Linux

 

Linux tools, Howtos

 

Tools Index

 

Wireless Commands

 

FC6 Build Howto

 

FC5 Build Howto

 

FC4 Build Howto

 

Live Linux Distros

 

 

Site Search

 

 

 

 

Windows

 

WIN32 tools, Howtos

 

Tools Index

 

 

Get Firefox!

 

 

General

 

Miscellaneous WI-FI

 

Default WI-FI Settings

 

Rogue AP Howtos

 

WI-FI Certifications

 

802.11 Standards

 

STEP BY STEP Guides

 

Formats / Extensions

 

WI-FI Home Security

 

Useful Links

 

 

 

 

 

Wifitap Main:

 

Project homepage:  http://sid.rstack.org/index.php/Wifitap_EN#Wifitap_source_code

 

"Wifitap is a proof of concept for communication over WLAN networks using traffic injection.  Wifitap allows direct communication with an associated station to a given access point directly, whilst not being being associated ourselves or being handled by access point." -http://sid.rstack.org

 

 

Wifitap:

 

Installing Wifitap

Using Wifitap

Wifitap Usage

 

"Wifitap is written in Python, and Python is damn slow. So don't expect it to work at 54Mbps." -Cedric Blancher (Wifitap Author)

 

 

Using Wifitap

 

cd /tools/wifi/wifitap

 

ifconfig ath0 up

 

iwconfig ath0 mode monitor channel 6 (choose desired channel)

 

sysctl dev.ath0.rawdev=1

 

ifconfig ath0raw up

 

./wifitap.py  -b  00:06:25:BF:64:99  -i ath0  -o  ath0raw

 

or if the network is WEP enabled:

 

./wifitap.py  -b  00:06:25:BF:64:99  -i ath0  -o  ath0raw -w 866578388f517be0b4818a0db1

 

This will now create interface wj0, we now configure an IP for wj0

 

 

 

 

Open a new console and configure an IP address for wj0

 

ifconfig wj0 192.168.1.250

 

 

 

 

Tcpdump or Ethereal can be used with interface ath0 to provide the IP address of the network clients.  It is now possible to communicate with these clients in this case the client is 192.168.1.23

 

Take down the wired interface (eth0) prior to attempting the PING.

 

ifconfig eth0 down

 

ping 192.168.1.23

 

 

 

 

We are now interacting with the Access Point's client without ever been authenticated or associated with the Access Point at any time.

 

 

Wifitap Usage:

 

Usage : wifitap -b <BSSID> [-o <iface>] [-i <iface> [-p] [-w <WEP key> [-k <key id>]] [-d [-v]] [-h]

-b Specifies BSSID in usual 6 hex digits MAC address format:
                     00:01:02:03:04:05

-o Specifies output Wifi interface for frames injection
 

-i Specifies input Wifi interface for frames sniffing

-p Used to tell Wifitap that input interface does not provides
                     Prism headers

-w Activates WEP encryption/decryption with specified WEP key
 

The WEP key can be specified in the following formats:


                      0102030405 or 0102030405060708090a0b0c0d
                      01:02:03:04:05 or
                      01:02:03:04:05:06:07:08:09:0a:0b:0c:0d
                      0102-0304-05 or 0102-0304-0506-0708-090a-0b0c-0d

-k Specifies WEP key id, from 0 to 3

-d Activates debugging
 

-v Increases debugging verbosity

-h Help screen

 

 

Thanks to Cedric Blancher for his help with the install and producing this guide.


 

  
 
  © Copyright 2010 Wirelessdefence.org. All Rights Reserved.