Airodump-ng
Airodump-ng is primarily used for capturing 802.11 frames
over the air. Airodump-ng displays APs and STAs of nearby networks.
usage: airodump-ng
<options> <interface>
Common options:
Options:
|
Description:
|
-w
|
writes output to specified file in pcap format
|
- -bssid
|
filters APs for specified BSSID
|
-c
|
filters out networks for a specified channel
|
Airodump-ng output is filled with a
lot of useful information about discovered networks. Notice the example output
below:
In the header fields you will
notice the channel, elapsed time and date. If you do not specify the channel,
airodump-ng will hop channels.
The upper half shows the APs that
have been discovered. Here are the descriptions of the fields shown:
BSSID: MAC of the AP.
PWR: Signal strength of the AP. (-25 is a strong connection where
-80 is weak)
Beacons: # of beacons the AP sends.
#Data: Amount of captured data packets. This is also the number of
IVs if you are attacking WEP.
#/s: Data packet captures per second
CH: Channel the AP is operating on.
MB: Speed that AP supports.
ENC: Type of encryption the AP is using. Options include: OPN, WPA,
WPA2, WEP, WEP? (encryption but not enough data to specify)
CIPHER: The cipher used for encryption
ESSID: Broadcasted name of the AP. If hidden, this field will
provide the ESSID length or remain empty.
The lower half of the airodump-ng output displays the
connect STAs.
STATION: MAC of the STA.
Rate: Speed that the STA supports.
Lost: Amount of packets lost by the STA
over the last 10 seconds.
Packets: Amount of packets sent by the
STA.
Probes: The ESSID probed by the STA.
Airodump-ng is going to be used for almost all of our
wireless attacks. Get familiar with the tool and its output fields.
See the airodump-ng video for more practical usage and tips
on using airodump-ng.
No comments:
Post a Comment