Thursday, April 29, 2010

Use OS X Airport for wireless sniffing

Scan for networks:
/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport en1 scan

Sniff:
sudo /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport sniff

Create a symbolic link to the binary so you can easily execute it from your path if you wish.

Resultant sniff will dump the *.cap file in /tmp. Use aircrack-ng to crack the cap file now once you've captured enough IVs and/or handshake.
Posted by at
Labels: , ,

5 comments:

  1. CricketonastickSeptember 6, 2010 at 5:46 PM

    How do I go about stopping the sniffing and reconnect to an, albeit, crappy unprotected network? This is a really useful tool but I need to be able to turn it off so that I can get online. Thanks!

    ReplyDelete
  2. AnonymousSeptember 7, 2010 at 2:28 AM

    You can restart your computer. Sniffing mode will be off then

    ReplyDelete
  3. LiuOctober 27, 2010 at 8:22 PM

    Cricket - you can also command+c to cancel the sniffing. It takes some 10-20 seconds to stop. I believe you can also actively kill -9 the process.

    ReplyDelete
  4. AnonymousOctober 17, 2012 at 10:08 AM

    ps ax & kill-9 process id ,as Liuser said.

    ReplyDelete
  5. SDT IngenieriaApril 28, 2018 at 9:15 PM

    It doesn’t created the .cap file

    ReplyDelete

Subscribe to: Post Comments (Atom)