Monitoring mode(mon0)

Introduction:-
Wireless cards have 6 different modes each with it's own functionality:-
  1. Managed (Client) 
  2. Master (router)
  3. Ad-hoc (peer to peer)
  4. Mesh (planned ad-hoc)
  5. Repeater (WI-FI extender)
  6. Monitor 
Monitor mode is a special mode available in some of the wireless cards that allows you to sniff packets which are being sent form the router to the client even when you are not associated and authenticated to the network. You can also use it to authenticate the user who is associated and authenticated to the network. In other words it is like spying on all the networks in your range.
  
How to check your card? 
Open a terminal and type iw phy phy0 info | grep -A8 modes and hit enter. Here phy0 can be replaced with phy1,phy2,phy3,etc depending on your system.To find out this type airmon-ng and hit enter in the terminal.

How to switch it on?
 To enable monitor mode type ifconfig and hit enter on your terminal. It will give you a list of your interfaces list down the wireless interface name in our case it was wlan0. Now type airmon-ng start wlan0 and hit enter to start the monitor mode on your wireless card.

Is it working?
To check if the mon0 interface is working or not type tshark-i mon0 and hit enter.

What is it's use?
This mode is required for all sorts of WI-FI  hacking and sniffing.

Note:-
In our tests and hacks we are using a dlink dw-123 WIFI dongle. 
Posted by

No comments :

Post a Comment

Subscribe to: Post Comments ( Atom )