Aircrack-ng
Last updated
Last updated
Aircrack is a popular and powerful WiFi penetration testing tool used to assess WiFi network security. This focuses on monitoring, attacking, testing, and cracking.
On debian based linux distros you can run sudo apt install aircrack-ng. This will install version 1.6. If you want to install from source I typically:
airmon-ng - Enables monitor mode for WiFi chipsets that support it.
Eg. airmon-ng start wlan1
airodump-ng - Scans for WiFi from selected WiFi interface
Eg. airodump-ng wlan1mon - Scans for all networks
Eg. airodump-ng -c 1 -o scan.cap --bssid 11:22:33:44:55:66 wlan1mon - Focuses on targeted network, replacing 1 with the channel of the targets WiFi channel and 11:22:33:44:55:66 with the targets MAC Address.
aireplay-ng - Used to inject frames in various forms.
Eg. aireplay-ng -0 5 -a 11:22:33:44:55:66 wlan1mon
aircrack-ng - Cracks captured handshakes that are in .cap file form.
Eg. aircrack-ng -w /opt/SecLists/Passwords/rockyou.txt scan.cap
a - Select active areas by cycling through these display options: AP+STA; AP+STA+ACK; AP only; STA only
l - Invert sorting algorithm
M - Mark the selected AP or cycle through different colors if the selected AP is already marked
R - (De-)Activate realtime sorting - applies sorting algorithm everytime the display will be redrawn
S - Change column to sort by, which currently includes: First seen; BSSID; PWR level; Beacons; Data packets; Packet rate; Channel; Max. data rate; Encryption; Strongest Ciphersuite; Strongest Authentication; ESSID
Space - Pause display redrawing/ Resume redrawing
Tab - Enable/Disable scrolling through AP list
O - Toggle color on
P - Toggle color off
Up Arrow - Select the AP prior to the currently marked AP in the displayed list if available
Down Arrow - Select the AP after the currently marked AP if available