A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Man page of TKIPTUN-NG

TKIPTUN-NG

Section: User Commands (1)
Updated: April 2010
Index of this MAN page

Back To MAN Pages From BackTrack 5 R1 Master List

 

NAME

tkiptun-ng - inject a few frames into a WPA TKIP network with QoS  

SYNOPSIS

tkiptun-ng [options] <replay interface>  

DESCRIPTION

tkiptun-ng is a tool created by Martin Beck aka hirte, a member of aircrack-ng team. This tool is able to inject a few frames into a WPA TKIP network with QoS. He worked with Erik Tews (who created PTW attack) for a conference in PacSec 2008: "Gone in 900 Seconds, Some Crypto Issues with WPA".  

OPERATION

-H, --help
Shows the help screen.
Filter options:
-d <dmac>
MAC address of destination.
-s <smac>
MAC address of source.
-m <len>
Minimum packet length.
-n <len>
Maximum packet length.
-t <tods>
Frame control, "To" DS bit.
-f <fromds>
Frame control, "From" DS bit.
-D
Disable AP Detection.

Replay options:
-x <nbpps>
Number of packets per second.
-p <fctrl>
Set frame control word (hex).
-a <bssid>
Set Access Point MAC address.
-c <dmac>
Set destination MAC address.
-h <smac>
Set source MAC address.
-F
Choose first matching packet.
-e <essid>
Set target SSID.

Debug options:
-K <prga>
Keystream for continuation.
-y <file>
Keystream file for continuation.
-j
Inject FromFS packets.
-P <PMK>
Pairwise Master key (PMK) for verification or vulnerability testing.
-p <PSK>
Preshared key (PSK) to calculate PMK with essid.

Source options:
-i <iface>
Capture packets from this interface.
-r <file>
Extract packets from this pcap file.
 

AUTHOR

This manual page was written by Thomas d'Otreppe. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 or any later version published by the Free Software Foundation On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL.  

SEE ALSO


airbase-ng(1)
aircrack-ng(1)
airdecap-ng(1)
airdecloak-ng(1)
airdriver-ng(1)
aireplay-ng(1)
airmon-ng(1)
airodump-ng(1)
airolib-ng(1)
airserv-ng(1)
airtun-ng(1)
buddy-ng(1)
easside-ng(1)
ivstools(1)
kstats(1)
makeivs-ng(1)
packetforge-ng(1)
wesside-ng(1)


 

Index

NAME
SYNOPSIS
DESCRIPTION
OPERATION
AUTHOR
SEE ALSO

This document was created by man2html, using the manual pages.
Time: 07:34:21 GMT, September 13, 2011

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast