Aircrack-ng: Difference between revisions

aircrack-ng
	Aircrack-ng performing a dictionary attack on a WPA2 key under Debian GNU/Linux.
Original author(s)	Christophe Devine
Developer(s)	Thomas d'Otreppe de Bouvette
Stable release	1.7 / May 10, 2022
Repository	github.com/aircrack-ng/aircrack-ng ;
Written in	C
Operating system	Cross-platform
Type	Packet sniffer and injector; WEP encryption key recovery
License	GPL
Website	www.aircrack-ng.org

Browse history interactively

← Previous edit Next edit →

Content deleted Content added

VisualWikitext

Inline

Revision as of 15:17, 12 August 2023

Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker and analysis tool for 802.11 wireless LANs. It works with any wireless network interface controller whose driver supports raw monitoring mode and can sniff 802.11a, 802.11b and 802.11g traffic. The program runs under Linux, FreeBSD, macOS, OpenBSD, and Windows; the Linux version is packaged for OpenWrt. Proof of concepts have been released for Android, Zaurus PDA, Maemo platforms and iPhone.^{[citation needed]}

In April 2007 a team at the Darmstadt University of Technology in Germany developed a new attack method based on a paper published by Adi Shamir on the RC4 cipher. This new attack, named 'PTW' (from the researchers' names, Pyshkin, Tews, Weinmann), decreases the number of initialization vectors or IVs needed to decrypt a WEP key and has been included in the aircrack-ng suite since the 0.9 release.^[2]^[3]

Aircrack-ng is a fork of the original Aircrack project. It can be found as a preinstalled tool in many security-focused Linux distributions such as Kali Linux or Parrot Security OS,^[4] which share common attributes as they are developed under the same project (Debian).^[5]

Development

Aircrack was originally developed by French security researcher Christophe Devine,^[6] its main goal was to recover 802.11 wireless networks WEP keys using an implementation of the Fluhrer, Mantin and Shamir (FMS) attack alongside the 17 shared by a hacker named KoreK,^[7]^[8]^[9] who provided his own source code. The first publicly release version of Aircrack was in September 2004, version number 1.4.

Aircrack was forked by Thomas D'Otreppe in February 2006 and released as Aircrack-ng (Aircrack Next Generation).^[10]

Features

The aircrack-ng software suite includes:

aircrack-ng

aircrack-ng supports attacks on 802.11 WEP (with FMS, PTW, KoreK and dictionary attacks), 802.11i WPA/WPA2 and 802.11w WPA2 (using dictionary attacks).^[11] While it doesn't support direct attacks on WPA3 (introduced in 2018), it has been used successfully in combination with a downgrade attack.^[12]

airbase-ng

Incorporates techniques for attacking client, as opposed to Access Points.

aireplay-ng

aireplay-ng is an injector and frame replay tool.^[11]^[13] Deauthentication attacks are supported.^[14]

airmon-ng

airmon-ng can place supported wireless cards in monitor-mode.^[11] Monitor mode refers to a provision in the IEEE 802.11 standard for auditing and design purposes,^[15] in which a

wireless card can capture packets in air range.^[16]

airodump-ng

airodump-ng is a packet sniffer.^[11] It can store information in various formats, making it compatible with software other than the aircrack-ng suite. It supports channel-hopping.^[17]

airserv-ng

Allows to access the wireless card from other computers.

airtun-ng

Virtual tunnel interface creator. Its main uses are monitoring the traffic as an intrusion detection system, and inject arbitrary traffic in a network.^[18]

besside-ng

A tool to automatize WEP cracking and logging of WPA handshakes.

easside-ng

A tool for communicating to an access point, without the WEP key.

tkiptun-ng

WPA/TKIP attack tool. Martin Beck developed tkiptun-ng and described an attack against TKIP in the paper Practical Attacks Against WEP and WPA, written with the help of Erik Tews.^[19]^[20]

wesside-ng

Automatic tool for WEP key recovery.

airdecap-ng

Decrypts WEP or WPA encrypted capture files with known key.^[21]

airdecloak-ng

Removes WEP cloaking from pcap files.

airolib-ng

Stores and manages ESSID and password lists and compute Pairwise Master Keys.

besside-ng-crawler

Performs operations on a directory to search for pcap files and filter out relevant data.

buddy-ng

The helper server for easside-ng, run on a remote computer.

