# Aircrack-NG ## About Aircrack is a popular and powerful WiFi penetration testing tool used to assess WiFi network security. This focuses on monitoring, attacking, testing, and cracking. ### Links [Aircrack-ng homepage](https://www.aircrack-ng.org/) [Aircrack-ng github](https://github.com/aircrack-ng/aircrack-ng) ## Install On debian based linux distros you can run `sudo apt install aircrack-ng`. This will install version 1.6. If you want to install from source I typically: ``` sudo apt-get install build-essential autoconf automake libtool pkg-config libnl-3-dev libnl-genl-3-dev libssl-dev ethtool shtool rfkill zlib1g-dev libpcap-dev libsqlite3-dev libpcre3-dev libhwloc-dev libcmocka-dev hostapd wpasupplicant tcpdump screen iw usbutils cd /opt/ && sudo git clone https://github.com/aircrack-ng/aircrack-ng.git && cd aircrack-ng sudo autoreconf -i sudo ./configure --with-experimental sudo make sudo make install sudo ldconfig ``` ## Usage * `airmon-ng` - Enables monitor mode for WiFi chipsets that support it. * Eg. `airmon-ng start wlan1` * `airodump-ng` - Scans for WiFi from selected WiFi interface * Eg. `airodump-ng wlan1mon` - Scans for all networks * Eg. `airodump-ng -c 1 -o scan.cap --bssid 11:22:33:44:55:66 wlan1mon` - Focuses on targeted network, replacing 1 with the channel of the targets WiFi channel and 11:22:33:44:55:66 with the targets MAC Address. * `aireplay-ng` - Used to inject frames in various forms. * Eg. `aireplay-ng -0 5 -a 11:22:33:44:55:66 wlan1mon` * `aircrack-ng` - Cracks captured handshakes that are in .cap file form. * Eg. `aircrack-ng -w /opt/SecLists/Passwords/rockyou.txt scan.cap` ## Hotkey shortcuts for Airodump * `a` - Select active areas by cycling through these display options: AP+STA; AP+STA+ACK; AP only; STA only * `l` - Invert sorting algorithm * `M` - Mark the selected AP or cycle through different colors if the selected AP is already marked * `R` - (De-)Activate realtime sorting - applies sorting algorithm everytime the display will be redrawn * `S` - Change column to sort by, which currently includes: First seen; BSSID; PWR level; Beacons; Data packets; Packet rate; Channel; Max. data rate; Encryption; Strongest Ciphersuite; Strongest Authentication; ESSID * `Space` - Pause display redrawing/ Resume redrawing * `Tab` - Enable/Disable scrolling through AP list * `O` - Toggle color on * `P` - Toggle color off * `Up Arrow` - Select the AP prior to the currently marked AP in the displayed list if available * `Down Arrow` - Select the AP after the currently marked AP if available --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://cybersec.th4ntis.com/tools/aircrack-ng.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.