Over the years, numerous weaknesses have been identified in the IEEE 802.11 standard and its implementations. In order to present a proof-of-concept or demonstrate their impact in practice, researchers are often required to implement entire procedures or complex features from scratch (e.g., injecting encrypted frames with customized header flags). In this paper, we present a framework that allows researchers to more easily test and fuzz any device (i.e., access points and clients). This framework enables one to, for example, test hypothesis on new weaknesses, implement proofof-concepts, create testing suites, and automate experiments. Our framework is implemented on top of the hostap user space daemon, and includes a language in which complex test cases can be defined (e.g., instructions to inject a sequence of user-modified frames into the network). Notably, a test case can make use of the hostap control interface, providing access to built-in features (e.g., authentication procedures, retrieval of encryption keys) and allows users to create customized hostap extensions.
CCS CONCEPTS• Networks → Wireless access points, base stations and infrastructure; Mobile and wireless security.