ivstools

Tools to merge and convert.

kstats

kstats is a tool for displaying the FMS algorithm votes for an IVS dump with a given WEP key.

makeivs-ng

makeivs-ng is a testing tool used to generate an IVS file with a given WEP key.

packetforge-ng

Creates encrypted packets for injection.^[22]

wpaclean

Removes unnecessary files from a capture file.^[23]

References

^ "Aircrack-ng 1.7". Aircrack-ng - Official Aircrack-ng blog (Blog). 2022-05-10. Retrieved 2022-04-08.
^ Tews, Erik (2007-12-15). "Diploma thesis Fachgebiet Theoretische Informatik" (PDF). Retrieved 2023-08-10.{{cite web}}: CS1 maint: url-status (link)
^ Tews, Erik; Weinmann, Ralf-Philipp; Pyshkin, Andrei (2007). Kim, Sehun; Yung, Moti; Lee, Hyung-Woo (eds.). "Breaking 104 Bit WEP in Less Than 60 Seconds". Information Security Applications. Lecture Notes in Computer Science. Berlin, Heidelberg: Springer: 188–202. doi:10.1007/978-3-540-77535-5_14. ISBN 978-3-540-77535-5.
^ Antaryami, Aradhna (2021-09-29). "Comparative analysis of Parrot, Kali Linux and Network Security Toolkit (NST)". ERA. doi:10.7939/r3-pcre-7v35. Retrieved 2023-08-10.
^ Cisar, Petar; Pinter, Robert (2019-12-23). "Some ethical hacking possibilities in Kali Linux environment". Journal of Applied Technical and Educational Sciences. 9 (4): 129–149. doi:10.24368/jates.v9i4.139. ISSN 2560-5429.
^ MacMichael, John L. (2005-07-21). "Auditing Wi-Fi Protected Access (WPA) Pre-Shared Key Mode". Retrieved 2023-08-10.{{cite web}}: CS1 maint: url-status (link)
^ Kissi, Michael Kyei; Asante, Michael (2020). "Penetration Testing of IEEE 802.11 Encryption Protocols using Kali Linux Hacking Tools" (PDF). International Journal of Computer Applications. 176 (32): 31.
^ Nykvist, Gustav; Larsson, Johannes (2008). "Practical WLAN security, spring 2008". Retrieved 2023-08-10.{{cite web}}: CS1 maint: url-status (link)
^ Chaabouni, Rafik, ed. (2006). Break WEP Faster with Statistical Analysis.
^ Alamanni, Marco; Johns, Aaron (2015). Kali Linux Wireless Penetration Testing Essentials. p. 8. ISBN 9781785280856.
^ ^a ^b ^c ^d Kumbar, Vishal; Tiwari, Akhil; Tiwari, Pawan; Gupta, Ashish; Shrawne, Seema (2012). "Vulnerabilities of Wireless Security protocols (WEP and WPA2)". International Journal of Advanced Research in Computer Engineering & Technology. 1 (2): 35.
^ Baray, Elyas; Kumar Ojha, Nitish (2021). "'WLAN Security Protocols and WPA3 Security Approach Measurement Through Aircrack-ng Technique'". 2021 5th International Conference on Computing Methodologies and Communication (ICCMC): 23–30. doi:10.1109/ICCMC51019.2021.9418230.
^ Abdalla, Michel; Pointcheval, David; Fouque, Pierre-Alain; Vergnaud, Damien, eds. (2009). "Applied Cryptography and Network Security". Lecture Notes in Computer Science: 408. doi:10.1007/978-3-642-01957-9. ISSN 0302-9743.
^ Noman, Haitham Ameen; Abdullah, Shahidan M.; Mohammed, Haydar Imad (2015). "An Automated Approach to Detect Deauthentication and Disassociation Dos Attacks on Wireless 802.11 Networks" (PDF). IJCSI International Journal of Computer Science Issues. 12 (4): 108 – via ResearchGate.
^ Günther, Stephan M.; Leclaire, Maurice; Michaelis, Julius; Carle, Georg (2014). "Analysis of injection capabilities and media access of IEEE 802.11 hardware in monitor mode". 2014 IEEE Network Operations and Management Symposium (NOMS): 1–9. doi:10.1109/NOMS.2014.6838262.
^ Prasad, Ajay; Verma, Sourabh Singh; Dahiya, Priyanka; Kumar, Anil (2021). "A Case Study on the Monitor Mode Passive Capturing of WLAN Packets in an On-the-Move Setup". IEEE Access. 9: 152408–152420. doi:10.1109/ACCESS.2021.3127079. ISSN 2169-3536.
^ Oransirikul, Thongtat; Nishide, Ryo; Piumarta, Ian; Takada, Hideyuki (2014-01-01). "Measuring Bus Passenger Load by Monitoring Wi-Fi Transmissions from Mobile Devices". Procedia Technology. International workshop on Innovations in Information and Communication Science and Technology, IICST 2014, 3-5 September 2014, Warsaw, Poland. 18: 120–125. doi:10.1016/j.protcy.2014.11.023. ISSN 2212-0173.
^ Abdalla, Michel; Pointcheval, David; Fouque, Pierre-Alain; Vergnaud, Damien, eds. (2009). "Applied Cryptography and Network Security". Lecture Notes in Computer Science: 409. doi:10.1007/978-3-642-01957-9. ISSN 0302-9743.
^ Tews, Erik; Beck, Martin (2009-03-16). "Practical attacks against WEP and WPA". Proceedings of the second ACM conference on Wireless network security. WiSec '09. New York, NY, USA: Association for Computing Machinery: 79–86. doi:10.1145/1514274.1514286. ISBN 978-1-60558-460-7.
^ Halvorsen, Finn M.; Haugen, Olav; Eian, Martin; Mjølsnes, Stig F. (2009), Jøsang, Audun; Maseng, Torleiv; Knapskog, Svein Johan (eds.), "An Improved Attack on TKIP", Identity and Privacy in the Internet Age, vol. 5838, Berlin, Heidelberg: Springer Berlin Heidelberg, pp. 120–132, doi:10.1007/978-3-642-04766-4_9, ISBN 978-3-642-04765-7, retrieved 2023-08-12
^ Yuan, Xiaohong; Wright, Omari T.; Yu, Huiming; Williams, Kenneth A. (2008-09-26). "Laboratory design for wireless network attacks". Proceedings of the 5th annual conference on Information security curriculum development. InfoSecCD '08. New York, NY, USA: Association for Computing Machinery: 5–12. doi:10.1145/1456625.1456629. ISBN 978-1-60558-333-4.
^ Singh, Rajeev; Sharma, Teek Parval (2015-05-10). "On the IEEE 802.11i security: a denial-of-service perspective: On the IEEE 802.11i security: a denial-of-service perspective". Security and Communication Networks. 8 (7): 3. doi:10.1002/sec.1079.
^ Rondon, Luis Puche; Babun, Leonardo; Akkaya, Kemal; Uluagac, A. Selcuk (2019-12-09). "HDMI-walk: attacking HDMI distribution networks via consumer electronic control protocol". Proceedings of the 35th Annual Computer Security Applications Conference. ACSAC '19. New York, NY, USA: Association for Computing Machinery: 650–659. doi:10.1145/3359789.3359841. ISBN 978-1-4503-7628-0.

