Wireless sniffing is a way to capture/monitor the packets which are travelling in the wireless area. Just like wired sniffing, In wireless sniffing we first of all put the wifi card into "monitor mode".
The reason we put in into monitor mode is, in monitor mode interface the card accepts all the packets that it sees over the air. Its similar to the promiscuous mode of wired sniffing . Now assuming that you have gone through the backtrack OS and tools part of the book we will see how to perform a sniffing attack using the inbuilt tools in Backtrack.
Backtrack has a couple of tools which would help us in quickly put a card in monitor mode interface and start sniffing .We will use Airmon-NG which is a part of Aircrack_NG suite of tools which we will see in more detail in later chapters .
Lets get started step by step:-
- Open the terminal window of your backtrack instance
- Type in ifconfig -a to check if the wireless card is attached. It will show all the available network cards on your device. You will see a wlan0 interface in that list, this is your wireless card.
- Now we need to bring this wifi card alive. For that in the terminal type ifconfig wlan0 up. After the card is up, you can recheck it by quickly doing an ifconfig again.
- Our wlan0 interface is up now, But before we could use it for sniffing purposes, we have to create another interface on the top of this wlan0 interface, which will be the monitor mode interface "mon0"
To create a monitor mode interface we will use a tool called Airmon-ng. If we run airmon-ng without any argument it will show the list of available wireless interfaces and the driver which has been loaded.
To create a monitor mode interface on top of wlan0 issue the command airmon-ng start wlan0 in the terminal window. This will show a message that monitor mode enabled mon0
Now if we run airmon-ng without any argument, it will show a virtual interface mon0 with wlan0 and if we do an "ifconfig" we will see that there is an interface mon0 up and running which has the same mac address as of our actual wireless card. Now we will use this mon0 interface for all our sniffing purposes.