| Next revisionBoth sides next revision |
| airodump-ng.pt-br [2008/03/25 19:16] – created jaymessmith | airodump-ng.pt-br [2008/03/25 19:59] – jaymessmith |
|---|
| |
| Tradução e Adaptação em Desenvolvimento: JaymesSmith (25/03/08)\\ | Tradução e Adaptação em Desenvolvimento: JaymesSmith (25/03/08)\\ |
| Status: **00%** traduzido.\\ | Status: **20%** traduzido.\\ |
| //Quando terminada, essas linhas serão apagadas.\\ | //Quando terminada, essas linhas serão apagadas.\\ |
| When finished, these lines will be erased.// | When finished, these lines will be erased.// |
| |
| ===== Descrição ===== | ===== Descrição ===== |
| Airodump-ng é usado para captura de pacotes de frames brutos 802.11 e é particularmente ajustável para coletarIVs WEP (...) is used for packet capturing of raw 802.11 frames and is particularly suitable for collecting WEP [[http://en.wikipedia.org/wiki/Initialization_vector|IVs]] (Initialization Vector) for the intent of using them with [[aircrack-ng]]. If you have a GPS receiver connected to the computer, airodump-ng is capable of logging the coordinates of the found access points. Additionally, airodump-ng writes out a text file containing the details of all access points and clients seen. | Airodump-ng é usado para captura de pacotes de frames brutos 802.11 e é particularmente apropriado para coletar [[http://en.wikipedia.org/wiki/Initialization_vector|IVs]] (Vetores de Inicialização) WEP com intuito de usá-los com o [[aircrack-ng.pt-br|aircrack-ng]]. Se você tem um receptor GPS conectado ao computador, airodump-ng é capaz de registrar as coordenadas dos Access Points encontrados. Suplementarmente, airodump-ng cria um arquivo de texto (também chamado de "dump") contendo os detalhes de todos os Access Points e clientes vistos. |
| |
| ===== Uso ===== | ===== Uso ===== |
| |
| Before running airodump-ng, you may start the [[airmon-ng]] script to list the detected wireless interfaces. It is possible, but not recommended, to run [[http://www.kismetwireless.net|Kismet]] and airodump-ng at the same time. | Antes de executar o airodump-ng, inicie o script [[airmon-ng.pt-br|airmon-ng]] para listar as interfaces wireless detectadas. É possível, mas não recomendável, rodar o [[http://www.kismetwireless.net|Kismet]] e airodump-ng ao mesmo tempo. |
| | |
| usage: airodump-ng <options> <interface>[,<interface>,...] | uso: airodump-ng <opções> <interface>[,<interface>,...] |
| | |
| Options: | Opções: |
| --ivs : Save only captured IVs | --ivs : Salva somente IVs capturados |
| --gpsd : Use GPSd | --gpsd : Usa GPSd |
| --write <prefix> : Dump file prefix | --write <prefix> : Prefixo do arquivo dump |
| -w : same as --write | -w : mesmo que --write |
| --beacons : Record all beacons in dump file | --beacons : Grava todos os beacons em arquivo dump |
| --update <secs> : Display update delay in seconds | --update <secs> : Mostra atraso de atualização em segundos |
| --showack : Prints ack/cts/rts statistics | --showack : Apresenta as estatísticas ack/cts/rts |
| -h : Hides known stations for --showack | -h : Esconde estações conhecidas pelo --showack |
| -f <msecs> : Time in ms between hopping channels | -f <msecs> : Tempo em milisegundos entre canais alternando (saltos) |
| --berlin <secs> : Time before removing the AP/client | --berlin <secs> : Tempo antes da remoção do AP/cliente |
| from the screen when no more packets | da tela quando nenhum pacote a mais |
| are received (Default: 120 seconds). | for recebido (Padrão: 120 segundos). |
| -r <file> : Read packets from that file | -r <file> : Lê pacotes do arquivo especificado. |
| | |
| Filter options: | Opções de filtro: |
| --encrypt <suite> : Filter APs by cipher suite | --encrypt <suite> : Filtra APs pela criptografia (cifra) |
| --netmask <netmask> : Filter APs by mask | --netmask <netmask> : Filtra APs pela máscara de sub-rede |
| --bssid <bssid> : Filter APs by BSSID | --bssid <bssid> : Filtra APs pelo BSSID |
| -a : Filter unassociated clients | -a : Filtra clientes não-associados |
| | |
| By default, airodump-ng hop on 2.4Ghz channels. | Por padrão, airodump-ng salta em canais 2.4GHz. |
