User Tools

Site Tools


aireplay-ng

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
aireplay-ng [2009/09/26 21:06] – Added links to new attacks darkaudaxaireplay-ng [2022/02/09 00:44] (current) – [Description] update mister_x
Line 6: Line 6:
 With the [[packetforge-ng]] tool it's possible to create arbitrary frames. With the [[packetforge-ng]] tool it's possible to create arbitrary frames.
  
-Most drivers needs to be patched to be able to inject, don't forget to read [[install_drivers|Installing drivers]].+Some drivers needs to be patched to be able to inject, don't forget to read [[install_drivers|Installing drivers]].
  
 ===== Usage of the attacks ===== ===== Usage of the attacks =====
Line 18: Line 18:
     * Attack 4: [[KoreK chopchop|KoreK chopchop attack]]      * Attack 4: [[KoreK chopchop|KoreK chopchop attack]] 
     * Attack 5: [[Fragmentation|Fragmentation attack]]     * Attack 5: [[Fragmentation|Fragmentation attack]]
-    * Attack 6: [[cafe-latte|Cafe-latte attack]] (The documentation will be available shortly.) +    * Attack 6: [[cafe-latte|Cafe-latte attack]] 
-    * Attack 7: [[hirte|Client-oriented fragmentation attack]] (The documentation will be available shortly.)+    * Attack 7: [[hirte|Client-oriented fragmentation attack]] 
 +    * Attack 8: [[WPA Migration Mode]]
     * Attack 9: [[injection_test|Injection test]]     * Attack 9: [[injection_test|Injection test]]
  
 ===== Usage ===== ===== Usage =====
  
-This section provides a general overview.  Not all options apply to all attacks.  See the details of the sepcific attack for the relevant details.+This section provides a general overview.  Not all options apply to all attacks.  See the details of the specific attack for the relevant details.
  
 Usage: Usage:
Line 45: Line 46:
   *-w iswep  : frame control, WEP     bit   *-w iswep  : frame control, WEP     bit
  
-When replaying (injecting) packets, the following options apply.  Keep in mind that not every option is relevant for every attack.  The specific attack documention provides examples of the relevant options.+When replaying (injecting) packets, the following options apply.  Keep in mind that not every option is relevant for every attack.  The specific attack documentation provides examples of the relevant options.
  
 Replay options: Replay options:
Line 128: Line 129:
  
 These items apply to all modes of aireplay-ng. These items apply to all modes of aireplay-ng.
 +
 +==== aireplay-ng does not inject packets ====
 +Ensure you are using the correct monitor mode interface.  "iwconfig" will show the wireless interfaces and their state.  For the mac80211 drivers, the monitor mode interface is typically "mon0" For ieee80211 madwifi-ng drivers, it is typically "ath0" For other drivers, the interface name may vary.
  
 ==== For madwifi-ng, ensure there are no other VAPs running ==== ==== For madwifi-ng, ensure there are no other VAPs running ====
Line 232: Line 236:
  
 For all of the above, running airodump-ng and the related text file should provide all the information you require identify and correct the problem. For all of the above, running airodump-ng and the related text file should provide all the information you require identify and correct the problem.
 +
 +
 +==== interfaceX is on channel Y, but the AP uses channel Z ====
 +
 +A typical example of this message is: "mon0 is on channel 1, but the AP uses channel 6"
 +
 +This means something is causing your card to channel hop.  Possible reasons is that failed to start airodump-ng locked to a single channel.  airodump-ng needs to be started with "-c <channel-number>.
 +
 +Another reason is that you have processes such as a network manager or wpa_supplicant channel hopping.  You must kill off all these processes.  See [[airmon-ng]] for details on checking what is running and how to kill the processes off.
  
 ==== General ==== ==== General ====
Line 247: Line 260:
   * If Prism2, make sure the firmware was updated.   * If Prism2, make sure the firmware was updated.
   * Ensure your are running the current stable version.  Some options are not available in older versions of the program.  Also, the current stable version contains many bug fixes.   * Ensure your are running the current stable version.  Some options are not available in older versions of the program.  Also, the current stable version contains many bug fixes.
-  * It does not hurt to check the [[http://trac.aircrack-ng.org/|Trac System]] to see if your "problem" is actually a known bug in the current stable version.  Many times the current [[main#development|development version]] has fixes to bugs within the current stable version.+  * It does not hurt to check the [[https://github.com/aircrack-ng/aircrack-ng/issues/|GitHub issues]] to see if your "problem" is actually a known bug in the current stable version.  Many times the current [[main#development|development version]] has fixes to bugs within the current stable version.
  
-===== Release Candidate or SVN Version Notes ===== 
- 
-This section ONLY applies the latest SVN version and to some release candidate versions of the aircrack-ng suite.  Once they are released as "stable" then the documentation above will be updated. 
- 
-Changes: 
- 
-  * "-e <ESSID>" is not needed provided the ESSID is not hidden. (Applies to fake auth and test) 
-  * "-B" or "--bittest" is a bit rate test (Applies to test) 
-  * "-F" or "--fast" is a fast test (Applies to test) 
-  * "-D" disables AP detection.  Some modes will not proceed if the AP beacon is not heard.  This disables this functionality. 
-  * "-F" chooses first matching packet 
-  * "-R" disables /dev/rtc usage.  Some systems experience lockups or other problems with RTC.  This disables the usage. 
  
aireplay-ng.1253991979.txt.gz · Last modified: 2009/09/26 21:06 by darkaudax