diff --git a/tools/aircrack-ng.md b/tools/aircrack-ng.md deleted file mode 100644 index 1f76595..0000000 --- a/tools/aircrack-ng.md +++ /dev/null @@ -1,138 +0,0 @@ -# aircrack-NG - -Notes -------- - - * Version: 1.2-beta2 release - * Kali Linux Verison: 1.0.5 - * Developers: Thomas d'Otreppe - - -**Purpose**: Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared to other WEP cracking tools. - -# Suite Tools: -[airbase-ng](../tools/airbase-ng.md) -[aircrack-ng](#aircrack-ng) -[airdecap-ng](#airdecap) -[airdecloak-ng](#airdecloak-ng) -[airdriver-ng](#airdriver-ng) -[airdrop-ng](#airdrop-ng) -[aireplay-ng](#aireplay-ng) -[airgraph-ng](#airgraph-ng) -[airmon-ng](#airmon-ng) -[airodump-ng](#airodump-ng) -[airolib-ng](#airolib-ng) -[airserv-ng](#airsery-ng) -[airtun-ng](#airtun-ng) -[besside-ng](#besside-ng) -[easside-ng](#easside-ng) -[packetforge-ng](#packetforge-ng) -[tkiptun-ng](#tkiptun-ng) -[wesside-ng](#wesside-ng) - -Help Text ---------- - -### airbase-ng -Description: -### aircrack-ng -Description: -### airdecap-ng -Description: -### airdecloak-ng -Description: -### airdriver-ng -Description: -### airdrop-ng -Description: -### aireplay-ng -Description: -### airgraph-ng -Description: -### airmon-ng -Description: - -This script can be used to enable monitor mode on wireless interfaces. It may also be used to go back from monitor mode to managed mode. Entering the airmon-ng command without parameters will show the interfaces status. - -Usage: airmon-ng [channel] or airmon-ng -``` -* indicates if you wish to start or stop the interface. (Mandatory) -* specifies the interface. (Mandatory) -* [channel] optionally set the card to a specific channel. (Optional) -* “check” will show any processes that might interfere with the aircrack-ng suite. It is strongly recommended that these processes be eliminated prior to using the aircrack-ng suite. “check kill” will check and kill off processes that might interfere with the aircrack-ng suite. For “check kill” see -``` -Example: [airmon-ng examples](## airmon-ng examples) - -### airodump-ng -Description - -Airodump-ng is used for packet capturing of raw 802.11 frames and is particularly suitable for collecting WEP IVs (Initialization Vector) for the intent of using them with aircrack-ng. If you have a GPS receiver connected to the computer, airodump-ng is capable of logging the coordinates of the found access points. -Additionally, airodump-ng writes out several files containing the details of all access points and clients seen. - -Usage: airodump-ng -``` -Options: - --ivs : Save only captured IVs - --gpsd : Use GPSd - --write : Dump file prefix - -w : same as --write - --beacons : Record all beacons in dump file - --update : Display update delay in seconds - --showack : Prints ack/cts/rts statistics - -h : Hides known stations for --showack - -f : Time in ms between hopping channels - --berlin : Time before removing the AP/client - from the screen when no more packets - are received (Default: 120 seconds) - -r : Read packets from that file - -x : Active Scanning Simulation - --output-format - : Output format. Possible values: - pcap, ivs, csv, gps, kismet, netxml - Short format "-o" - The option can be specified multiple times. In this case, each file format - specified will be output. Only ivs or pcap can be used, not both. -``` - -``` -Filter options: - --encrypt : Filter APs by cipher suite - --netmask : Filter APs by mask - --bssid : Filter APs by BSSID - -a : Filter unassociated clients - -By default, airodump-ng hop on 2.4Ghz channels. -You can make it capture on other/specific channel(s) by using: - --channel : Capture on specific channels - --band : Band on which airodump-ng should hop - -C : Uses these frequencies in MHz to hop - --cswitch : Set channel switching method` - 0 : FIFO (default) - 1 : Round Robin - 2 : Hop on last - -s : same as --cswitch - - --help : Displays this usage screen -``` -### airolib-ng -Description: -### airserv-ng -Description: -### airtun-ng -Description: -### besside-ng -Description: -### packetforge-ng -Description: -### tkiptun-ng -Description: -### wesside-ng -Description: - -# Example Usage -### airmon-ng examples - -# Links - -Resource Page: http://www.aircrack-ng.org/resources.html -Tutorial Page: http://www.aircrack-ng.org/doku.php?id=tutorial diff --git a/tools/aircrack-ng_suite.md b/tools/aircrack-ng_suite.md new file mode 100644 index 0000000..35f4fb0 --- /dev/null +++ b/tools/aircrack-ng_suite.md @@ -0,0 +1,37 @@ +# aircrack-NG + +Notes +------- + + * Version: 1.2-beta2 release + * Kali Linux Verison: 