How to set up FragAttacks on Ubuntu 20.04?

Install kernel 5.8, required dependencies like libnl and libssl, clone the repository, run build.sh and pysetup.sh, and install patched drivers and firmware as detailed in the README's prerequisites section.

What Wi-Fi cards are compatible with FragAttacks?

Only specific models like the TP-Link TL-WN722N v1.x, Intel Wireless-AC 8265, and Alfa AWUS036ACM, with notes on USB support, 5GHz capability, and whether patched drivers are needed, as listed in the supported cards table.

FragAttacks vs Aircrack-ng: which is better for Wi-Fi testing?

FragAttacks specializes in fragmentation and aggregation vulnerabilities (e.g., CVE-2020-24587), while Aircrack-ng focuses on general Wi-Fi security like cracking WPA keys. Use FragAttacks for protocol-level flaws and Aircrack-ng for broader penetration testing.

How to test an access point for FragAttacks vulnerabilities?

Edit client.conf to connect to the AP, use mixed or injection mode with commands like 'ping I,E,E' for basic tests, and follow the troubleshooting checklist if issues arise, as per the README's testing section.

Can FragAttacks test WPA3 networks?

Yes, it tests both WPA2 and WPA3 networks because the attacks target identical encryption ciphers (CCMP/GCMP), as mentioned in the introduction, though applicability to older protocols like TKIP is discussed separately.

What if FragAttacks tests fail or show inconsistent results?

Run the injection tests to verify network card compatibility, disable sleep mode on the device under test, check for background traffic, and consult the detailed troubleshooting checklist in the README for common issues.

Is FragAttacks suitable for integrating into automated security pipelines?

No, due to its hardware dependencies, manual setup steps, and need for specific kernel versions, it's designed for manual security audits and research rather than automated CI/CD workflows.

fragattacks — Wi-Fi Fragmentation Vulnerability Tester

What is fragattacks?

FragAttacks is a security testing tool designed to discover fragmentation and aggregation vulnerabilities in Wi-Fi implementations. It simulates attacks that exploit flaws in how Wi-Fi devices handle frame fragmentation and aggregation, affecting all protected networks including WPA2 and WPA3. The tool helps identify security weaknesses that could allow packet injection or other malicious activities.

Target Audience

Security researchers, penetration testers, and network administrators who need to assess the vulnerability of Wi-Fi clients and access points to fragmentation and aggregation attacks. It is also suitable for developers working on Wi-Fi driver or firmware security.

Value Proposition

FragAttacks provides a comprehensive, open-source testing suite for Wi-Fi vulnerabilities that are not covered by standard security tools. It offers detailed test commands for specific attack vectors, supports multiple network cards and testing modes, and includes patched drivers for accurate vulnerability detection.

Overview

FragAttacks is a security testing tool that identifies vulnerabilities in Wi-Fi implementations related to frame fragmentation and aggregation. It can test both clients and access points for a range of flaws that impact WPA2 and WPA3 networks, helping security researchers and network administrators assess the security of their Wi-Fi devices.

Key Features

Fragmentation Attack Testing — Tests for vulnerabilities where Wi-Fi frames are split into fragments and reassembled incorrectly.
Aggregation (A-MSDU) Attack Testing — Checks for flaws in handling aggregated MAC service data units.
Mixed Key Attack Detection — Identifies issues where fragments encrypted under different keys are accepted.
Cache Attack Verification — Tests whether fragments remain in memory after disassociation or reconnection.
Plaintext Injection Checks — Detects acceptance of plaintext frames in encrypted networks.
Broadcast Fragment Testing — Assesses vulnerabilities related to broadcast frame handling.
EAPOL Frame Attack Simulation — Tests for cloaking attacks using EAPOL frames within A-MSDU aggregates.
Multiple Interface Modes — Supports mixed mode (single card), injection mode (two cards), and experimental hwsim mode.
Comprehensive Test Suite — Includes sanity checks, basic behavior tests, and extended vulnerability tests.
Driver and Firmware Patching — Provides patched Linux drivers and firmware for compatible network cards.

Philosophy

FragAttacks aims to provide a rigorous, open-source tool for uncovering fundamental Wi-Fi security flaws, emphasizing practical testing over theoretical analysis to help secure real-world networks.

fragattacks

What is fragattacks?

Overview

Key Features

Philosophy

Related Projects

Found a gem we're missing?

Use Cases

Best For

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions