Basic WIFI Manipulation

WIFI Commands

  • ifconfig: to show WiFi interfaces

  • iwconfig: to show wireless interface mode

  • ip addr: to show IP addresses

Mac Address Changing

A MAC address stands for Media Access Control and is a permanent, physical, and unique address assigned to network interfaces by the device manufacturer. Each network device has a specific MAC address, which is unique to that device and remains the same even if the device is connected to a different computer. The MAC address is used to identify devices within the network and transfer data between devices. Each packet of data contains a source MAC and a destination MAC, and changing the MAC address makes the user anonymous on the network.

Why change the MAC address?

  • Increase anonymity.

  • Impersonate other devices.

  • Bypass filters.

to change your Mac address:

ifconfig [interface] down
ifconfig [interface] hw ether [mac addr]
ifconfig [interface] up

or by simply typing: 

macchanger -s [interface]

Managed and Monitor modes

Devices on the same network communicate with each other using packets. So regardless of what you do on the network, whether you're watching a video, logging into a website, sending chat messages, sending emails, or any other activity, all the data is sent as packets. In the network, devices ensure that these packets go in the right direction using the MAC address so each packet has a source MAC and a destination MAC, and it flows from the source to the destination. For example, if a client wanted to send a packet to the router, it would set the destination MAC to the router's MAC address. By default, each device only receives data that has the destination MAC as its own MAC address. However, in wireless networks, if you're within range, you'll be able to capture all of this communication because these packets are literally sent in the air. So we can just capture them even if they do not have our MAC address as the destination MAC. To do this, we need to change the mode of operation of our wireless interface so that it operates in monitor mode. If we change the mode of operation of our wireless interface to monitor mode, we can capture all packets that are sent in the air, regardless of their destination MAC address. This is useful for network analysis and troubleshooting.

To change wireless interface mode:

ifconfig [interface] down
iwconfig [interface] mode [mode]
ifconfig [interface] up

or by simply typing: 

airmon-ng start [interface]

and to return to managed mode 

airmon-ng stop [interface]

Sniffing the packets in the air

After enabling monitor mode, let’s start by sniffing the packets in the air and for that we going to use a tool called airodump-ng a part from aircrack-ng suite

airodump-ng [interface]

Let’s start targeting a network

airodump-ng –bssid [AP bssid] –channel [AP channel] –write test [interface]

than we analyze the packet with Wireshark: wireshark test.cap

PreviousWireless AdaptersNextDeauthentication Attack

Last updated