External links

Official website

[1] "Aircrack-ng 1.7". Aircrack-ng - Official Aircrack-ng blog (Blog). 2022-05-10. Retrieved 2022-04-08.

[2] Tews, Erik (2007-12-15). "Diploma thesis Fachgebiet Theoretische Informatik" (PDF). Retrieved 2023-08-10.{{cite web}}: CS1 maint: url-status (link)

[3] Tews, Erik; Weinmann, Ralf-Philipp; Pyshkin, Andrei (2007). Kim, Sehun; Yung, Moti; Lee, Hyung-Woo (eds.). "Breaking 104 Bit WEP in Less Than 60 Seconds". Information Security Applications. Lecture Notes in Computer Science. Berlin, Heidelberg: Springer: 188–202. doi:10.1007/978-3-540-77535-5_14. ISBN 978-3-540-77535-5.

[4] Antaryami, Aradhna (2021-09-29). "Comparative analysis of Parrot, Kali Linux and Network Security Toolkit (NST)". ERA. doi:10.7939/r3-pcre-7v35. Retrieved 2023-08-10.

[5] Cisar, Petar; Pinter, Robert (2019-12-23). "Some ethical hacking possibilities in Kali Linux environment". Journal of Applied Technical and Educational Sciences. 9 (4): 129–149. doi:10.24368/jates.v9i4.139. ISSN 2560-5429.

