安全工具Aircrack-ng的使用

开启了尘封数月的Kali Linux。

其实安全也是数据库学习方向的一个分支哦~~

官方网站:http://aircrack-ng.org

root@kali:~# airbase-ng --help
Airbase-ng 1.2 beta3 - (C) 2008-2013 Thomas d'Otreppe
        Original work: Martin Beck
        http://www.aircrack-ng.org

        usage: airbase-ng <options> <replay interface>

        Options:

        -a bssid         : set Access Point MAC address
        -i iface         : capture packets from this interface
-w WEP key       : use this WEP key to en-/decrypt packets
        -h MAC           : source mac for MITM mode
        -f disallow      : disallow specified client MACs (default: allow)
        -W 0|1           : [don't] set WEP flag in beacons 0|1 (default: auto)
        -q               : quiet (do not print statistics)
        -v               : verbose (print more messages)
        -A               : Ad-Hoc Mode (allows other clients to peer)
        -Y in|out|both   : external packet processing
        -c channel       : sets the channel the AP is running on
        -X               : hidden ESSID
        -s               : force shared key authentication (default: auto)
        -S               : set shared key challenge length (default: 128)
        -L               : Caffe-Latte WEP attack (use if driver can't send frags)
        -N               : cfrag WEP attack (recommended)
        -x nbpps         : number of packets per second (default: 100)
        -y               : disables responses to broadcast probes
        -0               : set all WPA,WEP,open tags. can't be used with -z & -Z
        -z type          : sets WPA1 tags. 1=WEP40 2=TKIP 3=WRAP 4=CCMP 5=WEP104
        -Z type          : same as -z, but for WPA2
        -V type          : fake EAPOL 1=MD5 2=SHA1 3=auto
        -F prefix        : write all sent and received frames into pcap file
        -P               : respond to all probes, even when specifying ESSIDs
        -I interval      : sets the beacon interval value in ms
        -C seconds       : enables beaconing of probed ESSID values (requires -P)

        Filter options:
        --bssid MAC      : BSSID to filter/use
        --bssids file    : read a list of BSSIDs out of that file
        --client MAC     : MAC of client to filter
        --clients file   : read a list of MACs out of that file
        --essid ESSID    : specify a single ESSID (default: default)
        --essids file    : read a list of ESSIDs out of that file

        --help           : Displays this usage screen

Aircrack-NG – 无线网络密码破解

root@kali:~# aircrack-ng --help
Aircrack-ng 1.2 beta3 - (C) 2006-2013 Thomas d'Otreppe
        http://www.aircrack-ng.org

        usage: aircrack-ng [options] <.cap / .ivs file(s)>

        Common options:

        -a <amode> : force attack mode (1/WEP, 2/WPA-PSK)
        -e <essid> : target selection: network identifier
        -b <bssid> : target selection: access point's MAC
        -p <nbcpu> : # of CPU to use  (default: all CPUs)
        -q         : enable quiet mode (no status output)
        -C <macs>  : merge the given APs to a virtual one
        -l <file>  : write key to file

        Static WEP cracking options:

        -c         : search alpha-numeric characters only
        -t         : search binary coded decimal chr only
        -h         : search the numeric key for Fritz!BOX
        -d <mask>  : use masking of the key (A1:XX:CF:YY)
        -m <maddr> : MAC address to filter usable packets
        -n <nbits> : WEP key length :  64/128/152/256/512
        -i <index> : WEP key index (1 to 4), default: any
        -f <fudge> : bruteforce fudge factor,  default: 2
        -k <korek> : disable one attack method  (1 to 17)
        -x or -x0  : disable bruteforce for last keybytes
        -x1        : last keybyte bruteforcing  (default)
        -x2        : enable last  2 keybytes bruteforcing
        -X         : disable  bruteforce   multithreading
        -y         : experimental  single bruteforce mode
        -K         : use only old KoreK attacks (pre-PTW)
        -s         : show the key in ASCII while cracking
        -M <num>   : specify maximum number of IVs to use
        -D         : WEP decloak, skips broken keystreams
        -P <num>   : PTW debug:  1: disable Klein, 2: PTW
        -1         : run only 1 try to crack key with PTW

        WEP and WPA-PSK cracking options:

        -w <words> : path to wordlist(s) filename(s)

        WPA-PSK options:

        -E <file>  : create EWSA Project file v3
        -J <file>  : create Hashcat Capture file
        -S         : WPA cracking speed test

        Other options:

        -u         : Displays # of CPUs & MMX/SSE support
        --help     : Displays this usage screen

airdecap-NG – 解密WEP / WPA / WPA2捕获文件

root@kali:~# airdecap-ng --help

        Airdecap-ng 1.2 beta3 - (C) 2006-2013 Thomas d'Otreppe
        http://www.aircrack-ng.org

        usage: airdecap-ng [options] <pcap file>

Common options:
        -l         : don't remove the 802.11 header
        -b <bssid> : access point MAC address filter
        -e <essid> : target network SSID

