WiFi Data Capturing on 2 Channels - Beginner Guide

Product: Linux
Commands: airodump-ng, iw

Overview

I do not like to use the airmon-ng command to change the WiFi device name to follow its original device name, which it is hard for me to remember, e.g. device name wlp0s12u1.

So in this post, I will use "iw" utility (previously called iwlist, iwconfig) that bundled with Fedora 41, or RedHat RHEL 9, to configure the WiFi adapter in monitor mode with my preferred device name.  The benefits are:
  • I can define my own device name, e.g. wlan0mon
  • I can use pre-defined device name in script
  • "iw" utility offers more information in the WiFi network adapter as well as LAN NIC
  • USB device detection is more accurate
  • It can shows device name of my USB WiFi dongle without additional typing
  • It can creates additional logical device that other new users like, such as wifi1, capture2024

Procedure

  1. Login to Linux as root, or use one of the following
    1. su -
    2. sudo su -
  2. Find out the physical device ID using "iw dev" command
    1. It will display "phy#<n>"
    2. Under "Interface" line, it will display device name, e.g. wlp0s12u1
    3. Under Interface > type, it will display either managed, or monitor to indicate your WiFi is in AP client mode, or monitor mode
  3. Creates a new logical device wlan0mon and set it to monitor mode.  Assumes the physical device number shown above is phy#9, which means 9
    1. Enter: iw phy phy9 interface add wlan0mon type monitor
    2. You can replace "wlan0mon" with your desire name of the WiFi adapter
  4. If you prefers to change existing WiFi adapter to monitor mode instead of creating a new logical device, then
    1. Enter: iw wlp0s12u1 set type monitor
    2. You can replace "wlp0s12u1" with the device name shown in "iw dev" or "ip link" command
  5. Type "iw dev" again and you will see new device wlan0mon (if you created it) in monitor mode.  Please note that there will be 2 devices (interface) under the same physical device
    1. If you modified existing device, then the output will show 1 device name in monitor mode
  6. Let's say I want to capture SSID "Karate" on 2GHz channel 6, and 5GHz channel 149, and saving the output to capture_Karate_202412
    1. Enter: airodump-ng --channel 6,149 --essid "Karate" --write capture_Karate_202412
    2. The program will start to run and start capturing
    3. You can specify multiple channels by using comma.  However, the program will hops through each of them, and might missed some data.  If you do not want to missed any data, then installs an additional USB WiFi adapter

Comments

Post a Comment

Popular posts from this blog

Oracle ORA-0600 on 17090 - When login with wrong password

Product: Oracle Database 19c Symptom When login to Oracle database to a specific user with wrong password, instead of getting ORA-01017, it shown following error, and disconnected the session $ sqlplus tester1/****** SQL*Plus: Release 19.0.0.0.0 - Production on Wed Oct 26 11:12:16 2022 Version 19.3.0.0.0 Copyright (c) 1982, 2019, Oracle.  All rights reserved. ERROR: ORA-00600: internal error code, arguments: [17090], [], [], [], [], [], [], [],[], [], [], [] This only affecting 1 DB user, and not global Analysis Tested with several DB user, and found that only affecting 1 DB user account Checked alert.log file, and found the trc file that generated Following is the content of the trc file with additional failure detail: 2022-10-26T11:12:17.635430-07:00 Unified Audit record write to audit trail table failed due to ORA-1012. Writing the record to OS spillover file. Errors in file /dbf/diag/rdbms/ORCL/ORCL/trace/ORCL_ora_527371.trc  (incident=97297): ORA-00600: internal error cod...
Read more

Windows 10: Converting MBT to GPT+EFI Partition Type

Image
Product: Windows 10 Command: mbt2gpt.exe Sharing my experience to convert my MBT boot partition that run Windows 10 to GPT with EFI boot. Let me list down the step I took for my ASUS Z97-A motherboard: Run "CMD" as administrator Determine the disk number diskpart - utility to query disk partition Ref: https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/diskpart list - list all disks select disk 0 - this is my boot disk, i.e. C: detail - show all partitions. Ensure the partition size match my C: and double confirm disk 0 is correct Boot into recovery mode Click Start >  Settings to bring up Windows Setting (Control Panel) Click Update & Security menu Click Recovery menu Convert disk 0 MBT partition to GPT for entire disk.  This will convert entire disk to GPT partition design.  It is not possible to only convert specific partition mbt2gpt /convert /disk:0 Example output MBR2GPT will now attempt to convert disk 0. If conversion i...
Read more

AMD Custom Resolution Setting for BenQ EX3501R Ultra Wide Monitor

Image
 Product: BenQ EX3501R Ultra Wide 35" Monitor AMD Radeon Ver 2021/-511.1532.24954 GPU: AMD Radeon HD 7870 Bought the popular 35" ultra wide monitor that support 3440x1440 30Hz HDR.  Tried to configure it to work with older AMD GPU, but found that Windows 10 doesn't offer a list of this resolution. All the detected resolutions are leadings to improper size, and not fill up the entire monitor. After days of testing, and struggling, then I found that I have to install the full Radeon driver in order to launch AMD Radeon Softwere to be able to create custom display resolution. When I got into the custom display resolution screen, then I was confused with a series of values to enter.  BenQ homepage provides no help to fill in the values, so I have to look online how to derive all these parameters based on the resolution of 3440x1440 29.970Hz refresh rate (got the refresh rate from other GPU that works). Following are the values you should enter when creating a custom 3440x1440...
Read more