WiFi Hacking is one of the most crazy stuff in Hacking Stuff as well as lot’s of people looking about how to break the wifi without knowing the encryption and the pre-requirements like hardware [internal or external wifi adapter which support packet injection like TP-Link WL722N or Alfa.] and software like aircrack-ng suite which comes in most of penetration distributions like Kali Linux, Parrot OS.
In this WiFi Hacking Series, I will try to cover all the things from basic. So this post is about Sniffing Basics.
Safety First! Change MAC address of WiFi adapter
ifconfig //to check the interfaces ifconfig [interface] down // down the particular interface Eg. wlan1 or wlan0 macchanger -m [mac] [interface] //You can use random option of some particular options. For more options macchanger -h ifconfig [interface] up // up that particular interface Eg. wlan1 or wlan0
How we can see the whole traffic of a whole network..?
By-default the wireless interface mode is Managed Mode, in which we can see only the traffic coming on our port or traffic related to our device only.
To check traffic of the whole network we need to switch the managed mode to the monitor mode. Monitor Mode is that like monitor all the traffic of a specific network. We need to enable the monitor mode [which work with wireless interfaces only]. In Wired Network it’s called as Promiscuous mode or Listening Mode.
Enable Monitor Mode :
airmon-ng start [interface] // where interface wlan0 or wlan1
To start capturing packets of all WiFi networks around us.
airodump-ng [interface] //here monitor mode interface Eg. mon0
We can launch airodump-ng on a specific target to scan or analysis all the traffic over the specific network
airodump-ng --channel [Channel No.] --bssid [bssid] --write [file name] [interface] For Eg. : airodump-ng --channel 6 --bssid 11:22:33:44:55:66 --write test mon0
This is all about how to change mac address, put wireless interface on monitor mode and look into the traffic of different networks around us.