airodump-ng wlan0monĪs soon as we start the airodump-ng, we will see the list of Access Points with details such as their BSSID (MAC Address), Strength (PWR), Encryption (WPA/WPA2), Authentication Method, and ESSID (Name of Wireless Access Point) as demonstrated below. To get the information required run airodump-ng with the interface only as demonstrated below. To start sniffing, we need to provide the airodump-ng with the ESSID of the access point with other details. As discussed in the Introduction, airodump-ng can be used for this activity. iwconfigĪfter placing the Wi-Fi card in the Monitor mode, we can then move to sniff network packets. After running iwconfig we can see that the interface that we used with airmon-ng has now changed from wlan0 to wlan0mon. It is similar to ifconfig which is used for general interface configurations. It is a Linux command that can be used to configure a wireless network interface. airmon-ng start wlan0Īfter using the airmon-ng, we can check the enabling of monitor mode by using the iwconfig command. If not, this will put our Wi-Fi card in Monitor mode. If you seem to have issues with enabling the monitor mode, kill the processes that are mentioned with their respective PIDs to ensure that no processes conflict. In our case the interface in question is wlan0. After connecting the external card with our machine, we will use airmon-ng to start monitor mode by providing the interface. However, in this demonstration, we will be focusing on Monitor mode only.Īs discussed in the Introduction, airmon-ng is used for enabling the Monitor mode on Wi-Fi cards. It is not the only mode that is supported on Wi-Fi devices, there are a total of 6 modes. When enabled, the Wi-Fi card will stop sending any data and will be completely dedicated to monitoring the wireless traffic. In general words, Monitor Mode is a mode that is supported by certain Wi-Fi devices. Note: To perform attacks using Aircrack-ng, you need an external Wi-Fi card with monitoring mode. It places the air traffic into a pcap file and shows information about the networkĪireplay-ng: It is used for Packet Injection AttacksĪircrack-ng: It is used for cracking the WEP keys using the Fluhrer, Mantin, and Shamir attack (FMS) attack, PTW attack, and dictionary attacks, and WPA/WPA2-PSK using dictionary attacks. In this demonstration, we will be focusing on the following:Īirmon-ng: It is used to enabling Monitor Mode on Wi-Fi CardĪirodump-ng: It is used for sniffing packets. There are a bunch of tools inside the Aircrack-ng Suite.
#Airmon ng mac crack
Finally Cracking includes the ability to crack the WEP and WPA PSK keys.Īircrack-ng is supported on Linux, FreeBSD, macOS, OpenBSD, Android, and Windows.
#Airmon ng mac driver
Testing includes the testing of the Wi-Fi cards and driver capabilities based on the capture and injections. Attacking includes replay attacks, deauthentication, evil-twin attacks, and packet injection attacks. Monitoring includes Packer Capturing and exporting the data to text files for processing by any third-party tool. With the help of Aircrack-ng, a penetration tester can focus on Monitoring, Attacking, Testing, and Cracking aspects of the Wi-Fi Security.
#Airmon ng mac cracker
It has a detector, a packet sniffer, WPA/WPA2-PSK, and a WEP cracker and analyzer for 802.11 Wireless LANs. Table of ContentĪircrack-ng is a package of Wi-Fi network security assessment tools. In this demonstration, we will be focusing on a few of the tools from the Aircrack-ng arsenal. Aircrack-ng is not a tool but it is a suite of tools that all perform different types of attacks or activities related to Wireless Access Points. This is the tool that has given birth to many of the Wireless Attacks and tools.
#Airmon ng mac series
In our series of Wireless Penetration Testing, this time we are focusing on a tool that has been around for ages.