Local Mirror of
NOTE: The next generation of Aircrack, Aircrack-ng has far
superseded the functionality of the original; Aircrack-ng's project homepage can
be found here: http://www.aircrack-ng.org/doku.php
airodump is an 802.11 packet
capture program that is designed to "capture as much encrypted
traffic as possible...each WEP data packet has an associated
3-byte Initialization Vector (IV): after a sufficient number of data packets
have been collected, run aircrack on the resulting capture file. aircrack will
then perform a set of statistical attacks developed by
a talented hacker named KoreK."
As described above
airodump is primarily used to produce the capture files that then feed into
aircrack for WEP cracking.
First you will need to put the card into monitor mode on the desired channel,
airodump usage: airodump
[interface] [output file prefix] [channel no.] [IVs flag]
e.g. airodump eth1
testfile1 6 produced the in progress capture below:
Basics to be aware of from the above screen capture are:
BSSID = MAC address of the access point (but not always!)
Beacons = Number of captured beacon packets (of no use!)
# Data = Number of IVs captured so far (this is the all important figure!)
MB = Data Rate '48' mixed
mode in the above example. A '.' appears after the figures if the Data
Rate is dedicated e.g. '48.'
WEP = Network is configured as
Number of IVs required to break WEP
depends on the WEP key length
airodump wlan0 capture1 10 (Interface=wlan0,
airodump eth1 testfile 6 1 (Interface=eth1,
filename=testfile, channel=6, only captured IVs saved)
airodump ath0 alpha 0 (Interface=ath0, filename=alpha,
channel hopping mode)
An airodump capture with
produce the following output files .txt, .cap and .gps
The .txt file
BSSID and MAC addresses
No. of beacons captured
No. of IVs captured
The .cap file
contains the packet capture from your session. This is the file that is
input into aircrack for WEP cracking.
The .gps file
contains GPS related info if you have a GPS device enabled
Be aware of the modes of
your card and target network (802.11b or 802.11g). I have observed
Airodump capture only around 2,000 IVs an hour (on a busy network) when
the card is an 802.11b card and the network is working in 802.11g
mode. Be sure your card and the target network are using the same mode.
network we captured around 23,000 IVs a minute.
network we captured around 140,000 IVs a minute.