Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
1
00:00:01,210 --> 00:00:03,640
Now that we have enabled monitor mode
2
2
00:00:03,640 --> 00:00:06,150
on our wireless interface,
3
3
00:00:06,150 --> 00:00:09,556
we are able to capture all the wifi packets
4
4
00:00:09,556 --> 00:00:12,680
sent within our range,
5
5
00:00:12,680 --> 00:00:16,390
even if the packet is not directed to our computer,
6
6
00:00:16,390 --> 00:00:20,020
even if we're not connected to the target network,
7
7
00:00:20,020 --> 00:00:22,690
and even without knowing the key
8
8
00:00:22,690 --> 00:00:25,800
or the password to the target network.
9
9
00:00:25,800 --> 00:00:28,810
So all we need right now is a program
10
10
00:00:28,810 --> 00:00:32,000
that can capture these packets for us.
11
11
00:00:32,000 --> 00:00:36,240
The program that we're going to use is called Airodump-NG.
12
12
00:00:36,240 --> 00:00:39,340
It's part of the Aircrack-NG suit,
13
13
00:00:39,340 --> 00:00:41,040
and it's a packet-sniffer,
14
14
00:00:41,040 --> 00:00:43,470
so it's basically a program designed
15
15
00:00:43,470 --> 00:00:47,270
to capture packets while you're in monitor mode.
16
16
00:00:47,270 --> 00:00:48,860
So it will allow us to see
17
17
00:00:48,860 --> 00:00:51,530
all the wireless networks around us,
18
18
00:00:51,530 --> 00:00:55,660
and show us detailed information about it's MAC address,
19
19
00:00:55,660 --> 00:00:57,990
it's channel, it's encryption,
20
20
00:00:57,990 --> 00:01:02,253
the clients connected to this network, and so on.
21
21
00:01:03,360 --> 00:01:06,240
So, let me show you how we're gonna use it.
22
22
00:01:06,240 --> 00:01:09,420
First of all, you need to enable monitor mode
23
23
00:01:09,420 --> 00:01:13,593
on your wireless adapter, as shown in the previous lectures.
24
24
00:01:14,780 --> 00:01:19,490
So, if I go to my Kali machine, and run iwconfig
25
25
00:01:19,490 --> 00:01:23,233
to list all the wireless devices on this computer,
26
26
00:01:24,160 --> 00:01:27,410
you'll see that I have an interface called mon0,
27
27
00:01:27,410 --> 00:01:31,173
and this interface is in monitor mode.
28
28
00:01:32,240 --> 00:01:35,500
Now dependent on the way that you enabled monitor mode,
29
29
00:01:35,500 --> 00:01:40,200
this can be called lan0, it can be called lan0mon,
30
30
00:01:40,200 --> 00:01:41,640
it doesn't really matter.
31
31
00:01:41,640 --> 00:01:44,160
You just wanna make sure you enable monitor mode
32
32
00:01:44,160 --> 00:01:46,560
using one of the methods shown before,
33
33
00:01:46,560 --> 00:01:48,960
and then, use the name of the adapter
34
34
00:01:48,960 --> 00:01:52,363
that is in monitor mode when you run Airodump-NG.
35
35
00:01:53,930 --> 00:01:55,790
Now to run Airodump-NG,
36
36
00:01:55,790 --> 00:01:57,900
we're just gonna type the name of the program,
37
37
00:01:57,900 --> 00:01:59,183
which is airodump-ng,
38
38
00:02:00,720 --> 00:02:03,680
followed by the name of my wireless adapter
39
39
00:02:03,680 --> 00:02:08,680
in monitor mode, which is mon0, as you can see in here.
40
40
00:02:09,770 --> 00:02:11,150
So the command is very simple.
41
41
00:02:11,150 --> 00:02:14,650
We're typing the program name, which is airodump-ng,
42
42
00:02:14,650 --> 00:02:17,990
followed by the name of my interface in monitor mode.
43
43
00:02:17,990 --> 00:02:21,500
If I hit Enter, you'll see it'll start working,
44
44
00:02:21,500 --> 00:02:24,960
discovering all the wireless networks around me,
45
45
00:02:24,960 --> 00:02:28,063
and displaying useful information about them.
46
46
00:02:29,870 --> 00:02:33,310
This program will continue working unless you quit it,
47
47
00:02:33,310 --> 00:02:34,790
and to quit this program,
48
48
00:02:34,790 --> 00:02:37,993
you have to press Control+C from your keyboard.
49
49
00:02:38,870 --> 00:02:41,040
You can actually use Control+C
50
50
00:02:41,040 --> 00:02:44,023
to quit any running program in your terminal.
51
51
00:02:44,910 --> 00:02:48,390
Now that we stopped the program, let's analyze the output
52
52
00:02:48,390 --> 00:02:51,283
so we understand what it's showing us.
53
53
00:02:52,190 --> 00:02:54,390
So first of all, if we look at this column,
54
54
00:02:54,390 --> 00:02:58,930
the ESSID column, it should be a little bit familiar to you,
55
55
00:02:58,930 --> 00:03:00,720
and basically this shows us
56
56
00:03:00,720 --> 00:03:04,353
the names of the wireless networks around us.
57
57
00:03:05,390 --> 00:03:07,460
So if I just go to my Mac machine
58
58
00:03:07,460 --> 00:03:09,750
and look for wireless networks,
59
59
00:03:09,750 --> 00:03:12,830
you'll see the same names that we see in here
60
60
00:03:12,830 --> 00:03:16,093
displayed under the ESSID.