[6] MacMichael, John L. (2005-07-21). "Auditing Wi-Fi Protected Access (WPA) Pre-Shared Key Mode". Retrieved 2023-08-10.{{cite web}}: CS1 maint: url-status (link)

[7] Kissi, Michael Kyei; Asante, Michael (2020). "Penetration Testing of IEEE 802.11 Encryption Protocols using Kali Linux Hacking Tools" (PDF). International Journal of Computer Applications. 176 (32): 31.

[8] Nykvist, Gustav; Larsson, Johannes (2008). "Practical WLAN security, spring 2008". Retrieved 2023-08-10.{{cite web}}: CS1 maint: url-status (link)

[9] Chaabouni, Rafik, ed. (2006). Break WEP Faster with Statistical Analysis.

[10] Alamanni, Marco; Johns, Aaron (2015). Kali Linux Wireless Penetration Testing Essentials. p. 8. ISBN 9781785280856.

[:0-11] Kumbar, Vishal; Tiwari, Akhil; Tiwari, Pawan; Gupta, Ashish; Shrawne, Seema (2012). "Vulnerabilities of Wireless Security protocols (WEP and WPA2)". International Journal of Advanced Research in Computer Engineering & Technology. 1 (2): 35.

[12] Baray, Elyas; Kumar Ojha, Nitish (2021). "'WLAN Security Protocols and WPA3 Security Approach Measurement Through Aircrack-ng Technique'". 2021 5th International Conference on Computing Methodologies and Communication (ICCMC): 23–30. doi:10.1109/ICCMC51019.2021.9418230.

[13] Abdalla, Michel; Pointcheval, David; Fouque, Pierre-Alain; Vergnaud, Damien, eds. (2009). "Applied Cryptography and Network Security". Lecture Notes in Computer Science: 408. doi:10.1007/978-3-642-01957-9. ISSN 0302-9743.

[14] Noman, Haitham Ameen; Abdullah, Shahidan M.; Mohammed, Haydar Imad (2015). "An Automated Approach to Detect Deauthentication and Disassociation Dos Attacks on Wireless 802.11 Networks" (PDF). IJCSI International Journal of Computer Science Issues. 12 (4): 108 – via ResearchGate.

[15] Günther, Stephan M.; Leclaire, Maurice; Michaelis, Julius; Carle, Georg (2014). "Analysis of injection capabilities and media access of IEEE 802.11 hardware in monitor mode". 2014 IEEE Network Operations and Management Symposium (NOMS): 1–9. doi:10.1109/NOMS.2014.6838262.

[16] Prasad, Ajay; Verma, Sourabh Singh; Dahiya, Priyanka; Kumar, Anil (2021). "A Case Study on the Monitor Mode Passive Capturing of WLAN Packets in an On-the-Move Setup". IEEE Access. 9: 152408–152420. doi:10.1109/ACCESS.2021.3127079. ISSN 2169-3536.

[17] Oransirikul, Thongtat; Nishide, Ryo; Piumarta, Ian; Takada, Hideyuki (2014-01-01). "Measuring Bus Passenger Load by Monitoring Wi-Fi Transmissions from Mobile Devices". Procedia Technology. International workshop on Innovations in Information and Communication Science and Technology, IICST 2014, 3-5 September 2014, Warsaw, Poland. 18: 120–125. doi:10.1016/j.protcy.2014.11.023. ISSN 2212-0173.

[18] Abdalla, Michel; Pointcheval, David; Fouque, Pierre-Alain; Vergnaud, Damien, eds. (2009). "Applied Cryptography and Network Security". Lecture Notes in Computer Science: 409. doi:10.1007/978-3-642-01957-9. ISSN 0302-9743.

[19] Tews, Erik; Beck, Martin (2009-03-16). "Practical attacks against WEP and WPA". Proceedings of the second ACM conference on Wireless network security. WiSec '09. New York, NY, USA: Association for Computing Machinery: 79–86. doi:10.1145/1514274.1514286. ISBN 978-1-60558-460-7.

