Aircrack-ng is a complete suite of tools to assess WiFi network security.
It focuses on different areas of WiFi security:
It’s been more than a year since the last release, and this one brings a ton of improvements.
The most noticeable change are the rate display in Airodump-ng. Previously, it went up to 54Mbit. Now, it takes into account the complexity of 802.11n/ac and calculates the maximum rate that can be achieved on the AP. Expect 802.11ax rates in the next release. We brought basic UTF-8 support for ESSID and if you ever come across WPA3 or OWE, this will be displayed correctly as well. Airodump-ng has had the ability to read PCAP files for quite some time, which can be handy to generate one of the CSV/netxml or other output formats available. However, signal levels were not displayed; this has now been fixed. A new option has been added to read the files in realtime, instead of reading all at once.
Huge improvements have been done under the hood as well. Code has been cleaned up, deduplicated (Pull Request 2010), reorganized (Pull Request 2032), which lead to a lot of fixes.
This reorganization also updated the build system, which now requires automake 1.14+. This was a problem on CentOS 7, but we provide a script to install these requirements from source to solve the issue; although automake 1.14 (and other dependencies) have been released 6+ years ago, CentOS is the only distribution that doesn’t have it, and it was decided to provide a script to install the requirements was a small price to pay to improve and simplify the build system.
Other tools received fixes as well:
We have been working on our infrastructure and have a buildbot server with quite a few systems. If you head up to our buildbot landing page, you can see the extent of the build system: 14 systems to test build on top of AppVeyor, TravisCI, and Coverity Scan, plus one to automatically package it and upload packages to packagecloud.io. It gets triggered every time we push code to our GitHub repository and you can see the details of each build for each commit on GitHub. We have an earlier blog post where you can find some details of our CI/CD.
We are currently working on bringing Mac infrastructure as well.
We keep working on our automated tests, and a few have been added; this release also brings integration tests (16 for now) to automatically test different features of airodump-ng, aireplay-ng, airbase-ng and others.
In case you find security issues in Aircrack-ng or our domains, we recently added a security policy to explain how to report them. It is on GitHub, on our website, as well as security.txt.
And finally, what you’ve been waiting for, the full changelog:
Building
Requirements
Optional stuff
besside-ng
, besside-ng-crawler
, easside-ng
, tkiptun-ng
and wesside-ng
, libpcap development package is required (on Cygwin, use the Aircap SDK instead; see above)Installing required and optional dependencies
Below are instructions for installing the basic requirements to build aircrack-ng
for a number of operating systems.
Note: CMocka, tcpdump, screen, HostAPd and WPA Supplicant should not be dependencies when packaging Aircrack-ng.
Linux
Debian/Ubuntu
sudo apt-get install build-essential autoconf automake libtool pkg-config libnl-3-dev libnl-genl-3-dev libssl-dev ethtool shtool rfkill zlib1g-dev libpcap-dev libsqlite3-dev libpcre3-dev libhwloc-dev libcmocka-dev hostapd wpasupplicant tcpdump screen iw usbutils
Fedora/CentOS/RHEL
sudo yum install libtool pkgconfig sqlite-devel autoconf automake openssl-devel libpcap-devel pcre-devel rfkill libnl3-devel gcc gcc-c++ ethtool hwloc-devel libcmocka-devel git make file expect hostapd wpa_supplicant iw usbutils tcpdump screen
Note: on CentOS and RedHat, HostAPd requires ‘epel’ repository to be enabled: sudo yum install epel-release
openSUSE
sudo zypper install autoconf automake libtool pkg-config libnl3-devel libopenssl-1_1-devel zlib-devel libpcap-devel sqlite3-devel pcre-devel hwloc-devel libcmocka-devel hostapd wpa_supplicant tcpdump screen iw gcc-c++ gcc
Mageia
sudo urpmi autoconf automake libtool pkgconfig libnl3-devel libopenssl-devel zlib-devel libpcap-devel sqlite3-devel pcre-devel hwloc-devel libcmocka-devel hostapd wpa_supplicant tcpdump screen iw gcc-c++ gcc make
Alpine
sudo apk add gcc g++ make autoconf automake libtool libnl3-dev openssl-dev ethtool libpcap-dev cmocka-dev hostapd wpa_supplicant tcpdump screen iw pkgconf util-linux sqlite-dev pcre-dev linux-headers zlib-dev
BSD
FreeBSD
pkg install pkgconf shtool libtool gcc9 automake autoconf pcre sqlite3 openssl gmake hwloc cmocka
DragonflyBSD
pkg install pkgconf shtool libtool gcc8 automake autoconf pcre sqlite3 libgcrypt gmake cmocka
OpenBSD
pkg_add pkgconf shtool libtool gcc automake autoconf pcre sqlite3 openssl gmake cmocka
OSX
XCode, Xcode command line tools and HomeBrew are required.
