查詢無線網卡基本情況
1 root@kali:~# iwconfig 2 lo no wireless extensions. 3 4 wlan0 IEEE 802.11 ESSID:off/any 5 Mode:Managed Access Point: Not-Associated Tx-Power=20 dBm 6 Retry short long limit:2 RTS thr:off Fragment thr:off 7 Encryption key:off 8 Power Management:off 9 10 eth0 no wireless extensions.
wlan0就是我們所選擇的無線網卡
root@kali:~# ifconfig eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.1.105 netmask 255.255.255.0 broadcast 192.168.1.255 inet6 ▇▇::▇▇:▇▇:▇▇ prefixlen 64 scopeid 0x20<link> ether ▇▇:▇▇:▇▇:▇▇:▇▇:▇▇ txqueuelen 1000 (Ethernet) RX packets 1915 bytes 132391 (129.2 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 53 bytes 4933 (4.8 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) RX packets 20 bytes 1116 (1.0 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 20 bytes 1116 (1.0 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 wlan0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 ether ▇▇:▇▇:▇▇:▇▇:▇▇:▇▇ txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
如果ifconfig命令中沒有發現wlan0,通過ifconfig -a查看無線網卡是否存在,若存在則證明wlan0沒有啟動,需要進行配置
1 root@kali:~# ifconfig wlan0 up
通過iw list指令查看無線網卡詳細信息
1 root@kali:~# iw list
查看支持接口模式
1 root@kali:~# iw list 2 3 ...... 4 Supported interface modes: 5 * IBSS 6 * managed 7 * AP 8 * AP/VLAN 9 * monitor 10 * mesh point 11 ......
查看信道
1 root@kali:~# iwlist wlan0 frequency 2 wlan0 14 channels in total; available frequencies : 3 Channel 01 : 2.412 GHz 4 Channel 02 : 2.417 GHz 5 Channel 03 : 2.422 GHz 6 Channel 04 : 2.427 GHz 7 Channel 05 : 2.432 GHz 8 Channel 06 : 2.437 GHz 9 Channel 07 : 2.442 GHz 10 Channel 08 : 2.447 GHz 11 Channel 09 : 2.452 GHz 12 Channel 10 : 2.457 GHz 13 Channel 11 : 2.462 GHz 14 Channel 12 : 2.467 GHz 15 Channel 13 : 2.472 GHz 16 Channel 14 : 2.484 GHz 17 Current Frequency:2.447 GHz (Channel 8)
或者使用iw list指令
1 ...... 2 Frequencies: 3 * 2412 MHz [1] (20.0 dBm) 4 * 2417 MHz [2] (20.0 dBm) 5 * 2422 MHz [3] (20.0 dBm) 6 * 2427 MHz [4] (20.0 dBm) 7 * 2432 MHz [5] (20.0 dBm) 8 * 2437 MHz [6] (20.0 dBm) 9 * 2442 MHz [7] (20.0 dBm) 10 * 2447 MHz [8] (20.0 dBm) 11 * 2452 MHz [9] (20.0 dBm) 12 * 2457 MHz [10] (20.0 dBm) 13 * 2462 MHz [11] (20.0 dBm) 14 * 2467 MHz [12] (20.0 dBm) (no IR) 15 * 2472 MHz [13] (20.0 dBm) (no IR) 16 * 2484 MHz [14] (20.0 dBm) (no IR) 17 ......
發現AP
1 root@kali:~# iw dev wlan0 scan
還可以通過管道進行篩選:
搜索附近AP名稱
root@kali:~# iw dev wlan0 scan | grep SSID SSID: 1▇▇▇▇ SSID: T▇▇▇▇ SSID: C▇▇▇▇ ......
搜索附近AP名稱及信道
1 root@kali:~# iw dev wlan0 scan | egrep "DS\ Parameter\ set|SSID" 2 SSID: 1▇▇▇▇ 3 DS Parameter set: channel 11 4 SSID: T▇▇▇▇ 5 DS Parameter set: channel 11 6 SSID: C▇▇▇▇ 7 DS Parameter set: channel 1 8 ......
搜索名稱、信道及頻率
root@kali:~# iwlist wlan0 scanning | egrep "ESSID|Channel" Channel:11 Frequency:2.462 GHz (Channel 11) ESSID:"1▇▇▇▇" Channel:11 Frequency:2.462 GHz (Channel 11) ESSID:"T▇▇▇▇" Channel:1 Frequency:2.412 GHz (Channel 1) ESSID:"C▇▇▇▇" Channel:1
monitor模式
增加monitor模式
對無線網卡添加monitor模式后才可以進行無線抓包,命名規則在原有無線網卡名稱后添加mon,例:wlan0 -> wlan0mon
root@kali:~# iw dev wlan0 interface add wlan0mon type monitor
啟動wlan0mon
添加wlan0mon后不會自動啟動,需要手動進行啟動
1 root@kali:~# ifconfig wlan0mon up
刪除monitor
抓包之后可以刪除monitor
root@kali:~# iw dev wlan0mon interface del
抓包
打開Wireshark 選擇wlan0mon
