Packing Sniffing with Airodump-ng
- Posted in Hacking / Infosec / Networking / Security / Technology / WiFi
Airodump-ng is part of the Airocrack-ng suite. It is a packet sniffer designed to capture packets while in monitor mode.
DISCLAIMER: As I have said before, I am not responsible if you choose to do something stupid and get yourself arrested. Hack legally and hack friendly!
How to use Airodump-ng
- First we must enable monitor mode on our interface. If you do not know how, read through this.
- Next, enter the following command to begin the program:
airodump-ng INTERFACE_NAME
NOTE: This program will run until you force it to quit.
Now analyze the data you retrieve. You will see a list of BSSIDs or Network Names.
Below is a list and explanation of what you will see.
BSSID | PWR | Beacons | # Data | # /s | CH | MB | ENC | Cipher | Auth | ESSID |
---|---|---|---|---|---|---|---|---|---|---|
Nodes MAC Address | Signal Strengh | Frames sent by network to broadcast its existance | Number of Data packets | Number of packets collect in past 10 seconds | Channel network broadcasts on | Maximum Bandwidth Supported | Encryption Type | Cipher used in network encryption | Authentication used in network | Name of network |
NOTE: The best adapter to use to sniff packets across networks is the Alfa Network AWUS036AC* series. The one I am using is the AWUS036ACS, which is small and fits neatly into my bag. I also have a multitude of antennas to use for wireless sniffing.
How to listen to 5 Ghz channels
By default, Airodump-ng only listens to 2.4 Ghz channels, so to enable the 5 Ghz scanning do the following:
- Start Airodump-ng by using the band argument:
airodump-ng --band a INTERFACE_NAME
You can also specify multiple bands using the band argument. For example;airodump-ng --band abg INTERFACE_NAME
NOTE: Your wireless card needs to support this feature. Also keep in mind that this requires a great deal of power and slows resources.