Packing Sniffing with Airodump-ng
- Posted in Hacking / Infosec / Networking / Security / Technology / WiFi
Airodump-ng is part of the Airocrack-ng suite. It is a packet sniffer designed to capture packets while in monitor mode.
DISCLAIMER: As I have said before, I am not responsible if you choose to do something stupid and get yourself arrested. Hack legally and hack friendly!
How to use Airodump-ng
- First we must enable monitor mode on our interface. If you do not know how, read through this.
- Next, enter the following command to begin the program:
NOTE: This program will run until you force it to quit.
Now analyze the data you retrieve. You will see a list of BSSIDs or Network Names.
Below is a list and explanation of what you will see.
|BSSID||PWR||Beacons||# Data||# /s||CH||MB||ENC||Cipher||Auth||ESSID|
|Nodes MAC Address||Signal Strengh||Frames sent by network to broadcast its existance||Number of Data packets||Number of packets collect in past 10 seconds||Channel network broadcasts on||Maximum Bandwidth Supported||Encryption Type||Cipher used in network encryption||Authentication used in network||Name of network|
NOTE: The best adapter to use to sniff packets across networks is the Alfa Network AWUS036AC* series. The one I am using is the AWUS036ACS, which is small and fits neatly into my bag. I also have a multitude of antennas to use for wireless sniffing.
How to listen to 5 Ghz channels
By default, Airodump-ng only listens to 2.4 Ghz channels, so to enable the 5 Ghz scanning do the following:
- Start Airodump-ng by using the band argument:
airodump-ng --band a INTERFACE_NAME
You can also specify multiple bands using the band argument. For example;
airodump-ng --band abg INTERFACE_NAME
NOTE: Your wireless card needs to support this feature. Also keep in mind that this requires a great deal of power and slows resources.