Aircrack-ng Suite
Airmon-ng
sudo airmon-ng
sudo airmon-ng check # Check for processes that interrupt with tool
sudo airmon-ng check kill # gracefully stop identified services
# Use dhclient / wpa_supplicant after monitor mode for internet access
# Use hostapd for access point mode
sudo airmon-ng start wlan0 # start monitor mode
sudo airmon-ng start wlan0 3 # start on specified channel
sudo airmon-ng --verbose
sudo airmon-ng --debug
sudo airmon-ng stop wlan0
Airodump-ng
# Capture raw 802.11 frames, including WEP IVs or WPA/WPA2 handshakes
sudo airodump-ng wlan0 -c 2 # Capture frames to ultimate capture a handshake (accuracy: physical location, other APs, microwaves/bluetooth, beamforming, wireless card limitations, stream differences)
sudo airodump-ng -c 3 --bssid [MAC]] -w [file_name] wlan0 # Precision sniffing
sudo airodump-ng --output-format csv,pcap wlan0 # limit format
Interactive mode
[space] - freeze
[tab] - scrolling through list [M] - color
[A] - display options
[S][I][D] - sorting options
dmesg - debugging system wide to identify issues
Aireplay-ng
# Generates wireless traffic for attacks against WEP and WPA
# Options between 0-9, 0:Deauth, 9:Injection Test
# Injection test must be done - 30 second frame test to measure connection quality
sudo airmon-ng start wlan0 3 # set to same channel as target
sudo aireplay-ng -9 wlan0mon # single-card injection test
sudo aireplay-ng -9 -e wifu -a 34:08:04:09:3D:38 wlan0 # direct test
sudo aireplay-ng -9 -i wlan1mon wlan0mon # card-to-card injection
Aircrack-ng
# Offline attack used to crack WEP, WPA/WPA2 networks with PSK or PMKID
aircrack-ng -S # cpu performance
# Alternative could be to use hashcat
Airdecap-ng
# Decrypt WEP, WPA PSK or WPA2 PSK capture files, and strip wireless headers from unencrypted wireless capture
sudo airdecap-ng -b 34:08:04:09:3D:38 opennet-01.cap # select specific MAC address
Airgraph-ng
# Create grapgs of wireless networks using CSV files from airodump-ng
sudo dhclient eth0
# Clients to AP relationship (CAPR)
airgraph-ng -o Picture1_png -i dump-01.csv -g CAPR
# Clients Probe Graph
airgraph-ng -o Picture2.png -i dump-01.csv -g CPG
xdg-open picture1.png