AIREPLAY-NG
Section: User Commands (1)
Updated: April 2006
Index
Return to Main Contents
NAME
aireplay-ng
injects ARP-request packets into a wireless network to generate traffic.
SYNOPSIS
aireplay-ng
[options] <replay interface>
DESCRIPTION
aireplay-ng
injects specially generated ARP-request packets into an existing wireless network in order to generate traffic.
By sending these ARP-request packets again and again, the target host will respond with encrypted replies, thus
providing new and possibly weak IVs.
aireplay-ng
supports single-NIC injection/monitor.
This feature needs driver patching.
OPTIONS
- Filter options:
-
- -b <bssid>
-
MAC address of access point.
- -d <dmac>
-
MAC address of destination.
- -s <smac>
-
MAC address of source.
- -m <len>
-
Minimum packet length.
- -n <len>
-
Maximum packet length.
- -u <type>
-
Frame control, type field.
- -v <subt>
-
Frame control, subtype field.
- -t <tods>
-
Frame control, "To" DS bit.
- -f <fromds>
-
Frame control, "From" DS bit.
- -w <iswep>
-
Frame control, WEP bit.
- Replay options:
-
- -x <nbpps>
-
Number of packets per second.
- -p <fctrl>
-
Set frame control word (hex).
- -a <bssid>
-
Set Access Point MAC address.
- -c <dmac>
-
Set destination MAC address.
- -h <smac>
-
Set source MAC address.
- -e <essid>
-
Set target SSID for Fake Authentication attack (see below).
- -j
-
ARP Replay attack : inject FromDS pakets (see below).
- Source options:
-
- -i <iface>
-
Capture packets from this interface.
- -r <file>
-
Extract packets from this pcap file.
- Attack modes:
-
- -0, --deauth=<count>
-
Deauthenticate stations.
- -1, --fakeauth=<delay>
-
Fake authentication with AP.
- -2, --interactive
-
Interactive frame selection.
- -3, --arpreplay
-
Standard ARP-request replay.
- -4, --chopchop
-
Decrypt/chopchop WEP packet.
AUTHOR
This manual page was written by Adam Cecile <gandalf@le-vert.net> for the Debian system (but may be used by others).
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 or any later version published by the Free Software Foundation
On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL.
SEE ALSO
airmon-ng(1)
airdecap-ng(1)
aircrack-ng(1)
airodump-ng(1)
arpforge-ng(1)
ivstools(1)
Index
- NAME
-
- SYNOPSIS
-
- DESCRIPTION
-
- OPTIONS
-
- AUTHOR
-
- SEE ALSO
-
This document was created by
man2html,
using the manual pages.
Time: 22:12:29 GMT, February 23, 2023