I am using the Wifi adaptor with Atheros AR9271 chip.
Steps:
- Make sure you have a Wifi adaptor which supports monitor mode.
You may check it in linuxwireless.org. I prefer the one with Atheros AR9271 chip (eg. TP-LINK TL-WN721N). I don't recommend the one with Realtek chip (likely no monitor mode) or Ralink chip (seems recent version of the chip requires a latest version of kernel) - Compile and install aircrack-ng (Guide)
- To start the monitor mode by executing (assume your wifi device is wlan0)
- Then you can sniff packets using Wireshark and monitor device mon0
- To stop the monitor mode, execute
sudo airmon-ng start wlan0 [optional channel no.]A monitor device (usually with name monX, where X=[0...9]) will be created and you can do sniffing on that device
sudo airmon-ng stop mon0
sudo airmon-ng stop wlan0
FAQ
Question: Got error message "SIOCSIFFLAGS: Operation not possible due to RF-kill"
Solution: The Wifi adaptor is turned off somehow. Please either (i) turn it on in NetworkManager, or (ii) execute "sudo rfkill unblock wifi"
沒有留言:
發佈留言