Skip to content

Home

Jump to bottom
Andrea Vaccaro edited this page Sep 11, 2024 · 16 revisions

Usage of Gapcast

With ./gapcast -h

Usage of gapcast:

Interfaces & band misc:
   -show-i
        Shows available network interfaces.
   -i <interface> : string
        Select network interface.
   -5g
        Start with 5 Ghz band.
   -2.4+5g
        Start with 2.4/5 Ghz band.
   -nm-restart
	Restart Network Manager. (Only for Linux)

Filter misc:
   -c <channel> : int
   -c <channels> : int,int,int...
        Select working channel.
   -b <BSSID> : string
        Select BSSID filter.
   -p <BSSID PREFIX> : string
        Select BSSID prefix filter.
   -beacon
	Shows only beacons.
   -enc <OPEN, WPE, WPA, WPA2, WPA3>
	Select encryption filter.
   -cipher <WEP, TKIP, WRAP, CCMP, WEP104, CMAC, GCMP,
            GCMP256, CCMP256, GMAC, GMAC256, CMAC256>
        Select cipher suite filter.
   -auth <MGT, PSK, FT/MGT256, FT/PSK, MGT256, PSK256,
          TDLS, SAE, FT/SAE, APPeerKey, MGT-B, MGT-CNSA, FT/MGT-384,
          FILS/MGT, FILS/MGT-384, FT/FILS-256, FT/FILS-384, FT/PSK-384, PSK-384>
        Select auth suite filter.
   -d
        Disable inactive devices hider.
   -radar
        Enable RadarRSSI.

Work with pcap:
    -w <file>.pcap
        Write to pcap file.
    -l <file>.pcap
        Load pcap file.

Features:
    -sc <BSSID> : string
        Scan a single target carefully.

Radar misc:
    -dbi-tx <int (or float)>
        Set TX antenna dBi.
    -dbi-rx <int (or float)>
	Set RX antenna dBi.
    -dbm <int (or float)>
	Set TX power.

📖Description & explanations

Gapcast is an IEEE 802.11 packet injection and analyzer software.

The purpose of gapcast is to accurately detect each router's clients, analyze, capture, inject packets & perform attacks (like Evil-Twin). Gapcast adds more and more parameters for filters and functionality during releases. Gapcast therefore requires good documentation to use the software to its fullest.

Supported platform: GNU/Linux

⚙️Parameters

  • -show-i        Shows available network interfaces.
  • -i                  Select network interface.
  • -5g               Start with 5 Ghz band.
  • -2.4+5g        Start with 2.4/5 Ghz band.
  • -c                 Select working channel.
  • -b                 Select BSSID filter.
  • -p                 Select BSSID prefix filter.
  • -beacon       Shows only beacons.
  • -enc             Select encryption filter
  • -cipher         Select cipher filter
  • -auth            Select auth filter
  • -d                 Disable inactive devices hider.
  • -radar           Enable RadarRSSI.
  • -w                Write to pcap file.
  • -l                  Load pcap file.
  • -sc                Scan a single target carefully.
  • -nm-restart   Restart Network Manager. (Only for Linux)
  • -dbi-tx           Set TX antenna dBi.
  • -dbi-rx           Set RX antenna dBi.
  • -dbm             Set TX power.

🔹-show-i

The -show-i parameter it is used to see all available network interfaces and see their information, such as mode, mac, channel, driver, vendor. It is used to suggest the network interface to use with the -i parameter.

📝Syntax:

-show-i

💡Example:

./gapcast -show-i

🔹-i

The -i parameter is used to select the network interface that gapcast will use. Gapcast will check during initialization to make sure that monitor mode is enabled on the network card, so it is important to insert a network interface that supports it.

📝Syntax:

-i <interface>

💡Example:

./gapcast -i wlan0

🔹-5g

The -5g parameter is used to select the work band, some channels between 36 and 173 (from gapcast/libs/libs.go).

