tkiptun-ng (1) - Linux Man Pages
tkiptun-ng: inject a few frames into a WPA TKIP network with QoS
tkiptun-ng - inject a few frames into a WPA TKIP network with QoS
SYNOPSIStkiptun-ng [options] <replay interface>
DESCRIPTIONtkiptun-ng is a tool created by Martin Beck aka hirte, a member of aircrack-ng team. This tool is able to inject a few frames into a WPA TKIP network with QoS. He worked with Erik Tews (who created PTW attack) for a conference in PacSec 2008: "Gone in 900 Seconds, Some Crypto Issues with WPA".
- -H, --help
- Shows the help screen.
- Filter options:
- -d <dmac>
- MAC address of destination.
- -s <smac>
- MAC address of source.
- -m <len>
- Minimum packet length.
- -n <len>
- Maximum packet length.
- -t <tods>
- Frame control, "To" DS bit.
- -f <fromds>
- Frame control, "From" DS bit.
- Disable AP Detection.
- Replay options:
- -x <nbpps>
- Number of packets per second.
- -p <fctrl>
- Set frame control word (hex).
- -a <bssid>
- Set Access Point MAC address.
- -c <dmac>
- Set destination MAC address.
- -h <smac>
- Set source MAC address.
- Choose first matching packet.
- -e <essid>
- Set target SSID.
- Debug options:
- -K <prga>
- Keystream for continuation.
- -y <file>
- Keystream file for continuation.
- Inject FromFS packets.
- -P <PMK>
- Pairwise Master key (PMK) for verification or vulnerability testing.
- -p <PSK>
- Preshared key (PSK) to calculate PMK with essid.
- Source options:
- -i <iface>
- Capture packets from this interface.
- -r <file>
- Extract packets from this pcap file.
AUTHORThis manual page was written by Thomas d'Otreppe. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 or any later version published by the Free Software Foundation On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL.
Linux man pages generated by: SysTutorials
Linux Man Pages Copyright Respective Owners. Site Copyright © SysTutorials. All Rights Reserved.