Airodump

From charlesreid1

Revision as of 21:03, 15 April 2017 by Admin (talk | contribs) (→‎Running It)

Airodump Notes

Documentation

Documentation: https://www.aircrack-ng.org/doku.php?id=airodump-ng

Running It

Airodump is one of the many tools included in the aircrack-ng suite. Run it by passing the first argument that is always the wireless network device, and the rest of the options being specified: 

airodump-ng wlan1

Airodump can output information in multiple formats, so you'll want to specify some of those details on the command line using the --write or -w flag: 

airodump-ng wlan1 -w mydump

HALP

Here is the full list of options: 

usage: airodump-ng <options> <interface>[,<interface>,...]

Options:
    --ivs                 : Save only captured IVs
    --gpsd                : Use GPSd
    --write      <prefix> : Dump file prefix
    -w                    : same as --write
    --beacons             : Record all beacons in dump file
    --update       <secs> : Display update delay in seconds
    --showack             : Prints ack/cts/rts statistics
    -h                    : Hides known stations for --showack
    -f            <msecs> : Time in ms between hopping channels
    --berlin       <secs> : Time before removing the AP/client
                            from the screen when no more packets
                            are received (Default: 120 seconds)
    -r             <file> : Read packets from that file
    -x            <msecs> : Active Scanning Simulation
    --manufacturer        : Display manufacturer from IEEE OUI list
    --uptime              : Display AP Uptime from Beacon Timestamp
    --wps                 : Display WPS information (if any)
    --output-format
                <formats> : Output format. Possible values:
                            pcap, ivs, csv, gps, kismet, netxml
                            Short format "-o"
                            The option can be specified multiple times.  In this case, each file format
                            specified will be output.  Only ivs or pcap can be used, not both.  
    --ignore-negative-one : Removes the message that says
                            fixed channel <interface>: -1
    --write-interval
                <seconds> : Output file(s) write interval in seconds


Filter options:
    --encrypt   <suite>   : Filter APs by cipher suite
    --netmask <netmask>   : Filter APs by mask
    --bssid     <bssid>   : Filter APs by BSSID
    --essid     <essid>   : Filter APs by ESSID
    --essid-regex <regex> : Filter APs by ESSID using a regular
                            expression
    -a                    : Filter unassociated clients

By default, airodump-ng hop on 2.4GHz channels.
You can make it capture on other/specific channel(s) by using:
    --channel <channels>  : Capture on specific channels
    --band <abg>          : Band on which airodump-ng should hop
    -C    <frequencies>   : Uses these frequencies in MHz to hop
    --cswitch  <method>   : Set channel switching method
                  0       : FIFO (default)
                  1       : Round Robin
                  2       : Hop on last
    -s                    : same as --cswitch

    --help                : Displays this usage screen
Retrieved from "https://charlesreid1.com/w/index.php?title=Airodump&oldid=16267"