Handshake capture with Airodump-ng and Aireplay-ng

You can easily view the Handshake with the help of Airodump and Airplay programs pre-installed on Kali Linux.

Η is relatively easy. It will be done with Airodump through which we will monitor all wireless access points in the area, to deauthenticate, and then we will use Airodump-ng and Aireplay programs.

Your computer has many network adapters, so to scan one, you need to know its name. Here are the basic adapters you need to know:

  • lo - loopback. (you do not need it at the moment)
  • eth0 - ethernet (wired connection)
  • wlan0 - Wireless connection (what we really need)

Now, to see the configuration of your wireless adapter, type “iwconfigAt the same terminal.

If wlan0 does not appear while you have one installed Wi-Fi, then you are most likely using Kali as a virtual machine. Unfortunately virtual machines cannot use internal wireless network cards and you will have to use an external card such as Alfa or Tp-Link.

Now the first step is to create a virtual interface for wlan0 that will monitor all packages.

Mandate: airmon-ng start wlan0

A new interface i.e. Wlan0mon will be created in monitoring.

Now, we will use airodump-ng to capture packets. This tool collects data from wireless packets within our Wi-Fi range. So you find the Wi-Fi name you want to check.

Mandate: airodump -ng wlan0mon

The next step is to save the downloaded packages to a file using the same airodump tool by typing the following command:

Mandate: airodump -ng mon0 -w

Now copy the bssid address of your target network (from the airodump-ng ng screen) and launch a deauthentication attack by typing the aireplay-ng command as shown below:

Mandate: aireplay-ng –deauth 0 -a wlan0mon0

In case you have problems with the monitoring function from one channel to another or a problem with the beacon, then fix wlan0mon on a specific channel by typing:

Mandate: airodump -ng mon0 -w -c

Replace number > with the channel your target AP is on.

Once a client is disconnected, the handshake will appear in the previous terminal as shown below:

You can even confirm this by typing the following command:

Mandate: Aircrack-ng

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.086 registrants.

aicrack cap fileairplay commandairplay deauthairodump commandbssid addresscapture handshakedeauthentication attackhandshake addressverify handshakewireless crackingwireless deauthwireless hackingwireless pentesting

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).