Return to site
Return to site

set network card to monitoring mode to capture data packets

1. The usb wifi card used is the RTL8812AU awus036ach
2. The virtual machine VMvare is used to install kali linux , the user name of the virtual machine kali is root, and the default password is toor

Turn on monitor mode
a. Use iwconfig view the status of the card
if the card is not activated, use ifconfig wlan2 up

b. Use airmon-ng [start or stop] interface [channel] to enable listening mode

Start monitor mode
airmon-ng start wlan2

Close monitor mode
airmon-ng stop wlan2

Scan with airdump-ng
Syntax: airdump-ng [options] <interface name>
airdump-ng There are many commands that can be used in the command, users can use –help to view.

For example: the
network card needs to open the monitoring mode as described above.

             airdump-ng mon0

Promiscuous mode

Promiscuous mode (promiscuous mode) is a computer network terminology. Refers to a machine's network card can receive all the data flow passing through it, regardless of whether its destination address is it.

Generally, computer network cards work in non-promiscuous mode. At this time, the network card only accepts data from the network port's destination address to point to itself. When the network card works in promiscuous mode, the network card captures all data from the interface and hands it to the corresponding driver.

The command to open the promiscuous mode of the network card is as follows:

Through shell commands:
ifconfig wlan0 promisc set promiscuous mode
ifconfig wlan0 -promisc cancel promiscuous mode

Monitor mode (monitor)

iwconfig wlan0 mode monitor

/home # iwconfig
lo no wireless extensions.

wlan0 IEEE 802.11b ESSID:"" Nickname:"<WIFI@REALTEK>"
Mode:Monitor Frequency:2.412 GHz Access Point: Not-Associated
Sensitivity:0/0
Retry:off RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
Link Quality:0 Signal level:0 Noise level:0
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0

eth0 no wireless extensions.
————————————————

If it does not take effect, you can try first

ifconfig wlan0 down

iwconfig wlan0 mode monitor

ifconfig wlan0 up

What is the difference between wireless network card monitoring mode and promiscuous mode:

  • The monitoring mode allows the network card to capture data of characteristic channels without connecting to wifi, that is, capturing data of a certain band in the air. Can be used to crack wifi password
  • Promiscuous mode (connected to wifi) is to receive all data packets passing through the network card, including packets not sent to the machine, that is, the MAC address is not verified
  • In normal mode, the network card only receives packets sent to the machine
PreviousNext
Cookie Use
We use cookies to improve browsing experience, security, and data collection. By accepting, you agree to the use of cookies for advertising and analytics. You can change your cookie settings at any time. Learn More
Accept all
Settings
Decline All
Cookie Settings
Necessary Cookies
These cookies enable core functionality such as security, network management, and accessibility. These cookies can’t be switched off.
Analytics Cookies
These cookies help us better understand how visitors interact with our website and help us discover errors.
Preferences Cookies
These cookies allow the website to remember choices you've made to provide enhanced functionality and personalization.
Save