61
61
00:03:17,660 --> 00:03:20,920
Now all of the other columns show us more information
62
62
00:03:20,920 --> 00:03:23,560
about the network name that you see in here,
63
63
00:03:23,560 --> 00:03:26,980
and this information will actually be very useful to us
64
64
00:03:26,980 --> 00:03:28,973
as we go through the course.
65
65
00:03:30,320 --> 00:03:32,630
The first column, the BSSID,
66
66
00:03:32,630 --> 00:03:36,043
shows us the MAC address of the target network.
67
67
00:03:37,250 --> 00:03:39,760
Next, we have the PwR.
68
68
00:03:39,760 --> 00:03:43,350
So this is the signal strength, or the power,
69
69
00:03:43,350 --> 00:03:44,483
of the network.
70
70
00:03:45,510 --> 00:03:48,660
Now the higher the number, the better signal we have.
71
71
00:03:48,660 --> 00:03:52,430
So for example, the network with the best signal right here
72
72
00:03:52,430 --> 00:03:53,443
is this one.
73
73
00:03:55,270 --> 00:03:57,690
Next, we have the beacons.
74
74
00:03:57,690 --> 00:04:01,520
These are frames, sent by the network
75
75
00:04:01,520 --> 00:04:04,580
in order to broadcast it's existence.
76
76
00:04:04,580 --> 00:04:07,510
So every network, even if it's set to be hidden,
77
77
00:04:07,510 --> 00:04:10,360
always sends these type of frames,
78
78
00:04:10,360 --> 00:04:13,320
basically broadcasting it's existence,
79
79
00:04:13,320 --> 00:04:16,620
and telling all the wireless devices around it
80
80
00:04:16,620 --> 00:04:19,497
that "I exist, I have this BSSID.
81
81
00:04:19,497 --> 00:04:22,797
"I work on this channel, I use this encryption,
82
82
00:04:22,797 --> 00:04:24,747
"and my name is this."
83
83
00:04:26,520 --> 00:04:30,790
Next, we have the number of data packets, or data frames,
84
84
00:04:30,790 --> 00:04:32,670
and these are the useful packets
85
85
00:04:32,670 --> 00:04:34,810
that we'll talk about later on,
86
86
00:04:34,810 --> 00:04:37,323
once we get to the cracking section.
87
87
00:04:38,430 --> 00:04:41,480
This column represents the number of data packets
88
88
00:04:41,480 --> 00:04:44,323
that we collected in the past 10 seconds.
89
89
00:04:45,330 --> 00:04:46,900
Next we have the channel,
90
90
00:04:46,900 --> 00:04:50,190
which is the channel that the network works on.
91
91
00:04:50,190 --> 00:04:53,540
So for example, this network right here, the Test AP,
92
92
00:04:53,540 --> 00:04:55,330
works on channel 6.
93
93
00:04:55,330 --> 00:04:58,543
This network works on channel 1, and so on.
94
94
00:04:59,910 --> 00:05:04,803
Next, we have the maximum speed supported by the network.
95
95
00:05:05,720 --> 00:05:09,060
The encryption is a very important column,
96
96
00:05:09,060 --> 00:05:13,610
and it shows us the encryption used by the network.
97
97
00:05:13,610 --> 00:05:17,700
So we can see that the Test AP network is using WPA.
98
98
00:05:17,700 --> 00:05:20,820
We can see we have a network that uses WEP.
99
99
00:05:20,820 --> 00:05:24,450
We can see this network right here is an open network,
100
100
00:05:24,450 --> 00:05:25,920
so it doesn't use encryption.
101
101
00:05:25,920 --> 00:05:29,350
We don't even need a password to connect to it.
102
102
00:05:29,350 --> 00:05:33,103
And we can see we have a WPA2 network right here.
103
103
00:05:34,680 --> 00:05:38,270
CIPHER is the cipher used in the network.
104
104
00:05:38,270 --> 00:05:42,370
So we can see here we have CCMP, we have WEP,
105
105
00:05:42,370 --> 00:05:44,673
and we have CCMP again here.
106
106
00:05:45,612 --> 00:05:48,830
AUTH is the authentication used on that network,
107
107
00:05:48,830 --> 00:05:52,730
and in here we can see it's PSK, Pre-Shared Key,
108
108
00:05:52,730 --> 00:05:55,640
and MGT for this network.
109
109
00:05:55,640 --> 00:05:59,440
Now don't worry about the ENC, the CIPHER and the AUTH.
110
110
00:05:59,440 --> 00:06:02,770
We will talk about breaking into all these networks,
111
111
00:06:02,770 --> 00:06:05,710
into WEP, WPA, and WPA2,
112
112
00:06:05,710 --> 00:06:08,303
in the gaining access section.
113
113
00:06:09,600 --> 00:06:13,050
And finally, you can see we have the ESSID section,
114
114
00:06:13,050 --> 00:06:16,170
which shows the name of the network.
115
115
00:06:16,170 --> 00:06:19,090
So this is what you see when you look for networks
116
116
00:06:19,090 --> 00:06:20,563
in your network manager.
117
117
00:06:21,720 --> 00:06:23,210
So that's it for this lecture.
118
118
00:06:23,210 --> 00:06:25,260
I just wanted to give you a quick look
119
119
00:06:25,260 --> 00:06:27,980
on how to discover all the networks around us
120
120
00:06:27,980 --> 00:06:29,183
using Airodump-NG.
121
121
00:06:30,070 --> 00:06:32,700
Don't worry about Airodump-NG too much now.
122
122
00:06:32,700 --> 00:06:35,790
We're gonna be using it a lot in the next lectures,
123
123
00:06:35,790 --> 00:06:38,230
and you'll get very comfortable with using it
124
124
00:06:38,230 --> 00:06:40,013
as we go through the course.
10893
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.