| You can make it capture on other/specific channel(s) by using: | Você pode fazê-lo capturar em outro(s)/específico(s) canal(is) usando:You can make it capture on other/specific channel(s) by using: |
| --channel <channels>: Capture on specific channels | --channel <channels>: Captura em canais específicos |
| --band <abg> : Band on which airodump-ng should hop | --band <abg> : Banda na qual o airodump-ng deve saltar (a, b ou g) |
| --cswitch <method> : Set channel switching method | --cswitch <method> : Configura o método de alternação dos canais |
| 0 : FIFO (default) | 0 : FIFO (padrão) |
| 1 : Round Robin | 1 : Round Robin |
| 2 : Hop on last | 2 : Salta no último |
| -s : same as --cswitch | -s : mesmo que --cswitch |
| | |
| --help : Displays this usage screen | --help : Mostra esta tela de uso do programa |
| |
| You can [[FAQ#Can I convert cap files to ivs files ?|convert]] .cap / .dump file to .ivs format or [[FAQ#How do I merge multiple capture files ?|merge]] them. | Você pode [[FAQ#Can I convert cap files to ivs files ?|converter]] arquivos .cap / .dump para o formato .ivs ou [[FAQ#How do I merge multiple capture files ?|mesclá-los]]. |
| |
| |
| ===== Usage Tips ===== | ===== Dicas de Uso ===== |
| |
| |
| ==== What's the meaning of the fields displayed by airodump-ng ? ==== | ==== Qual o significado dos campos apresentados pelo airodump-ng ? ==== |
| |
| airodump-ng will display a list of detected access points, and also a list of connected clients ("stations"). Here's an example screenshot: | Airodump-ng mostrará uma lista de Access Points detectados, e também uma lista de clientes conectados ("estações"). Aqui está um exemplo de uma captura de tela: |
| |
| CH 9 ][ Elapsed: 1 min ][ 2007-04-26 17:41 ][ WPA handshake: 00:14:6C:7E:40:80 | CH 9 ][ Elapsed: 1 min ][ 2007-04-26 17:41 ][ WPA handshake: 00:14:6C:7E:40:80 |
| 00:14:6C:7E:40:80 00:0F:B5:FD:FB:C2 35 0 99 teddy | 00:14:6C:7E:40:80 00:0F:B5:FD:FB:C2 35 0 99 teddy |
| |
| The first line shows the current channel, elapsed running time, current date and optionally if a WPA/WPA2 handshake was detected. In the example above, "WPA handshake: 00:14:6C:7E:40:80" indicates that a WPA/WPA2 handshake was successfully captured for the BSSID. | A primeira linha mostra o canal atual, tempo de execução decorrido, data atual e opcionalmente se um "aperto de mão" (handshake) WPA/WPA2 foi detectado. No exemplo acima, "WPA handshake: 00:14:6C:7E:40:80" indica que um //handshake// WPA/WPA2 foi capturado com sucesso para o BSSID. |
| |
| ^Field^Description^ | ^Campo^Descrição^ |
| |BSSID|MAC address of the access point. In the Client section, a BSSID of "(not associated)" means that the client is not associated with any AP. In this unassociated state, it is searching for an AP to connect with.| | |BSSID|MAC address of the access point. In the Client section, a BSSID of "(not associated)" means that the client is not associated with any AP. In this unassociated state, it is searching for an AP to connect with.| |
| |PWR|Signal level reported by the card. Its signification depends on the driver, but as the signal gets higher you get closer to the AP or the station. If the BSSID PWR is -1, then the driver doesn't support signal level reporting. If the PWR is -1 for a limited number of stations then this is for a packet which came from the AP to the client but the client transmissions are out of range for your card. Meaning you are hearing only 1/2 of the communication. If all clients have PWR as -1 then the driver doesn't support signal level reporting.| | |PWR|Signal level reported by the card. Its signification depends on the driver, but as the signal gets higher you get closer to the AP or the station. If the BSSID PWR is -1, then the driver doesn't support signal level reporting. If the PWR is -1 for a limited number of stations then this is for a packet which came from the AP to the client but the client transmissions are out of range for your card. Meaning you are hearing only 1/2 of the communication. If all clients have PWR as -1 then the driver doesn't support signal level reporting.| |
