Information Technology Tips

Innotechtips_logo_v4
Menu
  • Home
  • Linux
  • Programming
  • Other Tech Tips
    • Windows
    • Security
Youtube
Home Linux

How to Capture Network Traffic on a Wi-Fi Network using Kali Linux

Inno by Inno
July 27, 2023

In this article, we will cover the concept of capturing or sniffing network traffic on a Wi-Fi/wireless network using free tools on Kali Linux. In order to successfully capture traffic on a wireless network, we will need to have a wireless network adapter that can be placed into monitor mode. Most wireless adapters can only support managed mode which does not allow us to monitor traffic on a wireless network.

To check the status of our wireless adapter, we will use the iwconfig command on the terminal. Once we run the iwconfig command we will be able to see that our wireless adapter is in either managed mode or monitor mode.

The command that we will use to put our wireless adapter into monitor mode is airmon-ng. We can see what options are available to us when using this command:

sudo airmon-ng –help

The options available include start, stop, and check. Now, we will start the monitor mode by running the below command:

sudo airmon-ng start wlan0

To check the status of our wireless adapter, we will use the below command again:

iwconfig

As we can see from the output, the wireless adapter has changed to monitor mode and its name has also changed to wlan0mon. It is worth noting that while in monitor mode, our device will not have internet connectivity.

Next, we will introduce a new command that we can use to view information on the various wireless networks that are within our range. The command is airodump-ng. We will run the command and input the new name for our wireless adapter from above:

sudo airodump-ng wlan0mon

The output displays a list of networks with their associated information such as the mac address of the wireless router (or BSSID), the channel number, the type of encryption and authentication being used, and the name of the wireless network. To stop the airodump-ng tool, we use the CTRL+C command. With this information, we can launch a targeted attack by specifying a given network’s specific MAC address of the wireless router. In our case, we will focus on our own router whereby the wireless network has a bssid of 54:AF:97:62:74:9C.

We will use the below command to gather much more information about our target network. The captured packets will be saved or written in a file named wificapture1:

sudo airodump-ng –channel 2 –bssid 54:AF:97:62:74:9C –write wificapture1 wlan0mon

Once we run the command we will start to see MAC address information for the different stations or end-user devices that are communicating on that Wi-Fi network. We will stop the command by pressing CTRL+C. We can also view the different files that were generated by our command. To view a list of the files, we will use this command:

ls -l

As we can see, there is a total of five different files that have a name beginning with that which we specified in our command. In our case, the file name is wificapture1. Now, when it comes to viewing network capture files, specifically those with file names ending with .cap, there is a popular and useful tool that will allow us to view and analyze the network traffic. The name of the tool is Wireshark and we can open it via the terminal or by searching for it via the GUI. In the terminal, we will just type the word wireshark to open the tool.

With Wireshark open, we will click on File>Open then we will select the file that ends with .cap and click open or double-click on the file.

The resulting window will display various packets that were being sent by different devices on the wireless network. We can drill down into the different packets to analyze more details associated with the communication.

For every packet on the list, we are able to see different information such as the source MAC address, destination MAC address, and type of packet. We can filter the packets based on this information to narrow down our analysis. It is worth pointing out that if the wireless network is utilizing some form of protection or encryption, it will be hard to decipher the data contents of the packets.

Inno

Inno

Related Posts

Linux

Getting Started with Kali Linux: A Guide for Beginners

July 31, 2024
Linux

20 Linux Commands for Beginners

March 31, 2024
Linux

What is KVM Virtualization?

March 31, 2024
Linux

The Linux Booting Process in Linux

February 17, 2024

Category

  • Linux
  • Other Tech Tips
  • Programming
  • Windows

Recommended.

How to Capture Network Traffic on a Wi-Fi Network using Kali Linux

July 27, 2023

How to Configure the Firewall on Ubuntu Linux using ufw

July 27, 2023

Trending.

How To Connect Kali Linux to Wi-Fi on VirtualBox

October 9, 2023

How to Install and Enable Free VPN in Kali Linux

July 27, 2023

How to Connect Kali Linux on VMware Workstation to a Wi-Fi Network

July 27, 2023

Getting Started with Kali Linux: A Guide for Beginners

July 31, 2024

10 Useful Network Troubleshooting Commands in Linux

February 17, 2024

About us

This site is dedicated towards highlighting various important aspects of information technology. The key areas includes programming, Linux, software, and security. The content will include articles as well as videos.

Quick Links

Menu
  • Home
  • Linux
  • Programming
  • Other Tech Tips
    • Windows
    • Security

Privacy Policy

Menu
  • Privacy Policy
Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}
No Result
View All Result
  • Cookie Policy (EU)
  • Home 1
  • Home 2
  • Home 3
  • Mytest Page
  • Privacy Policy

© 2025 JNews - Premium WordPress news & magazine theme by Jegtheme.