Difference between revisions of "WiFi Sniffing"
Line 1: | Line 1: | ||
== Summary == | == Summary == | ||
Sniff Wi-Fi traffic using wireless interfaces supporting monitor mode and packet injection. | Sniff Wi-Fi traffic using wireless interfaces supporting [https://en.wikipedia.org/wiki/Monitor_mode monitor mode] and [https://en.wikipedia.org/wiki/Packet_injection packet injection]. | ||
== Requirements == | == Requirements == | ||
Line 21: | Line 21: | ||
The newly added interface in the list is the external adapter. In my case it was 'wlan1'. In the following steps I refer to the external adapter as 'wlan1'. | The newly added interface in the list is the external adapter. In my case it was 'wlan1'. In the following steps I refer to the external adapter as 'wlan1'. | ||
Start monitor mode on the external adapter (*): | Start [https://en.wikipedia.org/wiki/Monitor_mode monitor mode] on the external adapter (*): | ||
airmon-ng start wlan1 | airmon-ng start wlan1 | ||
Line 56: | Line 56: | ||
driftnet -f alfa-01.cap -a -d Pictures/ | driftnet -f alfa-01.cap -a -d Pictures/ | ||
Disable monitor mode: | Disable [https://en.wikipedia.org/wiki/Monitor_mode monitor mode]: | ||
airmon-ng stop wlan1mon | airmon-ng stop wlan1mon | ||
---- | ---- | ||
(*) This command did not work with ALFA NETWORK AWUS036ACH. The following commands are an alternative way to start monitor mode on the adapter: | (*) This command did not work with [[Alfa AWUS036ACH Wide Range AC1200 Wireless Adapter|ALFA NETWORK AWUS036ACH]] and [[Alfa AWUS036EAC AC1200 USB Wireless Adapter|ALFA NETWORK AWUS036EAC]]. The following commands are an alternative way to start [https://en.wikipedia.org/wiki/Monitor_mode monitor mode] on the adapter: | ||
ifconfig wlan1 down | ifconfig wlan1 down | ||
Line 76: | Line 76: | ||
* Windows 10 host | * Windows 10 host | ||
* Kali Linux host | * Kali Linux host | ||
* [[LG Nexus 5X Google Smartphone 32 GB, Android 6.0 Marshmallow, Carbon | * Samsung Galaxy A8 | ||
* [ | * [[LG Nexus 5X Google Smartphone 32 GB, Android 6.0 Marshmallow, Carbon]] | ||
* [ | * [[Panda 300 Mbps Wireless N USB Adapter PAU05]] | ||
* [ | * [[Alfa AWUS036ACH Wide Range AC1200 Wireless Adapter]] | ||
* [[Alfa AWUS036EAC AC1200 USB Wireless Adapter]] | |||
== References == | == References == |
Revision as of 12:40, 12 March 2019
Summary
Sniff Wi-Fi traffic using wireless interfaces supporting monitor mode and packet injection.
Requirements
- Operating system: Kali Linux 64 Bit
Description
Open a terminal.
Display your wireless interfaces:
iwconfig
Connect the external Wi-Fi adapter to your host computer.
iwconfig
The newly added interface in the list is the external adapter. In my case it was 'wlan1'. In the following steps I refer to the external adapter as 'wlan1'.
Start monitor mode on the external adapter (*):
airmon-ng start wlan1
The previous command creates a new interface called 'wlan1mon'. Verify with:
iwconfig
Display active Wi-Fi networks:
airodump-ng wlan1mon
Remember the channel of the network you want to attack. In my case it was channel 11.
Set your adapter to the appropriate channel:
iwconfig wlan1mon channel 11
Verify the frequency:
iwconfig wlan1mon iwlist channel
Start capturing data:
airodump-ng --channel 11 -w alfa wlan1mon
Filter URLs from captured traffic:
urlsnarf -p alfa-01.cap
Filter pictures from captured traffic:
driftnet -f alfa-01.cap -a -d Pictures/
Disable monitor mode:
airmon-ng stop wlan1mon
(*) This command did not work with ALFA NETWORK AWUS036ACH and ALFA NETWORK AWUS036EAC. The following commands are an alternative way to start monitor mode on the adapter:
ifconfig wlan1 down iwconfig wlan1 mode monitor ifconfig wlan1 up
Results
Used Hardware
- Windows 10 host
- Kali Linux host
- Samsung Galaxy A8
- LG Nexus 5X Google Smartphone 32 GB, Android 6.0 Marshmallow, Carbon
- Panda 300 Mbps Wireless N USB Adapter PAU05
- Alfa AWUS036ACH Wide Range AC1200 Wireless Adapter
- Alfa AWUS036EAC AC1200 USB Wireless Adapter