This guide is currently under development, and I greatly welcome any suggestions or feedback or at reaper.gitbook@gmail.com

Airodump-ng

Sniffing tool

Airodump-NG is used to capture raw IEEE 802.11 frames; it is suitable for collecting WEP initialization vectors or WPA/WPA2 handshakes which will be used in Aircrack-NG (will be mentioned later) or other IEEE 802.11 cracking tools.

Airodump-NG can export files in different formats, which will make it easy to us to integrate it with custom scripts or other tools

Usage

This tool has many filtering and capture options; we can explore them by using the tool without parameters, the highlighted options will be the most options we use:

Option
Function

-w, --write

Dump file prefix (filename)

--bssid

Filter APs by BSSID, can take multiple --bssid options

-e, --essid

Filter APs by ESSID, can take multiple --essid options

-c, --channel

Capture on specific channel

--band

Band on which the tool should hop

Sniffing

The ultimate goal of using this utility is capturing WPA handshakes, but first we need to capture some packets till we find any handshake, to do that we use:

sudo airodump-ng -c <Channel> -w <Filename> --band <2.4GHz or 5GHz> <WLAN Interface>

Precise Sniffing

If we are in area with many APs what do you think will happen? Of course, the capture output will be cluttered with unwanted data! so, as part of our initial reconnaissance we need to determine the BSSID and the channel of the AP we are targeting.

To sniff the data of a specific AP on a specific channel we use the command below:

sudo airodump-ng -c <Channel> --bssid <BSSID> <WLAN Interface>

Output files

Executing airodump-ng with -w followed by a filename prefix will result in the output being in number of formats (pcap, csv, kismet, netxml, logcsv), but to limit the formats of the output we use the tool with the following option followed by comma-separated list of the available formats:

--output-format csv, pcap

Interactive mode

As we can pass parameters to the command line we can also interact with the tool on screen.

Key
Functionality

Space

Pause/Resume the output, only the GUI is frozen but the capture continues

Tab

Enable/Disable scrolling though the AP list, it highlights the associated stations when hovering on one party of them

M

Cycles through the color options of the highlighted AP

A

Cycles though different display options

S

Cycles through different sorting options

I

Invert sorting

D

Reset to default sort (by power level)

PreviousAirmon-ngNextAireplay-ng

Last updated

Was this helpful?