[20] Halvorsen, Finn M.; Haugen, Olav; Eian, Martin; Mjølsnes, Stig F. (2009), Jøsang, Audun; Maseng, Torleiv; Knapskog, Svein Johan (eds.), "An Improved Attack on TKIP", Identity and Privacy in the Internet Age, vol. 5838, Berlin, Heidelberg: Springer Berlin Heidelberg, pp. 120–132, doi:10.1007/978-3-642-04766-4_9, ISBN 978-3-642-04765-7, retrieved 2023-08-12

[21] Yuan, Xiaohong; Wright, Omari T.; Yu, Huiming; Williams, Kenneth A. (2008-09-26). "Laboratory design for wireless network attacks". Proceedings of the 5th annual conference on Information security curriculum development. InfoSecCD '08. New York, NY, USA: Association for Computing Machinery: 5–12. doi:10.1145/1456625.1456629. ISBN 978-1-60558-333-4.

[22] Singh, Rajeev; Sharma, Teek Parval (2015-05-10). "On the IEEE 802.11i security: a denial-of-service perspective: On the IEEE 802.11i security: a denial-of-service perspective". Security and Communication Networks. 8 (7): 3. doi:10.1002/sec.1079.

[23] Rondon, Luis Puche; Babun, Leonardo; Akkaya, Kemal; Uluagac, A. Selcuk (2019-12-09). "HDMI-walk: attacking HDMI distribution networks via consumer electronic control protocol". Proceedings of the 35th Annual Computer Security Applications Conference. ACSAC '19. New York, NY, USA: Association for Computing Machinery: 650–659. doi:10.1145/3359789.3359841. ISBN 978-1-4503-7628-0.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]

[18]

[19]

[20]

[21]

[22]

[23]

