored
airtun-ng [2015/04/12 23:15]
mister_x Updated usage.
Line 8: Line 8:
 In order to perform wIDS data gathering, you must have the encryption key and the bssid for the network you wish to monitor. Airtun-ng decrypts all the traffic for the specific network and passes it to a traditional IDS system such as [[http://www.snort.org|snort]]. In order to perform wIDS data gathering, you must have the encryption key and the bssid for the network you wish to monitor. Airtun-ng decrypts all the traffic for the specific network and passes it to a traditional IDS system such as [[http://www.snort.org|snort]].
  
-Traffic injection can be fully bidirectional if you have the full encyption key. It is outgoing unidirectional if you have the PRGA obtained via [[korek_chopchop|chopchop]] or [[fragmentation]] attacks. The prime advantage of airtun-ng over the other injection tools in the aircrack-ng suite is that you may use any tool subsequently to create, inject or sniff packets.+Traffic injection can be fully bidirectional if you have the full encryption key. It is outgoing unidirectional if you have the PRGA obtained via [[korek_chopchop|chopchop]] or [[fragmentation]] attacks. The prime advantage of airtun-ng over the other injection tools in the aircrack-ng suite is that you may use any tool subsequently to create, inject or sniff packets.
  
 Airtun-ng also has repeater and tcpreplay-type functionality.  There is a repeater function which allows you to replay all traffic sniffed through a wireless device (interface specified by -i at0) and optionally filter the traffic by a bssid together with a network mask and replay the remaining traffic.  While doing this, you can still use the tun interface while repeating.  As well, a pcap file read feature allows you to replay stored pcap-format packet captures just the way you captured them in the first place.  This is essentially tcpreplay functionality for wifi. Airtun-ng also has repeater and tcpreplay-type functionality.  There is a repeater function which allows you to replay all traffic sniffed through a wireless device (interface specified by -i at0) and optionally filter the traffic by a bssid together with a network mask and replay the remaining traffic.  While doing this, you can still use the tun interface while repeating.  As well, a pcap file read feature allows you to replay stored pcap-format packet captures just the way you captured them in the first place.  This is essentially tcpreplay functionality for wifi.
Line 16: Line 16:
 ===== Usage ===== ===== Usage =====
  
- usage: airtun-ng <options> <replay interface>+ Usage: airtun-ng <options> <replay interface>
  
       *-x nbpps : maximum number of packets per second (optional)       *-x nbpps : maximum number of packets per second (optional)
-      *-a bssid : set Access Point MAC address (mandatory)+      *-a bssid : set Access Point MAC address (mandatory). In WDS Mode this sets the Receiver
       *-i iface : capture packets from this interface (optional)       *-i iface : capture packets from this interface (optional)
       *-y file : read PRGA from this file (optional / one of -y or -w must be defined)       *-y file : read PRGA from this file (optional / one of -y or -w must be defined)
       *-w wepkey : use this WEP-KEY to encrypt packets (optional / one of -y or -w must be defined)       *-w wepkey : use this WEP-KEY to encrypt packets (optional / one of -y or -w must be defined)
-      *-t tods : send frames to AP (1) or to client (0) (optional defaults to 0)+      *-p pass : use this WPA passphrase to decrypt packets (use with -a and -e) 
 +      *-e essid : target network SSID (use with -p) 
 +      *-t tods : send frames to AP (1) or to client (0) or tunnel them into a WDS/Bridge (2)
       *-r file : read frames out of pcap file (optional)       *-r file : read frames out of pcap file (optional)
       *-h MAC  : source MAC address       *-h MAC  : source MAC address
       *-H      : Display help.  Long form --help       *-H      : Display help.  Long form --help
 +
 +WDS/Bridge Mode options:
 +  *-s transmitter : set Transmitter MAC address for WDS Mode
 +  *-b : bidirectional mode. This enables communication in Transmitter's AND Receiver's networks. Works only if you can see both stations.
  
 Repeater options (the following all require double dashes): Repeater options (the following all require double dashes):
Line 52: Line 58:
    FromDS bit set in all frames.    FromDS bit set in all frames.
  
-You notice above that it created the **at0** interface. Switch to another console sesssion and you must now bring this interface up in order to use it:+You notice above that it created the **at0** interface. Switch to another console session and you must now bring this interface up in order to use it:
  
    ifconfig at0 up    ifconfig at0 up
Line 203: Line 209:
 ==== Error creating tap interface: Permission denied ==== ==== Error creating tap interface: Permission denied ====
  
-You receive one or both of the following errors: +See the following [[faq#why_do_i_get_error_creating_tap_interfacepermission_denied_or_a_similar_message|FAQ entry]].
-   error creating tap interface: Permission denied +
-   error opening tap device: Permission denied +
- +
-This is caused by SELinux (Security Enhanced Linux) preventing the interface from starting.  To resolve, disable SELinux.  See the support forums for your particular linux to determine how to do this.+
  
airtun-ng.txt · Last modified: 2015/04/12 23:15 by mister_x