brew install autoconf automake libtool openssl shtool pkg-config hwloc pcre sqlite3 libpcap cmocka
Windows
Cygwin
Cygwin requires the full path to the setup.exe
utility, in order to automate the installation of the necessary packages. In addition, it requires the location of your installation, a path to the cached packages download location, and a mirror URL.
An example of automatically installing all the dependencies is as follows:
c:\cygwin\setup-x86.exe -qnNdO -R C:/cygwin -s http://cygwin.mirror.constant.com -l C:/cygwin/var/cache/setup -P autoconf -P automake -P bison -P gcc-core -P gcc-g++ -P mingw-runtime -P mingw-binutils -P mingw-gcc-core -P mingw-gcc-g++ -P mingw-pthreads -P mingw-w32api -P libtool -P make -P python -P gettext-devel -P gettext -P intltool -P libiconv -P pkg-config -P git -P wget -P curl -P libpcre-devel -P libssl-devel -P libsqlite3-devel
MSYS2
pacman -Sy autoconf automake-wrapper libtool msys2-w32api-headers msys2-w32api-runtime gcc pkg-config git python openssl-devel openssl libopenssl msys2-runtime-devel gcc binutils make pcre-devel libsqlite-devel
Compiling
To build aircrack-ng
, the Autotools build system is utilized. Autotools replaces the older method of compilation.
NOTE: If utilizing a developer version, eg: one checked out from source control, you will need to run a pre-configure
script. The script to use is one of the following: autoreconf -i
or env NOCONFIGURE=1 ./autogen.sh
.
First, ./configure
the project for building with the appropriate options specified for your environment:
./configure <options>
TIP: If the above fails, please see above about developer source control versions.
Next, compile the project (respecting if make
or gmake
is needed):
Compilation:
make
Compilation on *BSD or Solaris:
gmake
Finally, the additional targets listed below may be of use in your environment:
Execute all unit testing:
make check
Execute all integration testing (requires root):
make integration
Installing:
make install
Uninstall:
make uninstall
./configure
flags
When configuring, the following flags can be used and combined to adjust the suite to your choosing:
with-airpcap=DIR: needed for supporting airpcap devices on windows (cygwin or msys2 only) Replace DIR above with the absolute location to the root of the extracted source code from the Airpcap CD or downloaded SDK available online. Required on Windows to build besside-ng
, besside-ng-crawler
, easside-ng
, tkiptun-ng
and wesside-ng
when building experimental tools. The developer pack (Compatible with version 4.1.1 and 4.1.3) can be downloaded at <https://support.riverbed.com/content/support/software/steelcentral-npm/airpcap.html>
with-experimental: needed to compile tkiptun-ng
, easside-ng
, buddy-ng
, buddy-ng-crawler
, airventriloquist
and wesside-ng
. libpcap development package is also required to compile most of the tools. If not present, not all experimental tools will be built. On Cygwin, libpcap is not present and the Airpcap SDK replaces it. See --with-airpcap option above.
with-ext-scripts: needed to build airoscript-ng
, versuck-ng
, airgraph-ng
and airdrop-ng
. Note: Each script has its own dependencies.
with-gcrypt: Use libgcrypt crypto library instead of the default OpenSSL. And also use internal fast sha1 implementation (borrowed from GIT) Dependency (Debian): libgcrypt20-dev
with-duma: Compile with DUMA support. DUMA is a library to detect buffer overruns and under-runs. Dependencies (debian): duma
disable-libnl: Set-up the project to be compiled without libnl (1 or 3). Linux option only.
