Airtun-ng is a virtual tunnel interface creator and is included in the aircrack-ng package. Airtun-ng two basic functions:
- Allow all encrypted traffic to be monitored for wireless Intrusion Detection System (wIDS) purposes
- Inject arbitrary traffic into a network
In order to perform wIDS data gathering, you must have the encryption key and the bssid for the network you wish to monitor.
- Author: Thomas d’Otreppe, Original work: Christophe Devine
- License: GPLv2
airtun-ng – a virtual tunnel interface creator
Airtun-ng 1.2 rc4 - (C) 2006-2015 Thomas d'Otreppe
Original work: Martin Beck
usage: airtun-ng <options> <replay interface>
-x nbpps : number of packets per second (default: 100)
-a bssid : set Access Point MAC address
In WDS Mode this sets the Receiver
-i iface : capture packets from this interface
-y file : read PRGA from this file
-w wepkey : use this WEP-KEY to encrypt packets
-p pass : use this WPA passphrase to decrypt packets
(use with -a and -e)
-e essid : target network SSID (use with -p)
-t tods : send frames to AP (1) or to client (0)
or tunnel them into a WDS/Bridge (2)
-r file : read frames out of pcap file
-h MAC : source MAC address
WDS/Bridge Mode options:
-s transmitter : set Transmitter MAC address for WDS Mode
-b : bidirectional mode. This enables communication
in Transmitter's AND Receiver's networks.
Works only if you can see both stations.
--repeat : activates repeat mode
--bssid <mac> : BSSID to repeat
--netmask <mask> : netmask for BSSID filter
--help : Displays this usage screen
airtun-ng Usage Examples
Specify the BSSID of the access point you wish to monitor (-a DE:AD:BE:EF:CA:FE) and its WEP key (-w 1234567890).
created tap interface at0
WEP encryption specified. Sending and receiving frames through wlan0mon.
FromDS bit set in all frames.