文章目录
获取当前的 network interface
mali@ubuntu:~$ ifconfig
enp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.3.6 netmask 255.255.255.0 broadcast 192.168.3.255
inet6 fe80::892c:5025:2488:6e7a prefixlen 64 scopeid 0x20<link>
ether c8:f7:50:f3:dd:24 txqueuelen 1000 (Ethernet)
RX packets 7166 bytes 6708001 (6.7 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 5540 bytes 854385 (854.3 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 484 bytes 44117 (44.1 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 484 bytes 44117 (44.1 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wlx00259cf84e51: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
unspec 00-25-9C-F8-4E-51-30-3A-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 151204 bytes 33129551 (33.1 MB)
RX errors 0 dropped 151204 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
mali@ubuntu:~$
将无线网卡配置为 monitor 模式
sudo ifconfig wlx00259cf84e51 down
sudo iwconfig wlx00259cf84e51 mode monitor
sudo ifconfig wlx00259cf84e51 up
mali@ubuntu:~$ iwconfig
enp1s0 no wireless extensions.
lo no wireless extensions.
wlx00259cf84e51 IEEE 802.11 Mode:Monitor Frequency:2.412 GHz Tx-Power=20 dBm
Retry short long limit:2 RTS thr:off Fragment thr:off
Power Management:on
使用 wireshark 抓包
添加无线 ColoringRules
Coloring of Wireless Lan Packets
设置 filter
wlan.sa --- source address
wlan.da --- destination address
wlan.addr
wlan.ssid
...
加密的无线报文以明文显示
在 802.11 preference 菜单里面点击 Edit 弹出密码设置菜单
选择 wpa-pwd 输入 psk:ssid 点击确定后,原先加密的报文就可以明文显示了。
抓取到的数据包
参考链接
https://blog.csdn.net/neal_hddnwpu/article/details/82586235