Home / Wireless / Tkiptun-ng | Penetration Testing Tools

Tkiptun-ng | Penetration Testing Tools

Tkiptun-ng Description

Tkiptun-ng is the proof-of-concept implementation the WPA/TKIP attack. This attack is described in the paper, Practical attacks against WEP and WPA written by Martin Beck and Erik Tews. The paper describes advanced attacks on WEP and the first practical attack on WPA.

tkiptun-ng – inject a few frames into a WPA TKIP network with QoS

root@kali:~# tkiptun-ng --help

  Tkiptun-ng 1.2 rc4 - (C) 2008-2015 Thomas d'Otreppe

  usage: tkiptun-ng 

  Filter options:

      -d dmac   : MAC address, Destination
      -s smac   : MAC address, Source
      -m len    : minimum packet length (default: 80)
      -n len    : maximum packet length (default: 80)
      -t tods   : frame control, To      DS bit
      -f fromds : frame control, From    DS bit
      -D        : disable AP detection
      -Z        : select packets manually

  Replay options:

      -x nbpps  : number of packets per second
      -a bssid  : set Access Point MAC address
      -c dmac   : set Destination  MAC address
      -h smac   : set Source       MAC address
      -e essid  : set target AP SSID
      -M sec    : MIC error timeout in seconds [60]

  Debug options:

      -K prga   : keystream for continuation
      -y file   : keystream-file for continuation
      -j        : inject FromDS packets
      -P pmk    : pmk for verification/vuln testing
      -p psk    : psk to calculate pmk with essid

  source options:

      -i iface  : capture packets from this interface
      -r file   : extract packets from this pcap file

      --help              : Displays this usage screen

Source: Tkiptun-ng Wiki
Tkiptun-ng Homepage | Kali aircrack-ng Repo

  • Author: Martin Beck and Erik Tews
  • License: GPLv2

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.


Check Also



makeivs-ng Description makeivs-ng is part of the aircrack-ng package and is used to generate an ...