Now that I know what interface I can use to start sniffing I can issue the following commands;
- sudo airmon-ng start wlan0
If you re-enter the iwconfig command you can verify that mon0 is working.
Now enter the following command;
- airodump-ng mon0
This will present the following, currently it will scan all channels 1 - 14;
I know on my laptop the channel is set to -1 and does not scan. You can however, specify a channel.
This is also useful because of the channel hopping you will not capture all of the frames/packets of your target.
This is my own router that I am targeting;
All of the data will be dumped into a file. From which can be used for cracking WPA2 and WEP.
To crack WEP you will need around 40k - 85k different Initialization Vectors.
If the network is not busy it will take a very long time. You can speed it up by using an active attack (=packet replay).
I'm going to leave it here for this post. To stop sniffing use the following command;
- sudo airmon-ng stop mon0
- sudo ifdown -a
- sudo ifup -a