If it is not specified the default band is 2.4 Ghz, from channel 1 to 14 (from gapcast/libs/libs.go).

📝Syntax:

-5g

💡Example:

./gapcast -i wlan0 -5g

🔹-2.4+5g

The -2.4+5g parameter is used to select the work band, some channels between 1 and 173 (from gapcast/libs/libs.go).

📝Syntax:

-2.4+5g

💡Example:

./gapcast -i wlan0 -2.4+5g

🔹-c

The -c parameter is used to select the work channel, you can select 1 or more channels that gapcast will scan.

If it is not specified the default band is 2.4 Ghz, from channel 1 to 14 (from gapcast/libs/libs.go).

📝Syntax:

-c <channel>

-c <channel,channel,channel...>

💡Example:

With 2.4 Ghz:

./gapcast -i wlan0 -c 4

./gapcast -i wlan0 -c 5,12,7,3

With 5 Ghz:

./gapcast -i wlan0 -5g -c 36

./gapcast -i wlan0 -5g -c 50,100,60,126

With 2.4/5 Ghz:

./gapcast -i wlan0 -2.4+5g -c 2,6,132,7,40

🔹-b

The -b parameter is used to filter the bssid, to use this parameter you must first specify a single channel. The bssid must be written separated between ":" as in the example.

📝Syntax:

-b <BSSID>

💡Example:

./gapcast -i wlan0 -c 12 -b 70:4e:24:d3:f2:9b

./gapcast -i wlan0 -5g -c 36 -b 90:a2:57:b1:f4:f3

🔹-p

The -p parameter is used to filter the BSSID with a prefix. All BSSIDs with that prefix will be shown.

📝Syntax:

-p <BSSID PREFIX>

💡Example:

./gapcast -i wlan0 -p 70:4e:24:d3:f2:9

./gapcast -i wlan0 -2.4+5g -p 23:5

🔹-beacon

The -beacon parameter is used to show and record beacon packets only.

📝Syntax:

-beacon

💡Example:

./gapcast -i wlan0 -2.4+5g -beacon

./gapcast -i wlan0 -beacon -c 10 -radar

🔹-enc

The -enc parameter is used to filter beacon packets with encryption suite.

Encryption suite available: OPEN, WPE, WPA, WPA2.

📝Syntax:

-enc <OPEN, WPE, WPA, WPA2>

💡Example:

./gapcast -i wlan0 -enc wpe

./gapcast -i wlan0 -5g -enc wpa2

🔹-cipher

The -cipher parameter is used to filter beacon packets with cipher suite.

Cipher suite available: WEP, TKIP, WRAP, CCMP, WEP104.

📝Syntax:

-cipher <WEP, TKIP, WRAP, CCMP, WEP104>

💡Example:

./gapcast -i wlan0 -cipher ccmp

./gapcast -i wlan0 -c 10 -cipher tkip

🔹-cipher

The -auth parameter is used to filter beacon packets with auth suite.

Auth suite available: MGT, PSK.

📝Syntax:

-auth <MGT, PSK>

💡Example:

./gapcast -i wlan0 -auth mgt

./gapcast -i wlan0 -w test.pcap -auth psk

🔹-d

The -d parameter is used to disable shifting of inactive devices. Is the movement of devices to an inactive section not visible in the terminal. This movement is enabled when a device is inactive for 30 seconds, if the device shows up after 30 seconds it becomes "active" and restores all data. If you want to deactivate the process of moving devices to the inactive section, add the -d parameter.

📝Syntax:

-d

💡Example:

./gapcast -i wlan0 -p 80:3e:3 -d

./gapcast -i wlan0 -2.4+5g -d

🔹-radar

The -radar parameter is used to enable RadarRSSI.

This library has an Auto-DBPathLoss system where the Path Loss is chosen via an algorithm, it was created through research and has been tested many times with excellent results.