@@ Line 2: / Line 2: @@
 | name = aircrack-ng
 | logo = Aircrack-ng-new-logo.jpg
-| screenshot =
+| screenshot = Aircrack-ng dictionary attack.png
-| caption = Aircrack-ng decrypting [[Wired Equivalent Privacy|WEP]] key under [[Debian]] [[GNU]]/[[Linux]].
+| caption = Aircrack-ng performing a dictionary attack on a WPA2 key under [[Debian]] [[GNU]]/[[Linux]].
+| author = Christophe Devine
 | developer = Thomas d'Otreppe de Bouvette
 | latest release version = 1.7
@@ Line 18: / Line 19: @@
 In April 2007 a team at the [[Technische Universität Darmstadt|Darmstadt University of Technology]] in [[Germany]] developed a new attack method based on a paper published by [[Adi Shamir]] on the [[RC4]] cipher. This new attack, named 'PTW' (from the researchers' names, Pyshkin, Tews, Weinmann), decreases the number of [[initialization vector]]s or IVs needed to decrypt a WEP key and has been included in the aircrack-ng suite since the 0.9 release.<ref>{{Cite web |last=Tews |first=Erik |date=2007-12-15 |title=Diploma thesis Fachgebiet Theoretische Informatik |url=https://eprint.iacr.org/2007/471.pdf |url-status=live |access-date=2023-08-10}}</ref><ref>{{Cite journal |last=Tews |first=Erik |last2=Weinmann |first2=Ralf-Philipp |last3=Pyshkin |first3=Andrei |date=2007 |editor-last=Kim |editor-first=Sehun |editor2-last=Yung |editor2-first=Moti |editor3-last=Lee |editor3-first=Hyung-Woo |title=Breaking 104 Bit WEP in Less Than 60 Seconds |url=https://link.springer.com/chapter/10.1007/978-3-540-77535-5_14 |journal=Information Security Applications |series=Lecture Notes in Computer Science |language=en |location=Berlin, Heidelberg |publisher=Springer |pages=188–202 |doi=10.1007/978-3-540-77535-5_14 |isbn=978-3-540-77535-5}}</ref>
-Aircrack-ng is a [[fork (software development)|fork]] of the original Aircrack project. It can be found as a preinstalled tool in many security-focused Linux distributions such as [[Kali Linux]] or [[Parrot Security OS|Parrot]],<ref>{{Cite web |last=Antaryami |first=Aradhna |date=2021-09-29 |title=Comparative analysis of Parrot, Kali Linux and Network Security Toolkit (NST) |url=https://era.library.ualberta.ca/items/b642ba6c-d9c3-40e3-a76d-935659c500b0 |access-date=2023-08-10 |website=ERA |language=en |doi=10.7939/r3-pcre-7v35}}</ref> which share common attributes as they are developed under the same project (Debian).<ref>{{Cite journal |last=Cisar |first=Petar |last2=Pinter |first2=Robert |date=2019-12-23 |title=Some ethical hacking possibilities in Kali Linux environment |url=https://jates.org/index.php/jatespath/article/view/139 |journal=Journal of Applied Technical and Educational Sciences |language=en |volume=9 |issue=4 |pages=129–149 |doi=10.24368/jates.v9i4.139 |issn=2560-5429}}</ref>
+Aircrack-ng is a [[fork (software development)|fork]] of the original Aircrack project. It can be found as a preinstalled tool in many security-focused Linux distributions such as [[Kali Linux]] or [[Parrot Security OS]],<ref>{{Cite web |last=Antaryami |first=Aradhna |date=2021-09-29 |title=Comparative analysis of Parrot, Kali Linux and Network Security Toolkit (NST) |url=https://era.library.ualberta.ca/items/b642ba6c-d9c3-40e3-a76d-935659c500b0 |access-date=2023-08-10 |website=ERA |language=en |doi=10.7939/r3-pcre-7v35}}</ref> which share common attributes as they are developed under the same project (Debian).<ref>{{Cite journal |last=Cisar |first=Petar |last2=Pinter |first2=Robert |date=2019-12-23 |title=Some ethical hacking possibilities in Kali Linux environment |url=https://jates.org/index.php/jatespath/article/view/139 |journal=Journal of Applied Technical and Educational Sciences |language=en |volume=9 |issue=4 |pages=129–149 |doi=10.24368/jates.v9i4.139 |issn=2560-5429}}</ref>
 == Development ==
-Aircrack was originally developed by French security researcher [[Christophe Devine]],<ref>{{Cite web |last=MacMichael |first=John L. |date=2005-07-21 |title=Auditing Wi-Fi Protected Access (WPA) Pre-Shared Key Mode |url=https://dl.acm.org/doi/fullHtml/10.5555/1084783.1084785 |url-status=live |access-date=2023-08-10}}</ref> its main goal was to recover 802.11 [[Wireless network|wireless networks]] [[Wired Equivalent Privacy|WEP]] keys using an implementation of the [[Fluhrer, Mantin and Shamir attack|Fluhrer, Mantin and Shamir (FMS) attack]] alongside the ones shared by a hacker named KoreK,<ref>{{Cite journal |last=Kissi |first=Michael Kyei |last2=Asante |first2=Michael |date=2020 |title=Penetration Testing of IEEE 802.11 Encryption Protocols using