Beginners guide to hacking and penetration testing (2017)
Wireless hacking with Airmon-ng:
This is a very quick guide on wireless hacking with airmon-ng. There are a number of techniques that can be employed when hacking wireless networks, however this is a very simple and quick method. All of the necessary tools are already loaded on Kali Linux.
From the Kali Linux console enter the command ifconfig. We will use this command to verify the name
of our wireless card.
From the above image we can see that our wireless card is called wlan0, next we will need to put our card into a listening or monitor mode. The name of your wireless card may be different, if this is the case make note of it and remember to apply it to the rest of this guide.
Next we enter the following command: airmon-ng start wlan0 This will disconnect our wireless card if it is already connected to a network and put it into a listening state. If you have a issue launching the program type: airmon-ng check kill.
Next we will want to see what wireless networks that are in range by typing in the following: airodump- ng wlan0mon
We should start seeing all wireless networks that are in our range. Each one will be listed under several categories.
BSSID: The wireless network's hardware address
PWR: Tells us how far the AP (Access point) is from us. The higher the number the farther it is
Beacons: The signal the AP is sending
#Data: The number of useful data that is sniffed
#/s: The amount of data passed in seconds CH: The channel the AP is broadcasting on MB: The maximum speed
ENC: The type of encryption that is being used
CIPHER: # Used to decrypt PSK: Type of authentication ESSID: The AP broadcast name To stop, hit ctrl + c
Once we find the wireless that we want to try and get onto enter the following command followed by the AP bssid number and channel. Airodump-ng --channel 1 --bssid F8:00:00:00:00 --write wifitest wlan0mon
The above example we are going to sniff traffic on channel 1, with a bssid of F8:00:00:00:00:00 then write the information on a file called wifitest using wlan0mon
Once we initiate the airodump-ng command you will see the above screen. The longer we leave this Sniffing the more data that we will have to use to crack the password.
To stop, hit ctrl + c
Next we can either use a pre-existing word list (such as the massive password list rockyou), build our own with
Crunch (another program in Kali Linux that can be used to build custom password lists) or grab a prebuilt one.
Assuming we have a custom dictionary called wordlist.txt that we want to use, we enter the following:
aircrack-ng wifitest-01.cap -w wordlist.txt