Airodump-ng Essentials: How to Detect and Analyze Nearby Wi-Fi Networks.

WHAT IS AIRDUMP-NG?

Airodump-ng is a tool in the Aircrack-ng suite that analyzes Wi-Fi networks for vulnerabilities. It’s primarily used for Wi-Fi discovery.

Tool:

Kali Linux

Step 1:

Airodump-ng is pre-installed on Kali. This work requires a wifi card with “monitor mode” capabilities. In this lab, we will use an Alfa network card. There are various Wi-Fi adapters on the market that facilitate Wi-Fi hacking. This page includes some of them: https://www.ceos3c.com/security/best-wireless-network-adapter-for-wifi-hacking-in-2019/

To begin this lab, we will attach our wireless network card to the Kali system. After connecting the network card, use airmon-ng to view accessible network cards compatible with Aircrack-ng tools using the following command:

sudo su –
airmon-n

To enable monitor mode on this card, use the command:

airmon-ng start wlan0

This enables our network card to intercept adjacent Wi-Fi transmissions.
To validate that our network card is in monitor mode, run the following command:

ifconfig

The interface name “wlan0mon” now has a “mon” suffix.

Step 2:

After completing the aforementioned job, run airodump-ng and use the following command to discover neighboring Wi-Fi networks:

airodump-ng wlan0mon

This launches the airodump-ng utility and searches for neighboring Wi-Fi networks.

1. Shows us MAC address of detected Access Points.
2. Signal power level also tells target device distance from our
Wi-Fi antenna. Higher numbers indicate better signal.
3. Channel number on which target APs are running
4. The encryption methods that targets are using.
5. If the target AP advertises themselves with a name, we can see
it in this section.
6. MAC address of connected clients to various AP stations.
MAC address of various client devices that are connected to APs
around.

Once you’ve discovered your target network, press ctrl + c to end the search.
We’ll run airodump-ng again, but exclusively for the target network. This allows us to get more information about the target network and its clients.

To do this, we will use the following command:

airodump-ng -c 9 –bssid 94:e4:ba:8b:81:ab -w /root/Desktop wlanmon

After executing this command, airodump will only capture information about the target network.

“-bssid” is used to specify the BSSID MAC address of a target machine.
“-w” is used to specify the location where our files are going to be
written.
“-c” is used to specify the target channel number.

The network above shows a single client and the number of frames it communicates. Keep this going until the next lab, where we’ll collect the WPA handshake file.


Discover more from Daily Scope Blog

Subscribe to get the latest posts sent to your email.

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply