AIRODUMP-NG

Section: User Commands (1)
Updated: April 2006
Index Return to Main Contents

 

NAME

airodump-ng is a packet capture tool for aircrack-ng.  

SYNOPSIS

airodump-ng [options] <interface name>  

DESCRIPTION

airodump-ng is a packet capture tool for aircrack-ng. It allows dumping packets directly from WLAN interface and saving them to a pcap or IVs file.  

OPTIONS

--ivs
It only saves IVs (only usefull for cracking).
--gpsd
Indicate that airodump-ng should try to use GPSd to get coordinates.
-w, --write <prefix>
Is the dump file prefix to use (it's a mandatory field).
-c, --channel <channel>
Indicate the channel to listen to. By default airodump-ng hop on all available channels (2.4 and 5Ghz).
-b, -g, --bg
Airodump-ng will only hop on 2.4Ghz channels.
-a
Airodump-ng will only hop on 5Ghz channels.
 

EXAMPLES

airodump-ng --channel 4 --write out ath0

Here's an example screenshot:

-----------------------------------------------------------------------

  CH  7 ][ BAT: 2 hours 10 mins ][ 2006-03-28 21:00

  BSSID              PWR  Beacons     # IV  CH  MB  ENC   ESSID


  00:13:10:30:24:9C   46       15     3416   6  54. WEP   the ssid
  00:09:5B:1F:44:10   36       54        0  11  11  OPN   NETGEAR


  BSSID              STATION            PWR  Packets  Probes


  00:13:10:30:24:9C  00:09:5B:EB:C5:2B   48      719  the ssid
  00:13:10:30:24:9C  00:02:2D:C1:5D:1F  190       17  the ssid         
-----------------------------------------------------------------------


            - CH is the channel on which the AP is setup
            - BAT is the remaining battery time
            - BSSID is the Access Point MAC address
            - PWR is the signal power, which depends on the driver
            - Beacons is the total number of beacons
            - # IVs: self-explanatory
            - MB is the maximum communication speed (the dot mean short preamble).
            - ENC is the encryption protocol in use:
                OPN = open, WEP? = WEP or WPA (no data), WEP, WPA
            - ESSID is the network identifier

The first part is the detected access points (in this case, only 00:13:10:30:24:9C on channel 6 with WEP encryption). It also displays a list of detected wireless clients ("stations"), in this case 00:09:5B:EB:C5:2B and 00:02:2D:C1:5D:1F. By relying on the signal power, one can even physically pinpoint the location of a given station.  

AUTHOR

This manual page was written by Adam Cecile <gandalf@le-vert.net> for the Debian system (but may be used by others). Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 or any later version published by the Free Software Foundation On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL.  

SEE ALSO


airmon-ng(1)
airdecap-ng(1)
aircrack-ng(1)
aireplay-ng(1)
arpforge-ng(1)
ivstools(1)

 

Index

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
EXAMPLES
AUTHOR
SEE ALSO
This document was created by man2html, using the manual pages.
Time: 22:12:29 GMT, February 23, 2023