Sunday, May 13, 2012

Using Aircrack-NG Suite (Airodump-NG)

Displaying Surrounding Access Points And Dumping Captured Packets
Airodump-ng is used for capturing raw raw 802.11 frames and also display/write details of all access points and clients in surrounding.
Note: Interfaces must be in Monitoring Mode

Decide on what you want [WEP / WPA / WPA2]
1) airodump-ng mon0    [Display All surrounding Access Points/Clients]

BSSID       - Access Point MAC Address
PWR         - Signal Strength (Smaller --> Stronger)
Beacons     - Beacon Rate
#Data       - Packets Transmitted
#/s         - Transmission Rate
CH          - Access Point Channel
MB          - Max Supported Speed
ENC         - Encryption Type
CIPHER      - Detected Cipher (WEP/TKIP/CCMP)
AUTH        - Authentication Type
ESSID       - Access Point Name

 Display WEP

1) airodump-ng mon0 --encrypt wep    [Display WEP Access Points/Clients]
 Display WPA/WPA2

1) airodump-ng mon0 --encrypt wpa    [Display WPA/WPA2 Access Points/Clients]
 Display WPA2

1) airodump-ng mon0 --encrypt wpa2    [Display WPA2 Access Points/Clients]

Saturday, May 12, 2012

Using Aircrack-NG Suite (Airmon-NG)

Enabling Monitoring Mode For Wireless Interface Using Airmon-NG
Airmon-ng is used to enable monitoring mode for wireless interfaces to enable them to be able to be use in airodump-ng, aireplay-ng, aircrack-ng, airdrop-ng, airbase-ng and others.

usage: airmon-ng [channel] or airmon-ng
  • indicates if you wish to start or stop the interface. (Mandatory)
  • specifies the interface. (Mandatory)
  • [channel] optionally set the card to a specific channel.
  • “check” will show any processes that might interfere with the aircrack-ng suite. It is strongly recommended that these processes be eliminated prior to using the aircrack-ng suite. “check kill” will check and kill off processes that might interfere with the aircrack-ng suite. 

a) airmon-ng              (List available wireless interfaces)
b) airmon-ng start wlan3  (Enable monitoring mode for wlan3)
c) airmon-ng              (List available wireless interfaces)
                           You should be able to see mon0
d) ifconfig mon0 down     (Bring down mon0 so that we can 
                            spoof MAC address)
e) macchanger mon0 --mac 00:11:22:33:44:55
                          (Change MAC to 00:11:22:33:44:55)
f) ifconfig mon0 up       (Bring mon0 up)
g) ifconfig mon0          (Check the changes in MAC)

Learn more

The Basic Of Network With BackTrack 5

Display all network interfaces
Including Adapter MAC Address, IP information, etc

ifconfig -a

Two Ways Of Spoofing MAC Address
 Note :The spoofed MAC will restored to original after system is restarted.

1) Using ifconfig   ( ifconfig wlan3 hw ether xx:xx:xx:xx:xx:xx )
    a) Bring down interface
    b) Change to the desired MAC address
    c) Bring up interface 

2) Using macchanger ( macchanger wlan3 --mac xx:xx:xx:xx:xx:xx )

    a) Bring down interface

    b) Change to the desired MAC address with macchanger
    c) Bring up interface