πŸ•ΈοΈ
Th4ntis CyberSec
  • πŸ•·οΈ>whoami_
  • πŸ–₯️General Info
    • CyberSec News
    • Getting Started and other Resources
      • CompTIA Certs
        • Security+
        • Pentest+
    • MITRE ATT&CK
    • Cyber Kill Chain
    • Docker
  • πŸ’»Networking
    • General Networking
    • Common Ports and Protocols
    • TCP/IP Model
    • OSI Model
    • Subnetting
    • Wireshark
    • NMap
    • Wireless
      • Wardriving/WiFi Sniffing
    • 3-Way Handshake
  • 🐧Linux
    • Common commands
    • Sudo
    • Files and File contents
    • Sed Awk and Grep
    • Permissions
  • πŸͺŸWindows
    • Event Codes
    • Powershell
    • Internals
    • Active Directory
  • πŸ”ŽOSINT
    • OSINT Tools
    • IP/Domain OSINT
    • Email/Username OSINT
    • URL OSINT and Sandboxing
    • Social Media OSINT
    • Website OSINT
    • Password OSINT
    • Physical Location OSINT
    • Image OSINT
    • People OSINT
    • Phone Number OSINT
    • Shodan
    • Google Dorking
  • πŸ› οΈTools
    • Brute Force
      • Hydra
    • Credential Dumping
      • Mimikatz
    • Enumeration
      • Bloodhound
      • Certipy
      • Dirb/Dirbuster
      • Enum4Linux
      • GoBuster
    • Exploitation Framework
      • Metasploit
      • Sliver
      • Cobalt Strike
    • Hash Cracking
      • Hashcat
      • JohnTheRipper
    • Methods
      • Powershell Obfuscation
      • Privilege Escalation
      • Pass-The-Hash
      • Kerberos and Kerberoasting
    • Vulnerability Scanners
      • Nessus
      • OpenVAS
    • Web App
      • BurpSuite
      • OWASP Zap
    • Wireless
      • Aircrack-ng
      • Kismet
      • Bettercap
      • HCXDumptool
      • Wifite
    • Impacket
    • Social-Engineer Toolkit (SET)
  • πŸ“”Guides and How-To's
    • Lab Setup
      • Ubuntu VM
      • Kali VM
      • Windows User VM
      • Windows Server VM
    • Wardriving
      • Pwnagotchi
    • Wireless Pentesting
      • WiFi Pineapple Basics
      • Evil-Twin Attack
    • Over The Wire
      • Bandit
      • Natas
      • Leviathan
      • Krypton
      • Narnia
      • Behemoth
      • Utumno
      • Maze
      • Vortex
      • Manpage
    • Docker and Kali Linux
    • Staying Private and goin Dark Online
  • πŸ“•Quick References
    • Tools
      • Tmux
      • NMap
      • Ffuf
      • NetExec
      • CrackMapExec
      • Proxychains
      • OneDriveUser Enum
      • Hashcat
      • Mimikatz
    • One-liners
    • Reverse Shells
    • Post Exploitation
    • Enumeration
      • Google
      • Sublist3r
      • NMap
      • DNSDumpster
    • Hashcracking
    • Wireless
  • πŸ““Courses
    • PNPT
      • Practical Ethical Hacking
      • Windows Privilege Escalation
      • Linux Privilege Escalation
      • OSINT Fundamentals
      • External Pentest Playbook
  • ☁️TryHackMe
    • Attacking Kerberos
    • Hacking with Powershell
    • Powershell for Pentesters
    • Linux PrivEsc
    • Windows PrivEsc
    • Blue
    • Kenobi
  • πŸ“¦HackTheBox
    • Starting Point
      • Tier 0
        • Meow
        • Fawn
        • Dancing
        • Redeemer
        • Explosion
        • Preignition
        • Mongod
        • Synced
      • Tier 1
        • Appointment
        • Sequel
        • Crocodile
        • Responder
        • Three
        • Ignition
        • Bike
        • Funnel
        • Pennyworth
        • Tactics
      • Tier 2
        • Archetype
        • Oopsie
        • Vaccine
        • Unified
        • Included
        • Markup
        • Base
    • Walkthroughs
      • Lame
      • Analytics
      • Manager
      • Codify
Powered by GitBook
On this page
  • About
  • Install
  • Usage
  • Hotkey shortcuts for Airodump
Edit on GitHub
  1. Tools
  2. Wireless

Aircrack-ng

About

Aircrack is a popular and powerful WiFi penetration testing tool used to assess WiFi network security. This focuses on monitoring, attacking, testing, and cracking.

Aircrack-ng homepage

Aircrack-ng github

Install

On debian based linux distros you can run sudo apt install aircrack-ng. This will install version 1.6. If you want to install from source I typically:

sudo apt-get install build-essential autoconf automake libtool pkg-config libnl-3-dev libnl-genl-3-dev libssl-dev ethtool shtool rfkill zlib1g-dev libpcap-dev libsqlite3-dev libpcre3-dev libhwloc-dev libcmocka-dev hostapd wpasupplicant tcpdump screen iw usbutils
cd /opt/ && sudo git clone 
https://github.com/aircrack-ng/aircrack-ng.git
 && cd aircrack-ng
sudo autoreconf -i
sudo ./configure --with-experimental
sudo make
sudo make install
sudo ldconfig

Usage

  • airmon-ng - Enables monitor mode for WiFi chipsets that support it.

    • Eg. airmon-ng start wlan1

  • airodump-ng - Scans for WiFi from selected WiFi interface

    • Eg. airodump-ng wlan1mon - Scans for all networks

    • Eg. airodump-ng -c 1 -o scan.cap --bssid 11:22:33:44:55:66 wlan1mon - Focuses on targeted network, replacing 1 with the channel of the targets WiFi channel and 11:22:33:44:55:66 with the targets MAC Address.

  • aireplay-ng - Used to inject frames in various forms.

    • Eg. aireplay-ng -0 5 -a 11:22:33:44:55:66 wlan1mon

  • aircrack-ng - Cracks captured handshakes that are in .cap file form.

    • Eg. aircrack-ng -w /opt/SecLists/Passwords/rockyou.txt scan.cap

Hotkey shortcuts for Airodump

  • a - Select active areas by cycling through these display options: AP+STA; AP+STA+ACK; AP only; STA only

  • l - Invert sorting algorithm

  • M - Mark the selected AP or cycle through different colors if the selected AP is already marked

  • R - (De-)Activate realtime sorting - applies sorting algorithm everytime the display will be redrawn

  • S - Change column to sort by, which currently includes: First seen; BSSID; PWR level; Beacons; Data packets; Packet rate; Channel; Max. data rate; Encryption; Strongest Ciphersuite; Strongest Authentication; ESSID

  • Space - Pause display redrawing/ Resume redrawing

  • Tab - Enable/Disable scrolling through AP list

  • O - Toggle color on

  • P - Toggle color off

  • Up Arrow - Select the AP prior to the currently marked AP in the displayed list if available

  • Down Arrow - Select the AP after the currently marked AP if available

Last updated 9 months ago

πŸ› οΈ