Sniff Wireless Network in 5 minutes from Linux Ubuntu !

Have a nice Linux Day !
In the previous post, I wrote how to sniff from a Wireless Network covered by WPA password Protection.
If the Wireless network is open without any password protection we can sniff directly in Realtime.
To do this we need to create a fake interface that receive all packets as the router.
To see all data packets Wireshark (analize network protocol) should be in Promiscue mode.

Below the steps :

1. switch the wlan0 card off
fafa@fafa-K52Jr:~$ sudo ifconfig wlan0 down

2. Put the wireless card in monitoring mode
fafa@fafa-K52Jr:~$ sudo iwconfig wlan0 mode monitoring

3. Switch the wlan0 card on
fafa@fafa-K52Jr:~$ sudo ifconfig wlan0 up

4. looking for the target (router wireless)
fafa@fafa-K52Jr:~$ sudo aireplay-ng -9 wlan0
It's possible all MAC address regarding the Wireless net near my computer.
The target is 'malaki'

5. set up the wireless channel 
iwconfig wlan0 channel  6

6.sudo airtun-ng -a 04:18:0F:37:5D:53 wlan0
created tap interface at0
No encryption specified. Sending and receiving frames through wlan0.

7. Open another Shell
Active the fake interface created in the previous step
sudo ifconfig at0 up

8.Open Wireshark and Sniff the wireless network
sudo wireshark

Wireshark should be set up in promiscue mode.
You need to sniff from the interface at0

That's all!
you are sniffing in realtime from a Open Wireless Network.
Thanks ! Angelo  

Why to use an "open wireless" is not safe ? Maybe when you use a "open wireless"...someone is looking at you.

Why use an "open wireless network" is not safe ?
Maybe when you use a "open wireless"...someone is looking at you.

Source: http://www.wifi-ita.com
Italian Wireless Community

Difficult: 'Media' because you need to set up your Linux

Target: malaki wireless net

1. switch the wlan0 card off
fafa@fafa-K52Jr:~$ sudo ifconfig wlan0 down

2. Put the wireless card in monitoring mode
fafa@fafa-K52Jr:~$ sudo iwconfig wlan0 mode monitoring

3. Switch the wlan0 card on
fafa@fafa-K52Jr:~$ sudo ifconfig wlan0 up

4. looking for the target (router wireless)
fafa@fafa-K52Jr:~$ sudo aireplay-ng -9 wlan0
It's possible all MAC address regarding the Wireless net near my computer.
The target is 'malaki'

5.
airodump-ng -c 6 --bssid 04:18:0F:37:5D:53  -w TestWireless wlan0

By this command we register everthings what a stupid guy that belive to be an hacker performs
only because enter in our  Net
I perform an experiment I'll go from my tablet in some sites:
www.wikipedia.org
www.corriere.it
www.asus.com

Now I have a ".cap" file.
we can open it with wireshark.
We can see few data because the wireless net is protected
by WPA we need to decript it.

6. Decript
sudo airdecap-ng -l -e malaki -p pippi1234! TestWireless-02.cap
We can open it with wireshark Again !
We have the decripted file !


Thanks to see !
Angelo Luciani