        WEP specific option:
        -w <key>   : target network WEP key in hex

        WPA specific options:
        -p <pass>  : target network WPA passphrase
        -k <pmk>   : WPA Pairwise Master Key in hex

        --help     : Displays this usage screen

airdecloak-NG – 从PCAP文件删除WEP保护

root@kali:~# airdecloak-ng --help

        Airdecloak-ng 1.2 beta3 - (C) 2008-2013 Thomas d'Otreppe
        http://www.aircrack-ng.org

        usage: airdecloak-ng [options]

        options:

        Mandatory:
        -i <file>             : Input capture file
        --ssid <ESSID>        : ESSID of the network to filter
        or
        --bssid <BSSID>       : BSSID of the network to filter

        Optional:
        --filters <filters>   : Apply filters (separated by a comma). Filters:
        signal:               Try to filter based on signal.
        duplicate_sn:         Remove all duplicate sequence numbers
        for both the AP and the client.
        duplicate_sn_ap:      Remove duplicate sequence number for
        the AP only.
        duplicate_sn_client:  Remove duplicate sequence number for the
        client only.
        consecutive_sn:       Filter based on the fact that IV should
        be consecutive (only for AP).
        duplicate_iv:         Remove all duplicate IV.
        signal_dup_consec_sn: Use signal (if available), duplicate and
        consecutive sequence number (filtering is
        much more precise than using all these
        filters one by one).
        --null-packets        : Assume that null packets can be cloaked.
        --disable-base_filter : Do not apply base filter.
        --drop-frag           : Drop fragmented packets

        --help                : Displays this usage screen

airdriver-NG – 提供有关系统上的无线驱动程序的状态信息

root@kali:~# airdriver-ng --help
        Found kernel: 3.3.12-kali1-686-pae.3.12-kali1-686-pae
        usage: airdriver-ng <command> [drivernumber]
        valid commands:
        supported       - lists all supported drivers
        kernel          - lists all in-kernel drivers
        installed       - lists all installed drivers
        loaded          - lists all loaded drivers
        -----------------------------------------------------
        insert <drivernum>  - inserts a driver
        load <drivernum>    - loads a driver
        unload <drivernum>  - unloads a driver
        reload <drivernum>  - reloads a driver
        -----------------------------------------------------
        compile <drivernum> - compiles a driver
        install <drivernum> - installs a driver
        remove <drivernum>  - removes a driver
        -----------------------------------------------------
        compile_stack <stacknum>    - compiles a stack
        install_stack <stacknum>    - installs a stack
        remove_stack <stacknum> - removes a stack
        -----------------------------------------------------
        install_firmware <drivernum>    - installs the firmware
        remove_firmware <drivernum> - removes the firmware
        -----------------------------------------------------
        details <drivernum> - prints driver details
        detect          - detects wireless cards

airodump中-NG – 用于原始802.11帧的数据包捕获

oot@kali:~# airodump-ng --help

        Airodump-ng 1.2 beta3 - (C) 2006-2013 Thomas d'Otreppe
        http://www.aircrack-ng.org

        usage: airodump-ng <options> <interface>[,<interface>,...]

        Options:
        --ivs                 : Save only captured IVs
        --gpsd                : Use GPSd
        --write      <prefix> : Dump file prefix
        -w                    : same as --write
        --beacons             : Record all beacons in dump file
        --update       <secs> : Display update delay in seconds
        --showack             : Prints ack/cts/rts statistics
        -h                    : Hides known stations for --showack
        -f            <msecs> : Time in ms between hopping channels
        --berlin       <secs> : Time before removing the AP/client
        from the screen when no more packets
        are received (Default: 120 seconds)
        -r             <file> : Read packets from that file
        -x            <msecs> : Active Scanning Simulation
        --manufacturer        : Display manufacturer from IEEE OUI list
        --uptime              : Display AP Uptime from Beacon Timestamp
        --output-format
<formats> : Output format. Possible values:
        pcap, ivs, csv, gps, kismet, netxml
        --ignore-negative-one : Removes the message that says
        fixed channel <interface>: -1

        Filter options:
        --encrypt   <suite>   : Filter APs by cipher suite
        --netmask <netmask>   : Filter APs by mask
        --bssid     <bssid>   : Filter APs by BSSID
        --essid     <essid>   : Filter APs by ESSID
        -a                    : Filter unassociated clients

        By default, airodump-ng hop on 2.4GHz channels.
        You can make it capture on other/specific channel(s) by using:
        --channel <channels>  : Capture on specific channels
        --band <abg>          : Band on which airodump-ng should hop
        -C    <frequencies>   : Uses these frequencies in MHz to hop
        --cswitch  <method>   : Set channel switching method
        0       : FIFO (default)
        1       : Round Robin
        2       : Hop on last
        -s                    : same as --cswitch

