Exploring Wireless Networks with Airodump-ng (with examples)

Exploring Wireless Networks with Airodump-ng (with examples)

Introduction

In the world of wireless networks, it becomes essential to have tools that can capture packets and provide vital information about these networks. Airodump-ng is one such command-line tool that is part of the aircrack-ng suite. In this article, we will explore eight different use cases of the airodump-ng command along with code examples and explanations for each use case.

Use Case 1: Capture and Display Wireless Network Information

Code:

sudo airodump-ng interface

Motivation:

This use case is handy when you want to gather information about wireless networks in your vicinity. It helps in understanding the available Wi-Fi connections, their signal strength, and additional details.

Explanation:

  • sudo: This command runs airodump-ng with root privileges.
  • airodump-ng: The main command that initiates network packet capturing and analysis.
  • interface: Specifies the wireless network interface to be used for capturing packets.

Example Output:

CH  3 ][ Elapsed: 20 mins ][ 2022-01-01 15:30 ][ interface: wlan0mon

BSSID              PWR  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID

00:11:22:33:44:55  -56      234       86    5  54e. WPA2 CCMP   PSK  MyNetwork
AA:BB:CC:DD:EE:FF  -83        6        3    6  54e. WPA2 CCMP   PSK  AnotherNetwork

Use Case 2: Capture and Save Information to a File

Code:

sudo airodump-ng --channel channel --write path/to/file --bssid mac interface

Motivation:

Saving the captured wireless network information to a file allows for further analysis, sharing, or offline processing.

Explanation:

  • --channel channel: Specifies the channel number of the target network.
  • --write path/to/file: Defines the file path where the captured data will be saved.
  • --bssid mac: Specifies the BSSID (MAC address) of the target network.
  • interface: Specifies the wireless network interface to be used for capturing packets.

Example Output:

This use case saves the captured information to the specified file, and the output format depends on the chosen file format (e.g., CSV, Pcap, etc.).

Use Case 3: Filtering Networks by SSID

Code:

sudo airodump-ng --essid ssid interface

Motivation:

When you are interested in gathering information about a specific network, filtering by SSID can be useful for focusing only on that particular network.

Explanation:

  • --essid ssid: Specifies the SSID of the target network.
  • interface: Specifies the wireless network interface to be used for capturing packets.

Example Output:

CH  3 ][ Elapsed: 1 min ][ 2022-01-01 16:00 ][ interface: wlan0mon

BSSID              PWR  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID

00:11:22:33:44:55  -56      234       86    5  54e. WPA2 CCMP   PSK  MyNetwork

Use Case 4: Filtering Networks by Encryption Type

Code:

sudo airodump-ng --encrypt encryption interface

Motivation:

This use case helps in isolating networks that use specific encryption types, such as WEP, WPA, or WPA2. It enables analyzing the security standards employed by nearby networks.

Explanation:

  • --encrypt encryption: Specifies the target encryption type (e.g., “WEP”, “WPA”, “WPA2”, etc.).
  • interface: Specifies the wireless network interface to be used for capturing packets.

Example Output:

CH  6 ][ Elapsed: 5 mins ][ 2022-01-01 16:30 ][ interface: wlan0mon

BSSID              PWR  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID

00:11:22:33:44:55  -75      768      239    3  54e. OPN              HiddenNetwork

Use Case 5: Filtering Networks by Channel

Code:

sudo airodump-ng --channel channel interface

Motivation:

Filtering networks by channel allows you to focus on specific frequencies and analyze the Wi-Fi traffic distribution over different channels.

Explanation:

  • --channel channel: Specifies the target channel number.
  • interface: Specifies the wireless network interface to be used for capturing packets.

Example Output:

CH  1 ][ Elapsed: 2 mins ][ 2022-01-01 17:00 ][ interface: wlan0mon

BSSID              PWR  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID

00:11:22:33:44:55  -58     1023      423    6  54e. WPA2 CCMP   PSK  Network1
AA:BB:CC:DD:EE:FF  -70      498      386    1  54e. WPA2 CCMP   PSK  Network2

Use Case 6: Filtering Networks by Device

Code:

sudo airodump-ng --bssid mac interface

Motivation:

When you want to gather specific information about a particular device, filtering networks by device (based on BSSID/MAC address) is useful. This helps in understanding the behavior of individual devices in a network.

Explanation:

  • --bssid mac: Specifies the BSSID (MAC address) of the target device.
  • interface: Specifies the wireless network interface to be used for capturing packets.

Example Output:

CH  6 ][ Elapsed: 3 mins ][ 2022-01-01 18:00 ][ interface: wlan0mon

BSSID              STATION            PWR   Rate    Lost  Frames  Probe

00:11:22:33:44:55  AA:BB:CC:DD:EE:FF   -71    0 - 1     0       23   MyDevice1
AA:BB:CC:DD:EE:FF  XX:YY:ZZ:AA:BB:CC   -61    0 -11     0        2   MyDevice2

Use Case 7: Filtering Networks by Minimum Signal Strength

Code:

sudo airodump-ng --beaconsmin strength interface

Motivation:

In scenarios where you are interested in identifying networks with a specific signal strength, filtering networks by minimum signal strength provides a way to focus only on networks above a certain threshold.

Explanation:

  • --beaconsmin strength: Specifies the minimum signal strength value (in dB) to consider for displayed networks.
  • interface: Specifies the wireless network interface to be used for capturing packets.

Example Output:

CH  1 ][ Elapsed: 4 mins ][ 2022-01-01 19:00 ][ interface: wlan0mon

BSSID              PWR  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID

00:11:22:33:44:55  -45      924      523    1  54e. OPN              Network1
AA:BB:CC:DD:EE:FF  -52      789      654    1  54e. WPA2 CCMP   PSK  Network2

Use Case 8: Filtering Networks by Maximum Number of Clients

Code:

sudo airodump-ng --clientsmax count interface

Motivation:

When you want to identify networks with a high number of connected clients, filtering networks by the maximum number of clients helps in focusing on those networks.

Explanation:

  • --clientsmax count: Defines the maximum number of connected clients to consider for displayed networks.
  • interface: Specifies the wireless network interface to be used for capturing packets.

Example Output:

CH  3 ][ Elapsed: 6 mins ][ 2022-01-01 20:00 ][ interface: wlan0mon

BSSID              PWR  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID

AA:BB:CC:DD:EE:FF  -45      992      254    3  54e. WPA2 CCMP   PSK  Network1
DD:EE:FF:11:22:33  -52      830      334    3  54e. WPA2 CCMP   PSK  Network2

Conclusion

The airodump-ng command opens up a world of possibilities for capturing and analyzing wireless network packets. Whether you want to gather general information, save it for offline analysis, or focus on specific networks or devices, airodump-ng provides the necessary flexibility. By using the eight different use cases illustrated in this article, you can enhance your understanding of wireless networks and make informed decisions based on the captured information.

Tags :

Related Posts

How to use the command 'lumen' (with examples)

How to use the command 'lumen' (with examples)

The ’lumen’ command is a command-line installer for the Lumen micro-framework, which is a lightweight version of the Laravel framework.

Read More
How to use the command k3d (with examples)

How to use the command k3d (with examples)

K3d is a command-line tool that allows users to easily create and manage Kubernetes clusters using k3s, a lightweight and efficient Kubernetes distribution, inside Docker.

Read More
How to use the command cronic (with examples)

How to use the command cronic (with examples)

The command cronic is a bash script used to wrap cron jobs and prevent excess email sending.

Read More