User Tools

Site Tools


airodump-ng

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
airodump-ng [2019/08/17 23:06]
mister_x [What's the meaning of the fields displayed by airodump-ng ?] Improving fields
airodump-ng [2020/01/26 01:07]
mister_x Updated options
Line 15: Line 15:
       --gpsd ​               : Use GPSd       --gpsd ​               : Use GPSd
       --write ​     <​prefix>​ : Dump file prefix       --write ​     <​prefix>​ : Dump file prefix
-      -w                    : same as --write+      -w                    : same as --write ​
       --beacons ​            : Record all beacons in dump file       --beacons ​            : Record all beacons in dump file
       --update ​      <​secs>​ : Display update delay in seconds       --update ​      <​secs>​ : Display update delay in seconds
Line 25: Line 25:
                               are received (Default: 120 seconds)                               are received (Default: 120 seconds)
       -r             <​file>​ : Read packets from that file       -r             <​file>​ : Read packets from that file
 +      -T                    : While reading packets from a file,
 +                              simulate the arrival rate of them
 +                              as if they were "​live"​.
       -x            <​msecs>​ : Active Scanning Simulation       -x            <​msecs>​ : Active Scanning Simulation
       --manufacturer ​       : Display manufacturer from IEEE OUI list       --manufacturer ​       : Display manufacturer from IEEE OUI list
Line 32: Line 35:
                   <​formats>​ : Output format. Possible values:                   <​formats>​ : Output format. Possible values:
                               pcap, ivs, csv, gps, kismet, netxml, logcsv                               pcap, ivs, csv, gps, kismet, netxml, logcsv
-                              Short format "​-o"​ 
-                              The option can be specified multiple times. ​ In this case, each file format 
-                              specified will be output. ​ Only ivs or pcap can be used, not both.  ​ 
       --ignore-negative-one : Removes the message that says       --ignore-negative-one : Removes the message that says
                               fixed channel <​interface>:​ -1                               fixed channel <​interface>:​ -1
       --write-interval       --write-interval
                   <​seconds>​ : Output file(s) write interval in seconds                   <​seconds>​ : Output file(s) write interval in seconds
 +      --background <​enable>​ : Override background detection.
 +      -n              <int> : Minimum AP packets recv'd before
 +                              for displaying it
  
   Filter options:   Filter options:
Line 83: Line 86:
    ​00:​14:​6C:​7E:​40:​80 ​  32 100      752       ​73 ​   2   ​9 ​ 54   ​WPA ​ TKIP   ​PSK ​ teddy                                 ​00:​14:​6C:​7E:​40:​80 ​  32 100      752       ​73 ​   2   ​9 ​ 54   ​WPA ​ TKIP   ​PSK ​ teddy                             
                                                                                                               ​                                                                                                               ​
-   ​BSSID ​             STATION ​           PWR   ​Rate ​  ​Lost ​ Packets ​ Probes+   ​BSSID ​             STATION ​           PWR   ​Rate ​  ​Lost ​ Packets ​ ​Notes ​ ​Probes
                                   ​                                   ​
    ​00:​14:​6C:​7A:​41:​81 ​ 00:​0F:​B5:​32:​31:​31 ​  ​51 ​  ​36-24 ​   2       14    ​00:​14:​6C:​7A:​41:​81 ​ 00:​0F:​B5:​32:​31:​31 ​  ​51 ​  ​36-24 ​   2       14
-   (not associated) ​  ​00:​14:​A4:​3F:​8D:​13 ​  ​19 ​   0-0     ​0 ​       4    mossy +   (not associated) ​  ​00:​14:​A4:​3F:​8D:​13 ​  ​19 ​   0-0     ​0 ​       4           ​mossy 
    ​00:​14:​6C:​7A:​41:​81 ​ 00:​0C:​41:​52:​D1:​D1 ​  ​-1 ​  ​36-36 ​   0        5    ​00:​14:​6C:​7A:​41:​81 ​ 00:​0C:​41:​52:​D1:​D1 ​  ​-1 ​  ​36-36 ​   0        5
-   ​00:​14:​6C:​7E:​40:​80 ​ 00:​0F:​B5:​FD:​FB:​C2 ​  ​35 ​  ​54-54 ​   0       ​99 ​   teddy+   ​00:​14:​6C:​7E:​40:​80 ​ 00:​0F:​B5:​FD:​FB:​C2 ​  ​35 ​  ​54-54 ​   0       ​99 ​          ​teddy
  
 The first line shows the current channel, elapsed running time, current date and optionally if a WPA/WPA2 handshake was detected. ​ In the example above, "WPA handshake: 00:​14:​6C:​7E:​40:​80"​ indicates that a WPA/WPA2 handshake was successfully captured for the BSSID. The first line shows the current channel, elapsed running time, current date and optionally if a WPA/WPA2 handshake was detected. ​ In the example above, "WPA handshake: 00:​14:​6C:​7E:​40:​80"​ indicates that a WPA/WPA2 handshake was successfully captured for the BSSID.
Line 116: Line 119:
 |Lost|The number of data packets lost over the last 10 seconds based on the sequence number. ​ See note below for a more detailed explanation.| |Lost|The number of data packets lost over the last 10 seconds based on the sequence number. ​ See note below for a more detailed explanation.|
 |Packets|The number of data packets sent by the client.| |Packets|The number of data packets sent by the client.|
 +|Notes|Additional information about the client, such as captured EAPOL or PMKID.|
 |Probes|The ESSIDs probed by the client. ​ These are the networks the client is trying to connect to if it is not currently connected. ​ | |Probes|The ESSIDs probed by the client. ​ These are the networks the client is trying to connect to if it is not currently connected. ​ |
  
airodump-ng.txt ยท Last modified: 2020/01/26 01:07 by mister_x