        --help                : Displays this usage screen

airserv-NG – 无线网卡服务器

root@kali:~# airserv-ng --help
        airserv-ng: invalid option -- '-'

        Airserv-ng 1.2 beta3 - (C) 2007, 2008, 2009 Andrea Bittau
        http://www.aircrack-ng.org

        Usage: airserv-ng <options>

Options:

        -h         : This help screen
        -p  <port> : TCP port to listen on (default:666)
        -d <iface> : Wifi interface to use
-c  <chan> : Channel to use
        -v <level> : Debug level (1 to 3; default: 1)

airtun-NG – 虚拟通道接口的创造者

root@kali:~# airtun-ng --help

        Airtun-ng 1.2 beta3 - (C) 2006-2013 Thomas d'Otreppe
        Original work: Martin Beck
        http://www.aircrack-ng.org

        usage: airtun-ng <options> <replay interface>

        -x nbpps         : number of packets per second (default: 100)
        -a bssid         : set Access Point MAC address
        : In WDS Mode this sets the Receiver
        -i iface         : capture packets from this interface
-y file          : read PRGA from this file
        -w wepkey        : use this WEP-KEY to encrypt packets
        -t tods          : send frames to AP (1) or to client (0)
        : or tunnel them into a WDS/Bridge (2)
        -r file          : read frames out of pcap file

        WDS/Bridge Mode options:
        -s transmitter   : set Transmitter MAC address for WDS Mode
        -b               : bidirectional mode. This enables communication
        : in Transmitter's AND Receiver's networks.
        : Works only if you can see both stations.

        Repeater options:
        --repeat         : activates repeat mode
        --bssid <mac>    : BSSID to repeat
        --netmask <mask> : netmask for BSSID filter

        --help           : Displays this usage screen

besside-NG – 自动破解WEP和WPA网络

root@kali:~# besside-ng --help
        besside-ng: invalid option -- '-'

        Besside-ng 1.2 beta3 - (C) 2010 Andrea Bittau
        http://www.aircrack-ng.org

        Usage: besside-ng [options] <interface>

        Options:

        -b <victim mac> : Victim BSSID
        -s <WPA server> : Upload wpa.cap for cracking
        -c       <chan> : chanlock
        -p       <pps>  : flood rate
        -W              : WPA only
        -v              : verbose, -vv for more, etc.
        -h              : This help screen

原文发布于微信公众号 - 数据库SQL(SQLdba)

原文发表时间:2018-02-02

本文参与腾讯云自媒体分享计划,欢迎正在阅读的你也加入,一起分享。

发表于

我来说两句

0 条评论
登录 后参与评论

相关文章

来自专栏每日一篇技术文章

VR+全景播放器+头控讲解-06

在UIView上面布局我们可以使用UIButton UIView UIImageView等,但是是在3D场景中,我们不能使用UIView,我们要使用平面几何当视...

481
来自专栏Kubernetes

Kubernetes对Container Capabilities的支持

Docker Container Capabilities 在docker run命令中,我们可以通过--cap-add和--cap-drop来给容器添加li...

3457
来自专栏CreateAMind

aws 上面最新最全的GPU深度学习镜像-避免手工安装各种各样的软件

Here we have a Deep Learning system image (AWS AMI) custom built for the p2.xlar...

652
来自专栏码匠的流水账

聊聊HystrixEventNotifier

hystrix-core-1.5.12-sources.jar!/com/netflix/hystrix/strategy/eventnotifier/Hyst...

532
来自专栏一个会写诗的程序员的博客

java.base.jmod

/Library/Java/JavaVirtualMachines/jdk-9.jdk/Contents/Home/jmods$ jmod list java....

742
来自专栏技术随笔

LIDC-IDRI肺结节公开数据集Dicom和XML标注详解数据来源解析结果数据分析

3908
来自专栏后端之路

SpringBoot之Banner

背景 初次运行SpringBoot的小伙伴想必对于SpringBoot打印的Banner很感兴趣 通常长成这样 ? 一个Spring扑面而来~ 那么我们能否定制...

24710
来自专栏码匠的流水账

聊聊HystrixThreadPool

hystrix-core-1.5.12-sources.jar!/com/netflix/hystrix/HystrixThreadPool.java

291
来自专栏c#开发者

Easyui DataGrid DateRange Filter 漂亮实用的日期区间段筛选功能

自定义扩展Jquery easyui datagrid filter组件实现对日期类型区间段的筛选功能。显示效果如一下 ? 是不是非常实用 引用的jquery ...

3517
来自专栏CreateAMind

根据人类反馈进行强化学习+ 代码

https://github.com/nottombrown/rl-teacher

601

扫描关注云+社区