Wifitap Save Abandoned

wifitap updated for BT5r3

Project README

#########################################

wifitap.py --- WiFi injection tool through tun/tap device

Cedric Blancher [email protected]

http://sid.rstack.org/index.php/Wifitap (french)

http://sid.rstack.org/index.php/Wifitap_EN (english)

#########################################

This program is a proof of concept tool allowing WiFi communications using traffic injection. You'll need:

. Python >= 2.2
. Psyco Python optimizer (optional)
. Philippe Biondi's Scapy
. Injection ready wireless adapter

It's been tested on GNU/Linux using Atheros chipset based adapter with patched Madwifi driver and Intersil Prism GT Full MACchipset with Prism54 driver. It should as well work with Prism2/2.5/3 chipset hostap driver or wlan-ng driver, Ralink rt2500/2750 chipset using rt2500 driver and Realtek RTL8180 chipset using rtl8180-sa2400 driver.

I didn't take time to test Prism2/2.5/3 support and don't have Ralink or Realtek based hardware for testing. By the way, I would be glad to have feedback for Wifitap attempts with thoses chipsets.

Drivers patches are written by Christophe Devine and updated by Aircrack-ng people. For details about drivers patch and installation, see PATCHING file.

To get wifitap work on other Unix operating systems than GNU/Linux, you have to install pcap or dnet wrappers for Python so Scapy can work (see http://www.secdev.org/projects/scapy/portability.html). Then, and it's the most important part, you have to find a wireless adapter driver that supports raw wireless traffic injection if any.

NB : Python is so slow...

o Getting Wifitap ;)

Wifitap is available at:

	http://sid.rstack.org/index.php/Wifitap (french)
	http://sid.rstack.org/index.php/Wifitap_EN (english)

Lastest version is downloadable at:

	http://sid.rstack.org/code/wifitap.tgz

Repository available at:

	http://sid.rstack.org/code/wifitap/

o Getting Scapy

A working Scapy version is attached, so Wifitap is ready to work.
However, you can get a more featured version of the tool at:

	http://www.secdev.org/projects/scapy/

Download "work-in-progress" version or (better) use provided version...

o Preparing WiFi adapter

Download, patch and install driver (see PATCHING).

Supposing channel is 11:

	~# iwconfig $IFACE mode monitor channel 11
	~# ifconfig $IFACE up promisc

NB: Atheros driver Madwifi requires specific configuration to get driver
    in promisc mode and/or activate traffic injection. See website
    (http://www.madwifi.org/) for details if you use madwifi-ng or
    madwifi-old.

o Launching Wifitap

	~# ./wifitap.py -b <bssid>

A wj0 interface will be created that needs to be configured as a
regular interface, with optional MAC address specification:

	~# ifconfig wj0 [hw ether <MAC>] 192.168.1.1 [mtu <MTU>]

o Using Wifitap

Now, you can us wj0 interface just as a usual interface to communicate
with your prefered applications and tools, according to system routing
table :)

o Wifitap command line arguments

Usage : wifitap -b <BSSID> [-o <iface>] [-i <iface> [-s <SMAC>]
		[-w <WEP key> [-k <key id>]] [-d [-v]] [-h]

-b	Specifies BSSID in ususal 6 hex digits MAC address format:
		. 00:01:02:03:04:05

-o	Specifies output WiFi interface for frames injection

-i	Specifies input WiFi interface for frames sniffing

-s	Specifies source MAC address
		. 00:01:02:03:04:05

-w	Activates WEP encryption/decryption with specified WEP key
	Key can be given using following formats:
		. 0102030405 or 0102030405060708090a0b0c0d
		. 01:02:03:04:05 or
		  01:02:03:04:05:06:07:08:09:0a:0b:0c:0d
		. 0102-0304-05 or 0102-0304-0506-0708-090a-0b0c-0d

-k	Specifies WEP key id, from 0 to 3

-d	Activates debugging

-v	Increases debugging verbosity

-h	Help screen

o Latest libpcap fully supports Wi-Fi specific headers, typically Prism Headers. However, if your system uses old libpcap, you will need to apply provided patch:

patch -p0 < prismheaders.patch

It will add a flag (-p) to tell Wifitap to shift 144 bits of Prism Headers to access 802.11 frame.

#########################################

Copyright (C) 2005 Cedric Blancher [email protected]

This program is free software; you can redistribute it and/or modify it

under the terms of the GNU General Public License version 2 as

published by the Free Software Foundation; version 2.

This program is distributed in the hope that it will be useful, but

WITHOUT ANY WARRANTY; without even the implied warranty of

MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

General Public License for more details.

#########################################

Open Source Agenda is not affiliated with "Wifitap" Project. README Source: GDSSecurity/wifitap
Stars
147
Open Issues
2
Last Commit
7 years ago
License

Open Source Agenda Badge

Open Source Agenda Rating