Kali Linux Hacking Tools |url=https://www.researchgate.net/profile/Michael-Kissi-2/publication/342283555_Penetration_Testing_of_IEEE_80211_Encryption_Protocols_using_Kali_Linux_Hacking_Tools/links/5eebff5792851ce9e7f07023/Penetration-Testing-of-IEEE-80211-Encryption-Protocols-using-Kali-Linux-Hacking-Tools.pdf |journal=International Journal of Computer Applications |volume=176 |issue=32 |page=31}}</ref><ref>{{Cite web |last=Nykvist |first=Gustav |last2=Larsson |first2=Johannes |date=2008 |title=Practical WLAN security, spring 2008 |url=https://citeseerx.ist.psu.edu/document?repid=rep1&type=pdf&doi=474cb44f7869145ac448b5f0cd1abf95f5399c0f |url-status=live |access-date=2023-08-10}}</ref> who provided his own source code. The first publicly release version of Aircrack was in September 2004, version number 1.4.
+Aircrack was originally developed by French security researcher [[Christophe Devine]],<ref>{{Cite web |last=MacMichael |first=John L. |date=2005-07-21 |title=Auditing Wi-Fi Protected Access (WPA) Pre-Shared Key Mode |url=https://dl.acm.org/doi/fullHtml/10.5555/1084783.1084785 |url-status=live |access-date=2023-08-10}}</ref> its main goal was to recover 802.11 [[Wireless network|wireless networks]] [[Wired Equivalent Privacy|WEP]] keys using an implementation of the [[Fluhrer, Mantin and Shamir attack|Fluhrer, Mantin and Shamir (FMS) attack]] alongside the 17 shared by a hacker named KoreK,<ref>{{Cite journal |last=Kissi |first=Michael Kyei |last2=Asante |first2=Michael |date=2020 |title=Penetration Testing of IEEE 802.11 Encryption Protocols using Kali Linux Hacking Tools |url=https://www.researchgate.net/profile/Michael-Kissi-2/publication/342283555_Penetration_Testing_of_IEEE_80211_Encryption_Protocols_using_Kali_Linux_Hacking_Tools/links/5eebff5792851ce9e7f07023/Penetration-Testing-of-IEEE-80211-Encryption-Protocols-using-Kali-Linux-Hacking-Tools.pdf |journal=International Journal of Computer Applications |volume=176 |issue=32 |page=31}}</ref><ref>{{Cite web |last=Nykvist |first=Gustav |last2=Larsson |first2=Johannes |date=2008 |title=Practical WLAN security, spring 2008 |url=https://citeseerx.ist.psu.edu/document?repid=rep1&type=pdf&doi=474cb44f7869145ac448b5f0cd1abf95f5399c0f |url-status=live |access-date=2023-08-10}}</ref><ref>{{Cite book |url=https://infoscience.epfl.ch/record/113785 |title=Break WEP Faster with Statistical Analysis |date=2006 |editor-last=Chaabouni |editor-first=Rafik}}</ref> who provided his own source code. The first publicly release version of Aircrack was in September 2004, version number 1.4.
 Aircrack was forked by Thomas D'Otreppe in February 2006 and released as Aircrack-ng (Aircrack Next Generation).<ref>{{Cite book |last=Alamanni |first=Marco |title=Kali Linux Wireless Penetration Testing Essentials |last2=Johns |first2=Aaron |year=2015 |isbn=9781785280856 |pages=8 |language=en}}</ref>
@@ Line 39: / Line 40: @@
 === airmon-ng ===
-airmon-ng can place supported [[Wireless network interface controller|wireless cards]] in [[Monitor mode|monitor-mode]].<ref name=":0" /> Monitor mode refers to a provision in the IEEE 802.11 standard for auditing and design purposes,<ref>{{Cite journal |last=Günther |first=Stephan M. |last2=Leclaire |first2=Maurice |last3=Michaelis |first3=Julius |last4=Carle |first4=Georg |date=2014 |title=Analysis of injection capabilities and media access of IEEE 802.11 hardware in monitor mode |url=https://ieeexplore.ieee.org/document/6838262/ |journal=2014 IEEE Network Operations and Management Symposium (NOMS) |pages=1–9 |doi=10.1109/NOMS.2014.6838262}}</ref> in which a wireless card can capture packets in air range.<ref>{{Cite journal |last=Prasad |first=Ajay |last2=Verma |first2=Sourabh Singh |last3=Dahiya |first3=Priyanka |last4=Kumar |first4=Anil |date=2021 |title=A Case Study on the Monitor Mode Passive Capturing of WLAN Packets in an On-the-Move Setup |url=https://ieeexplore.ieee.org/document/9610049/ |journal=IEEE Access |volume=9 |pages=152408–152420 |doi=10.1109/ACCESS.2021.3127079 |issn=2169-3536}}</ref>
+airmon-ng can place supported [[Wireless network interface controller|wireless cards]] in [[Monitor mode|monitor-mode]].<ref name=":0" /> Monitor mode refers to a provision in the IEEE 802.11 standard for auditing and design purposes,<ref>{{Cite journal |last=Günther |first=Stephan M. |last2=Leclaire |first2=Maurice |last3=Michaelis |first3=Julius |last4=Carle |first4=Georg |date=2014 |title=Analysis of injection capabilities and media access of IEEE 802.11 hardware in monitor mode |url=https://ieeexplore.ieee.org/document/6838262/ |journal=2014 IEEE Network Operations and Management Symposium (NOMS) |pages=1–9 |doi=10.1109/NOMS.2014.6838262}}</ref> in which a