1.0.5 + * Developers: Thomas d'Otreppe + + +**Purpose**: Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared to other WEP cracking tools. + +# Suite Tools: +[airbase-ng](../tools/aircrack-ng_suite/airbase-ng.md) +[aircrack-ng](../tools/aircrack-ng_suite/aircrack-ng.md) +[airdecap-ng](../tools/aircrack-ng_suite/airdecap.md) +[airdecloak-ng](../tools/aircrack-ng_suite/airdecloak-ng.md) +[airdriver-ng](../tools/aircrack-ng_suite/airdriver-ng.md) +[airdrop-ng](../tools/aircrack-ng_suite/airdrop-ng.md) +[aireplay-ng](../tools/aircrack-ng_suite/aireplay-ng.md) +[airgraph-ng](../tools/aircrack-ng_suite/airgraph-ng.md) +[airmon-ng](../tools/aircrack-ng_suite/airmon-ng.md) +[airodump-ng](../tools/aircrack-ng_suite/airodump-ng.md) +[airolib-ng](../tools/aircrack-ng_suite/airolib-ng.md) +[airserv-ng](../tools/aircrack-ng_suite/airsery-ng.md) +[airtun-ng](../tools/aircrack-ng_suite/airtun-ng.md) +[besside-ng](../tools/aircrack-ng_suite/besside-ng.md) +[easside-ng](../tools/aircrack-ng_suite/easside-ng.md) +[packetforge-ng](../tools/aircrack-ng_suite/packetforge-ng.md) +[tkiptun-ng](../tools/aircrack-ng_suite/tkiptun-ng.md) +[wesside-ng](../tools/aircrack-ng_suite/wesside-ng.md) + + +# Links + +Resource Page: http://www.aircrack-ng.org/resources.html +Tutorial Page: http://www.aircrack-ng.org/doku.php?id=tutorial diff --git a/tools/airbase-ng.md b/tools/aircrack-ng_suite/airbase-ng.md similarity index 89% rename from tools/airbase-ng.md rename to tools/aircrack-ng_suite/airbase-ng.md index 09056e8..f298364 100644 --- a/tools/airbase-ng.md +++ b/tools/aircrack-ng_suite/airbase-ng.md @@ -1,15 +1,29 @@ -AIRBASE-NG(8) AIRBASE-NG(8) +# AIRBASE-NG + +Notes +----- + +**Purpose**: airbase-ng is multi-purpose tool aimed at attacking clients as opposed to the Access Point (AP) itself. Since it is so versatile and flexible, summarizing it is a challenge. Here are some of the feature highlights: + - Implements the Caffe Latte WEP client attack + - Implements the Hirte WEP client attack + - Ability to cause the WPA/WPA2 handshake to be captured + - Ability to act as an ad-hoc Access Point + - Ability to act as a full Access Point + - Ability to filter by SSID or client MAC addresses + - Ability to manipulate and resend packets + - Ability to encrypt sent packets and decrypt received packets + +The main idea is of the implementation is that it should encourage clients to associate with the fake AP, not prevent them from accessing the real AP. + +A tap interface (atX) is created when airbase-ng is run. This can be used to receive decrypted packets or to send encrypted packets. + +As real clients will most probably send probe requests for common figured networks, these frames are important for binding a client to our softAP. In this case, the AP will respond to any probe request with a proper probe response, which tells the client to authenticate to the airbase-ng BSSID. That being said, this mode could possibly disrupt the correct functionality of many APs on the same channel. - -NAME - airbase-ng - multi-purpose tool aimed at attacking clients as opposed - to the Access Point (AP) itself - -SYNOPSIS - airbase-ng [options] +Usage: airbase-ng [options] DESCRIPTION +``` airbase-ng is multi-purpose tool aimed at attacking clients as opposed to the Access Point (AP) itself. Since it is so versatile and flexible, summarizing it is a challenge. Here are some of the feature highlights: @@ -35,8 +49,9 @@ DESCRIPTION a proper probe response, which tells the client to authenticate to the airbase-ng BSSID. That being said, this mode could possibly disrupt the correct functionality of many APs on the same channel. - +``` OPTIONS +``` -H, --help Shows the help screen. @@ -266,34 +281,4 @@ OPTIONS --essids , -E read a list of ESSIDs out of that file. - -AUTHOR - This manual page was written by Thomas d'Otreppe. Permission is - granted to copy, distribute and/or modify this document under the terms - of the GNU General Public License, Version 2 or any later version pub‐ - lished by the Free Software Foundation On Debian systems, the complete - text of the GNU General Public License can be found in /usr/share/com‐ - mon-licenses/GPL. - -SEE ALSO - aircrack-ng(1) - airdecap-ng(1) - airdecloak-ng(1) - airdriver-ng(8) - aireplay-ng(8) - airmon-ng(8) - airodump-ng(8) - airolib-ng(1) - airserv-ng(8) - buddy-ng(1) - easside-ng(8) - ivstools(1) - kstats(1) - makeivs-ng(1) - packetforge-ng(1) - tkiptun-ng(8) - wesside-ng(8) - - - -Version 1.2-beta2 November 2013 AIRBASE-NG(8) \ No newline at end of file +``` \ No newline at end of file