For power dBm, antenna dBi, these parameters are editable on the radarconf.json file

📝Syntax:

-radar

💡Example:

./gapcast -i wlan0 -5g -radar

./gapcast -i wlan0 -c 13 -b 70:12:a3:f8:e4:36 -radar

🔹-w

The -w parameter is used to record and write all the filtered packets in a pcap file, it can be important both for subsequently doing a load or for saving the EAPOL keys.

Warning

The -d and -radar parameters do not affect writing of the pcap file.

📝Syntax:

-w <file>.pcap

💡Example:

./gapcast -i wlan0 -5g 36 -b 32:4e:24:14:f2:9e -w out-eapol.pcap

./gapcast -i wlan0 -2.4+5g -w out1.pcap

🔹-l

The -l parameter is used to load a pcap file and restore data, can you continue scan by adding -i.

If you want to update a pcap file, then load it and scan it, with the information from the previous pcap file and the new information, just set both -w and -l. More info.

Warning

The -d and -radar parameters do not affect writing of the pcap file.

If you had previously specified these parameters they will not have any effect on the load, the RadarRSSI data will not be loaded and inactive devices will be loaded automatically.

📝Syntax:

-l <file>.pcap

💡Example:

./gapcast -l out.pcap

./gapcast -l out.pcap -i wlan0

./gapcast -i wlan0 -2.4+5g -c 10,50,36,2,172 -w updated.pcap -l out.pcap

🔹-sc

The -sc parameter it's used to scan a single target receiving multiple information, for detailed information click here.

Warning

When using -sc all parameters except -i and the parameters to change the band such as -5g or -2.4+5g they are discarded.

📝Syntax:

-sc <mac's target>

💡Example:

./gapcast -i wlan0 -sc 32:4e:24:14:f2:9e -5g

./gapcast -i wlan0 -sc 32:4e:33:a7:bb:3f

🔹-nm-restart

The -nm-restart parameter is used to restart Network Manager on Linux systems.

📝Syntax:

-nm-restart

💡Example:

./gapcast -nm-restart
<hr>

🔹-dbi-tx

The -dbi-tx parameter is used to set TX antenna dBi, it's useful for radar system with -radar parameter.

Warning

This parameter applies only with the -radar or -sc parameters.

📝Syntax:

-dbi-tx <int (or float)>

💡Example:

./gapcast -i wlan0 -radar -dbi-tx 6

./gapcast -i wlan0 -radar -dbi-tx 4.5 -dbm 22

./gapcast -i wlan0 -radar -dbi-tx 3 -dbi-tx 4

./gapcast -i wlan0 -radar -dbm 24.5 -dbi-rx 3 -dbi-tx 2

🔹-dbi-rx

The -dbi-rx parameter is used to set RX antenna dBi, it's useful for radar system with -radar parameter.

Warning

This parameter applies only with the -radar or -sc parameters.

📝Syntax:

-dbi-rx <int (or float)>

💡Example:

./gapcast -i wlan0 -radar -dbi-rx 3

./gapcast -i wlan0 -radar -dbi-rx 4 -dbm 22

./gapcast -i wlan0 -radar -dbi-rx 3.5 -dbi-tx 2

./gapcast -i wlan0 -radar -dbm 24.5 -dbi-tx 4 -dbi-rx 6

🔹-dbm

The -dbm parameter is used to set TX power, it's useful for radar system with -radar parameter.

Warning

This parameter applies only with the -radar or -sc parameters.

📝Syntax:

-dbm <int (or float)>

💡Example:

./gapcast -i wlan0 -radar -dbm 23.4

./gapcast -i wlan0 -radar -dbm 19

./gapcast -i wlan0 -radar -dbm 22 -dbi-rx 3

./gapcast -i wlan0 -radar -dbm 24.5 -dbi-tx 2 -dbi-rx 6

Examples and more detailed explanations can be found on the main page.

Clone this wiki locally