+[[File:Airmon-ng setting monitor mode.png|alt=A Linux terminal shows the airmon-ng command running twice. The first time to show the available adapters, and the second time to set the monitor mode with the correct interface name.|thumb|Setting monitor mode using airmon-ng.]]wireless card can capture packets in air range.<ref>{{Cite journal |last=Prasad |first=Ajay |last2=Verma |first2=Sourabh Singh |last3=Dahiya |first3=Priyanka |last4=Kumar |first4=Anil |date=2021 |title=A Case Study on the Monitor Mode Passive Capturing of WLAN Packets in an On-the-Move Setup |url=https://ieeexplore.ieee.org/document/9610049/ |journal=IEEE Access |volume=9 |pages=152408–152420 |doi=10.1109/ACCESS.2021.3127079 |issn=2169-3536}}</ref>
-[[File:Airmon-ng setting monitor mode.png|alt=A Linux terminal shows the airmon-ng command running twice. The first time to show the available adapters, and the second time to set the monitor mode with the correct interface name.|thumb|Setting monitor mode using airmon-ng.]]
 === airodump-ng ===
+[[File:Airodump-ng scanning networks.png|alt=A Linux terminal shows the airodump-ng command running. It shows a single Access Point named Wikimedia_Commons_Demo.|thumb|A network scan is performed using airodump-ng.]]
-airodump-ng is a [[Packet analyzer|packet sniffer]].<ref name=":0" /> It can store information in various formats, making it compatible with software other than the aircrack-ng suite.
+airodump-ng is a [[Packet analyzer|packet sniffer]].<ref name=":0" /> It can store information in various formats, making it compatible with software other than the aircrack-ng suite. It supports channel-hopping.<ref>{{Cite journal |last=Oransirikul |first=Thongtat |last2=Nishide |first2=Ryo |last3=Piumarta |first3=Ian |last4=Takada |first4=Hideyuki |date=2014-01-01 |title=Measuring Bus Passenger Load by Monitoring Wi-Fi Transmissions from Mobile Devices |url=https://www.sciencedirect.com/science/article/pii/S2212017314005441 |journal=Procedia Technology |series=International workshop on Innovations in Information and Communication Science and Technology, IICST 2014, 3-5 September 2014, Warsaw, Poland |language=en |volume=18 |pages=120–125 |doi=10.1016/j.protcy.2014.11.023 |issn=2212-0173}}</ref>
 === airserv-ng ===
@@ Line 58: / Line 60: @@
 === tkiptun-ng ===
+WPA/[[Temporal Key Integrity Protocol|TKIP]] attack tool. Martin Beck developed tkiptun-ng and described an attack against TKIP in the paper ''Practical Attacks Against WEP and WPA'', written with the help of Erik Tews.<ref>{{Cite journal |last=Tews |first=Erik |last2=Beck |first2=Martin |date=2009-03-16 |title=Practical attacks against WEP and WPA |url=https://doi.org/10.1145/1514274.1514286 |journal=Proceedings of the second ACM conference on Wireless network security |series=WiSec '09 |location=New York, NY, USA |publisher=Association for Computing Machinery |pages=79–86 |doi=10.1145/1514274.1514286 |isbn=978-1-60558-460-7}}</ref><ref>{{Citation |last=Halvorsen |first=Finn M. |title=An Improved Attack on TKIP |date=2009 |url=http://link.springer.com/10.1007/978-3-642-04766-4_9 |work=Identity and Privacy in the Internet Age |volume=5838 |pages=120–132 |editor-last=Jøsang |editor-first=Audun |access-date=2023-08-12 |place=Berlin, Heidelberg |publisher=Springer Berlin Heidelberg |doi=10.1007/978-3-642-04766-4_9 |isbn=978-3-642-04765-7 |last2=Haugen |first2=Olav |last3=Eian |first3=Martin |last4=Mjølsnes |first4=Stig F. |editor2-last=Maseng |editor2-first=Torleiv |editor3-last=Knapskog |editor3-first=Svein Johan}}</ref>
-WPA/[[Temporal Key Integrity Protocol|TKIP]] attack tool.
 === wesside-ng ===
@@ Line 91: / Line 93: @@
 === wpaclean ===
+Removes unnecessary files from a capture file.<ref>{{Cite journal |last=Rondon |first=Luis Puche |last2=Babun |first2=Leonardo |last3=Akkaya |first3=Kemal |last4=Uluagac |first4=A. Selcuk |date=2019-12-09 |title=HDMI-walk: attacking HDMI distribution networks via consumer electronic control protocol |url=https://dl.acm.org/doi/10.1145/3359789.3359841 |journal=Proceedings of the 35th Annual Computer Security Applications Conference |series=ACSAC '19 |location=New York, NY, USA |publisher=Association for Computing Machinery |pages=650–659 |doi=10.1145/3359789.3359841 |isbn=978-1-4503-7628-0}}</ref>
-Removes unnecessary files from a capture file.
 == See also ==