|
|
|
@ -0,0 +1,116 @@
|
|
|
|
|
Certainly! Here's your Aircrack-ng cheatsheet formatted for GitHub Markdown. You can save this content into a `.md` file, such as `aircrack-ng-cheatsheet.md`, and then upload it to GitHub.
|
|
|
|
|
|
|
|
|
|
```markdown
|
|
|
|
|
# Aircrack-ng Cheatsheet 🚀
|
|
|
|
|
|
|
|
|
|
Aircrack-ng is a comprehensive toolkit for auditing wireless networks. This cheatsheet outlines the key tools and usages.
|
|
|
|
|
|
|
|
|
|
## Table of Contents
|
|
|
|
|
1. [Airmon-ng](#1-airmon-ng-️)
|
|
|
|
|
2. [Airodump-ng](#2-airodump-ng-)
|
|
|
|
|
3. [Aireplay-ng](#3-aireplay-ng-)
|
|
|
|
|
4. [Aircrack-ng](#4-aircrack-ng-)
|
|
|
|
|
5. [Conversion to .pcapng](#5-conversion-to-pcapng-)
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
## 1. Airmon-ng ⚙️
|
|
|
|
|
|
|
|
|
|
Puts your wireless card into monitor mode for packet sniffing.
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
airmon-ng start wlan0
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
- Initializes monitor mode on `wlan0`
|
|
|
|
|
- Generates a virtual monitor interface, typically named `wlan0mon`
|
|
|
|
|
|
|
|
|
|
**To stop monitor mode:**
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
airmon-ng stop wlan0mon
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
## 2. Airodump-ng 📡
|
|
|
|
|
|
|
|
|
|
Captures raw 802.11 packets and displays information about nearby wireless networks.
|
|
|
|
|
|
|
|
|
|
**To capture all packets:**
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
airodump-ng wlan0mon
|
|
|
|
|
airodump-ng wlan1 --band a //This will scan through 5ghz
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
**For a specific network:**
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
airodump-ng -c [channel] --bssid [BSSID] -w [filename] wlan0mon
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
- `-c`: Channel to listen on
|
|
|
|
|
- `--bssid`: BSSID of the target network
|
|
|
|
|
- `-w`: Specifies the output file prefix
|
|
|
|
|
|
|
|
|
|
Airodump-ng captures and displays:
|
|
|
|
|
|
|
|
|
|
- BSSID, SSID, channel
|
|
|
|
|
- Encryption type
|
|
|
|
|
- MAC addresses of connected clients
|
|
|
|
|
- IVs captured
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
## 3. Aireplay-ng 💥
|
|
|
|
|
|
|
|
|
|
Used for injecting frames to generate traffic, aiding in the cracking process.
|
|
|
|
|
|
|
|
|
|
**To deauthenticate a connected client:**
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
aireplay-ng -0 1 -a [BSSID] -c [client MAC] wlan0mon
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
- `-0`: Deauthentication mode
|
|
|
|
|
- `1`: Number of deauth packets
|
|
|
|
|
- `-a`: BSSID of the target network
|
|
|
|
|
- `-c`: Client MAC address
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
## 4. Aircrack-ng 🔓
|
|
|
|
|
|
|
|
|
|
Cracks WEP and WPA keys.
|
|
|
|
|
|
|
|
|
|
**To crack a WEP key:**
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
aircrack-ng -a 1 -b [BSSID] [capture.cap]
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
**For WPA/WPA2 with dictionary attack:**
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
aircrack-ng -a 2 -b [BSSID] -w [dictionary.txt] [capture.cap]
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
- `-w`: Specifies the dictionary file for passphrase cracking
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
## 5. Conversion to .pcapng ⚙️
|
|
|
|
|
|
|
|
|
|
To convert `.cap` files generated by `airodump-ng` to `.pcapng`, use `tshark`.
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
tshark -r [input.cap] -w [output.pcapng]
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
![Screenshot 2023-09-29 235515](https://prod-files-secure.s3.us-west-2.amazonaws.com/bf265c8c-d3a5-4ac6-a1a2-6ff195c8b0c7/acffe655-5392-4cf3-8f9d-b6696bbe9244/Screenshot_2023-09-29_235515.png)
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
Feel free to upload this to your GitHub repository as a valuable resource for others interested in network security.
|