aireplay-ng
Inject packets into wireless networks for security testing
TLDR
SYNOPSIS
aireplay-ng attack-mode [-a bssid] [-c client] [-e essid] [options] interface
DESCRIPTION
aireplay-ng is a packet injection tool for wireless networks. It can generate traffic to increase data capture for WEP cracking, force clients to disconnect (enabling handshake capture), and perform various wireless attacks.The tool requires a wireless interface in monitor mode with injection capability.
PARAMETERS
-0 count
Deauthentication attack (0 = continuous)-1 delay
Fake authentication attack-2
Interactive packet replay-3
ARP request replay attack-4
KoreK chopchop attack-5
Fragmentation attack-6
Caffe-Latte attack (capture WEP key from a client)-7
Client-oriented fragmentation attack (cfrag)-9
Injection test-a bssid
Access point MAC address (filter or replay)-b bssid
Access point MAC address (attack-specific, e.g. ARP replay and fragmentation)-c client
Target client MAC-e essid
Target network name-h mac
Source MAC address (your interface or a connected client)-x pps
Number of packets per second to inject-D
Disable AP detection (do not wait for the AP to be seen)-r file
Read packets to inject from a capture file
CAVEATS
For authorized penetration testing only. Requires interface with injection support. Deauthentication attacks are detectable by WIDS. Some attacks only work against WEP networks.
HISTORY
aireplay-ng is a core component of the aircrack-ng suite, first released in 2006. It consolidated various wireless attack techniques into a single tool.
SEE ALSO
aircrack-ng(1), airodump-ng(1), airmon-ng(1), airbase-ng(1)