without-opt: Do not enable stack protector (on GCC 4.9 and above).
enable-shared: Make OSdep a shared library.
disable-shared: When combined withenable-static, it will statically compile Aircrack-ng.
with-avx512: On x86, add support for AVX512 instructions in aircrack-ng. Only use it when the current CPU supports AVX512.
with-static-simd=: Compile a single optimization in aircrack-ng binary. Useful when compiling statically and/or for space-constrained devices. Valid SIMD options: x86-sse2, x86-avx, x86-avx2, x86-avx512, ppc-altivec, ppc-power8, arm-neon, arm-asimd. Must be used with --enable-static --disable-shared. When using those 2 options, the default is to compile the generic optimization in the binary. --with-static-simd merely allows to choose another one.
Examples:
Configure and compiling:
./configure --with-experimental
make
Compiling with gcrypt:
./configure --with-gcrypt
make
Installing:
make install
Installing (strip binaries):
make install-strip
Installing, with external scripts:
./configure --with-experimental --with-ext-scripts
make
make install
Testing (with sqlite, experimental and pcre)
./configure --with-experimental
make
make check
Compiling on OS X with macports (and all options):
./configure --with-experimental
gmake
Compiling on OS X 10.10 with XCode 7.1 and Homebrew:
env CC=gcc-4.9 CXX=g++-4.9 ./configure
make
make check
NOTE: Older XCode ships with a version of LLVM that does not support CPU feature detection; which causes the ./configure
to fail. To work around this older LLVM, it is required that a different compile suite is used, such as GCC or a newer LLVM from Homebrew.
If you wish to use OpenSSL from Homebrew, you may need to specify the location to its’ installation. To figure out where OpenSSL lives, run:
brew --prefix openssl
Use the output above as the DIR for --with-openssl=DIR
in the ./configure
line:
env CC=gcc-4.9 CXX=g++-4.9 ./configure --with-openssl=DIR
make
make check
Compiling on FreeBSD with gcc9
env CC=gcc9 CXX=g++9 MAKE=gmake ./configure
gmake
Compiling on Cygwin with Airpcap (assuming Airpcap devpack is unpacked in Aircrack-ng directory)
cp -vfp Airpcap_Devpack/bin/x86/airpcap.dll src
cp -vfp Airpcap_Devpack/bin/x86/airpcap.dll src/aircrack-osdep
cp -vfp Airpcap_Devpack/bin/x86/airpcap.dll src/aircrack-crypto
cp -vfp Airpcap_Devpack/bin/x86/airpcap.dll src/aircrack-util
dlltool -D Airpcap_Devpack/bin/x86/airpcap.dll -d build/airpcap.dll.def -l Airpcap_Devpack/bin/x86/libairpcap.dll.a
autoreconf -i
./configure --with-experimental --with-airpcap=$(pwd)
make
Compiling on DragonflyBSD with gcrypt using GCC 8
autoreconf -i
env CC=gcc8 CXX=g++8 MAKE=gmake ./configure --with-experimental --with-gcrypt
gmake
Compiling on OpenBSD (with autoconf 2.69 and automake 1.16)
export AUTOCONF_VERSION=2.69
export AUTOMAKE_VERSION=1.16
autoreconf -i
env MAKE=gmake ./configure
gmake
Compiling and debugging aircrack-ng
export CFLAGS='-O0 -g'
export CXXFLAGS=‘-O0 -g’
./configure
make
LD_LIBRARY_PATH=.libs gdb --args ./aircrack-ng [PARAMETERS]
Packaging
Automatic detection of CPU optimization is done at run time. This behavior is desirable when packaging Aircrack-ng (for a Linux or other distribution.)
Also, in some cases it may be desired to provide your own flags completely and not having the suite auto-detect a number of optimizations. To do this, add the additional flag --without-opt
to the ./configure
line:
./configure --without-opt
Using precompiled binaries
Linux/BSD
Windows
Start menu -> Run... -> cmd.exe
then use themDocumentation
Documentation, tutorials, … can be found on https://aircrack-ng.org
See also manpages and the forum.
For further information check the README file