Having too much functions available in the WAIDPS, below are the list of commands available for WAIDPS for easier viewing. Hit on <Enter> to display [Command Selection Menu] on main screen.
Command Selection Menu
B About Application
C Application Configuration
0 / L Change Regulatory
* Enter Country Code (BO)
1 / R Refreshing rate of information
* Refresh detail after number of seconds (30)
2 / T Time before removing inactive AP/Station
H Hide AP/Station
* Number of minutes before hiding inactive AP/Station (1)
R Remove AP/Station
* Number of minutes before removing inactive AP/Station (120)
3 / H Hide inactive Access Point/Station
A Access Point
Y/n Hide inactive Access Point (Y)
S Station
Y/n Hide inactive Station (Y)
4 / B Beep if alert found
Y/n Beep if alert found (Y)
5 / S Sensitivity of IDS (Intrusion Detection System - Detection Sensitivity)
0 / D Display Current Setting
1 / H Highly Sensitive
2 / M Medium Sensitive
3 / L Low Sensitive
4 / C Custom setting of sensitivity
* Threshold for Data86
* Threshold for DataARP (ARP)
* Threshold for Data94
* Threshold for Data98
* Threshold for Association
* Threshold for Disassociation
* Threshold for Reassociation
* Threshold for Authentication
* Threshold for Deauthentication
* Threshold for Deauthentication (Aircrack-NG)
* Threshold for EAPOL Protocal
* Threshold for EAPOL Start
* Threshold for EAP Communication
* Threshold for Qos Data
* Threshold (Only in Analysis)
* Refresh Timeout Rate
6 / A Save Pcap when Attack detected
Y/n To save packets (Pcap) file if IDS detected an attack (Y)
7 / M Save Pcap when Monitored MAC/Name seen
y/N To save packets (Pcap) file if Harvestor found the specified MAC or ESSID
8 / W Whitelist Setting (Bypass alert for MAC/Name)
1 / M MAC Address [BSSID/STATION]
A Add MAC address
$ Specify the MAC Address to monitor (xx:xx:xx:xx:xx)
D Delete MAC Address
$ Specify the MAC Address to remove from list (xx:xx:xx:xx:xx)
C Clear all Monitoring Items
2 / N Name of Access Point / Probe Names
A Add ESSID/Probe Name
$ Enter the Name to Whitelist (Case sensitive)
D Delete MAC Address
$ Enter the Name to remove from the Whitelist (Case sensitive)
C Clear all Names from the Whitelist
9 / C Clear all Monitoring Items (MAC address & Names)
9 / D Dictionary Detail and Setting
1 / A Add dictionary location
$ Enter the location of the dictionary
2 / S Set default dictionary
$/* Enter the dictionary to be set as default (For cracking)
3 / D Delete dictionary location
$/* Enter the dictionary to be remove from dictionary listing
D Output Display
0 / H Hide both Access Points & Stations Listing Display
1 / A Display Access Points Listing Only
2 / S Display Station Listing Only
3 / B Display Both Access Points & Stations Listiong (Separated View
4 / P Advanced View with Probes Request (Merging associated Station with AP)
5 / O Advanced View without probing request (Merging associated Stations with AP)
6 / C Display one time bar chart of Access Points information
7 / N Show Association/Connection Alert (Toggle Yes/No)
8 / U Show Suspicious Activity Listing Alert (Toggle Yes/No)
9 / I Show Intrusion Detection/Attacks Alert (Toggle Yes/No)
+ / D Display client which associated with more than one access point
F Filter Network Display
1 / A Access Point
1 / E Encryption Type
$ Encryption Filter (WPA / WPA2 / WPA* / WEP / OPN / OTH / ALL)
2 / S Signal Range
1 / V VGood
2 / G Good
3 / A Average
4 / P Poor
5 / U Unknown
9 / X Clear Filter
3 / C Channel
* Enter the Channel to filter
4 / N Client
Y/N Display of Access Point with Clients (Yes/No)
5 / W WPS
Y/N Display only Access Point with WPS (Yes/No)
6 / I ESSID
$ Enter the ESSID to filter
7 / B BSSID
$ Enter the BSSID to filter
9 / X Clear Filter
2 / S Station / Client
1 / P Probes
Y/N Display only if station having probe name (Yes/No)
2 / S Signal Range
1 / V VGood
2 / G Good
3 / A Average
4 / P Poor
5 / U Unknown
9 / X Clear Filter
3 / A Associated Station
Y/N Display on if station associated (Yes/No)
4 / U Unassociated Station
Y/N Display on if station is not associated (Yes/No)
9 / X Clear Filter
3 / U Unassociated Station
1 / P Probes
Y/N Display only if unassociated station having probe name (Yes/No)
2 / S Signal Range
1 / V VGood
2 / G Good
3 / A Average
4 / P Poor
5 / U Unknown
9 / X Clear Filter
9 / X Clear Filter
H History Logs (Displaying Active Logs History)
1 / C Association / Connection Alert Log
2 / S Display Suspicious Activity Listing
3 / A Display Attack Log
4 / L Display Combination Logs (All Listing)
L Lookup MAC/Name Detail (Lookup BSSID / Station MAC / ESSID / Probes)
1 / M MAC Address
$ Enter the MAC to lookup for (xx:xx:xx:xx:xx:xx)
2 / N Names of Access Point / Probes
$ Enter the Name to lookup for
M Monitor MAC Address / Names (Adding MAC or Names to be monitoring list)
1 / M MAC Address
A Add MAC
$ Enter the MAC to be monitored (xx:xx:xx:xx:xx:xx)
D Delete MAC
$ Enter the MAC to be removed from monitoring list (xx:xx:xx:xx:xx:xx)
C Clear MAC (Remove all MAC addresses from the monitoring list)
2 / N Name of Access Point / Probe Names
A Add ESSID / Probe Name
$ Enter the ESSID / Probe Name to be added to the monitoring list
D Delete ESSID / Probe Name
$ Remove the ESSID / Probe Name from the monitoring list
C Clear Name (Remove all names from the monitoring list)
3 / L Live Monitoring of Access Point
$ Enter the Access Point MAC Address (BSSID) to monitor (xx:xx:xx:xx:xx:xx)
> Refer to Live Monitoring
9 / C Clear all Monitoring Items (MAC addresses & Names)
O Operation Options
0 / R Shutdown all interfaces and Restart application again
1 / P Probe Access Point Name (For probing on Hidden SSID)
$ Enter the ESSID to Probe
2 / N Refresh Now (Refresh current network harvesting process)
3 / S Restart application (All active listing will be cleared)
y/N Active listing will be cleared, are you sure you want to exit ? (N)
4 / T Restore all setting (All configuration will be reset, application will restart)
y/N All setting will be removed, are you sure (N)
A Auditing Network (Cracking of WEP/WPA/WPS or Live Monitoring of AP)
> Refer to Auditing Network
I Interactive Mode (Packet Analysis) - IDS
> Refer to Interactive Mode
P Intrusion Prevention - IPS
$ Enter the Attacker MAC Address (xx:xx:xx:xx:xx:xx) - Deauthing MAC address once detected trying to associated to access point.
* Enter the loopcount before IPS stop (9999999)
* Waiting time before sending another deauth signal (1)
X Exit Application
1 comment:
Post a Comment