User Tools

Site Tools


airodump-ng

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
airodump-ng [2020/01/26 01:07] – Updated options mister_xairodump-ng [2022/05/01 21:03] (current) – [What's the meaning of the fields displayed by airodump-ng ?] PWR: Updated some wording mister_x
Line 1: Line 1:
 ====== Airodump-ng ====== ====== Airodump-ng ======
 ===== Description ===== ===== Description =====
-Airodump-ng is used for packet capturing of raw 802.11 frames and is particularly suitable for collecting WEP [[http://en.wikipedia.org/wiki/Initialization_vector|IVs]] (Initialization Vector) for the intent of using them with [[aircrack-ng]]. If you have a GPS receiver connected to the computer, airodump-ng is capable of logging the coordinates of the found access points.+Airodump-ng is used for packet capture, capturing raw 802.11 frames. It is particularly suitable for collecting WEP [[http://en.wikipedia.org/wiki/Initialization_vector|IVs]] (Initialization Vector) or [[wpa_capture|WPA handshakes]] for the intent of using them with [[aircrack-ng]]. If you have a GPS receiver connected to the computer, airodump-ng is capable of logging the coordinates of the found access points.
  
-Additionally, airodump-ng writes out several files containing the details of all access points and clients seen.+Additionally, airodump-ng writes out several files containing the details of all access points and clients seen, which can be used for scripting, or creating custom tools
  
 ===== Usage ===== ===== Usage =====
Line 104: Line 104:
 ^Field^Description^  ^Field^Description^ 
 |BSSID|MAC address of the access point. In the Client section, a BSSID of "(not associated)" means that the client is not associated with any AP.  In this unassociated state, it is searching for an AP to connect with.|  |BSSID|MAC address of the access point. In the Client section, a BSSID of "(not associated)" means that the client is not associated with any AP.  In this unassociated state, it is searching for an AP to connect with.| 
-|PWR|Signal level reported by the card. Its signification depends on the driver, but as the signal gets higher you get closer to the AP or the station. If the BSSID PWR is -1, then the driver doesn't support signal level reporting.  If the PWR is -1 for a limited number of stations then this is for a packet which came from the AP to the client but the client transmissions are out of range for your card Meaning you are hearing only 1/2 of the communication.  If all clients have PWR as -1 then the driver doesn't support signal level reporting.|+|PWR|Signal level reported by the Wi-Fi adapter. Its signification depends on the driver, but as you get closer to the AP or the station, the signal gets higher. It usually is the [[https://en.wikipedia.org/wiki/Received_signal_strength_indication|RSSI]]. If the BSSID PWR is -1, then the driver doesn't support signal level reporting. If PWR is -1 for some access points, it means the access point is out of range, however airodump-ng got at least a frame sent to it. If the PWR is -1 for a limited number of stations then this is for a packet which came from the AP to the client but the client transmissions are out of range for your Wi-Fi adapter. Meaning you are hearing only 1/2 of the communication. If all clients have PWR as -1 then it is likely that the driver doesn't support signal level reporting. A strong signal is around -40. An average one is around -55, and a weak one starts around -70. Wi-Fi adapters lower limit (aka receive sensitivity) is often around -80/-90.|
 |RXQ|Receive Quality as measured by the percentage of packets (management and data frames) successfully received over the last 10 seconds.  See note below for a more detailed explanation.|  |RXQ|Receive Quality as measured by the percentage of packets (management and data frames) successfully received over the last 10 seconds.  See note below for a more detailed explanation.| 
 |Beacons|Number of announcements packets sent by the AP. Each access point sends about ten beacons per second at the lowest rate (1M), so they can usually be picked up from very far.| |Beacons|Number of announcements packets sent by the AP. Each access point sends about ten beacons per second at the lowest rate (1M), so they can usually be picked up from very far.|
airodump-ng.1579997224.txt.gz · Last modified: 2020/01/26 01:07 by mister_x