From 95affbcaa9a4ad678b485c7b7e73e9a75b02f770 Mon Sep 17 00:00:00 2001 From: Mathy Vanhoef Date: Sat, 8 May 2021 18:46:39 +0400 Subject: [PATCH] fragattacks: avoid wordwrap on github --- README.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 619c9f2c8..5cbd68664 100644 --- a/README.md +++ b/README.md @@ -265,8 +265,8 @@ device and are further discussed below the table. |
*[Cache attacks (§5)](#id-test-cache)*
| `ping I,E,R,AE` | Inject a fragment, try triggering a _reassociation_, and inject second fragment. | `ping I,E,R,E` | Same as above, but with a longer delay before sending the second fragment. -| `ping I,E,R,AE --full-reconnect` | Inject a fragment, _deauthenticate_ and reconnect, then inject second fragment. -| `ping I,E,R,E --full-reconnect` | Same as above, but with a longer delay before sending the second fragment. +| `ping I,E,R,AE --full-recon` | Inject a fragment, _deauthenticate_ and reconnect, then inject second fragment. +| `ping I,E,R,E --full-recon` | Same as above, but with a longer delay before sending the second fragment. |
*[Non-consecutive PNs attack (§6.2)](#id-test-nonconsec)*
| `ping I,E,E --inc-pn 2` | Send a fragmented ping with non-consecutive packet numbers. |
*[Mixed plain/encrypt attack (§6.3)](#id-test-mixplainenc)*
@@ -379,10 +379,11 @@ The last two tests are used to simulate our A-MSDU injection attack: might fail although the implementation _is_ vulnerable. This can be due to background noise, other devices sending frames to the tested device, etc. -- `ping I,E,R,AE [--full-reconnect]`: Here the second fragment is sent immediately after reconnecting with the +- `ping I,E,R,AE [--full-recon]`: Here the second fragment is sent immediately after reconnecting with the device under test, which is important in case the device clears fragments from memory after a short time. + Note that `full-recon` is a shorthand of `full-reconnect`. -- `ping I,E,R,E [--full-reconnect]`: Here the second fragment is sent 1 second after reconnecting with the +- `ping I,E,R,E [--full-recon]`: Here the second fragment is sent 1 second after reconnecting with the device under test, which can be useful in case there is a small delay between completion of the handshake and installing the negotiated key.