Linux tools, Howtos


Tools Index


Wireless Commands


FC6 Build Howto


FC5 Build Howto


FC4 Build Howto


Live Linux Distros



Site Search







WIN32 tools, Howtos


Tools Index



Get Firefox!





Miscellaneous WI-FI


Default WI-FI Settings


Rogue AP Howtos


WI-FI Certifications


802.11 Standards




Formats / Extensions


WI-FI Home Security


Useful Links






Project Homepage: (OFFLINE)

Project Homepage: Local Mirror of Homepage  aircrack-2.41.tgz  MD5: 05A37C8A165EFB11EA226829C809DEB3

NOTE: The next generation of Aircrack, Aircrack-ng has far superseded the functionality of the original; Aircrack-ng's project homepage can be found here:


airodump is an 802.11 packet capture program that is designed to "capture as much encrypted traffic as possible...each WEP data packet has an associated 3-byte Initialization Vector (IV): after a sufficient number of data packets have been collected, run aircrack on the resulting capture file. aircrack will then perform a set of statistical attacks developed by a talented hacker named KoreK."

As described above airodump is primarily used to produce the capture files that then feed into aircrack for WEP cracking.


First you will need to put the card into monitor mode on the desired channel, see





airodump usage: airodump [interface] [output file prefix] [channel no.] [IVs flag]

  • The [channel no.] can be set to a single channel (1 thru 14) or set to 0 to hop between all channels


  • The [IVs flag] can be set to 1 to only save the captured IVs

e.g. airodump eth1 testfile1 6 produced the in progress capture below:

Basics to be aware of from the above screen capture are:

  • BSSID =  MAC address of the access point (but not always!)


  • Beacons = Number of captured beacon packets (of no use!)


  • # Data = Number of IVs captured so far (this is the all important figure!)


  • MB = Data Rate '48' mixed mode in the above example.  A '.' appears after the figures if the Data Rate is dedicated e.g. '48.'


  • WEP = Network is configured as WEP


  • Number of IVs required to break WEP depends on the WEP key length


    • Approximately 300.000 IVs for 40-bit WEP (AKA 64-bit WEP)


    • Approximately 1.000.000 IVs for 104-bit WEP (AKA 128-bit WEP)



airodump wlan0 capture1 10 (Interface=wlan0, filename=capture1, channel=10)

airodump eth1 testfile 6 1 (Interface=eth1, filename=testfile, channel=6, only captured IVs saved)

airodump ath0 alpha 0 (Interface=ath0, filename=alpha, channel hopping mode)



Output Files:


An airodump capture with produce the following output files .txt, .cap and .gps


The .txt file contains:

  • BSSID and MAC addresses


  • Time/Date info


  • Channel Info


  • Data rate


  • Encryption method


  • No. of beacons captured


  • No. of IVs captured


  • LAN IP




The .cap file contains the packet capture from your session.  This is the file that is input into aircrack for WEP cracking.


The .gps file contains GPS related info if you have a GPS device enabled





Be aware of the modes of your card and target network (802.11b or 802.11g).  I have observed Airodump capture only around 2,000 IVs an hour (on a busy network) when the card is an 802.11b card and the network is working in 802.11g mode.  Be sure your card and the target network are using the same mode.   


On a saturated 802.11b network we captured around 23,000 IVs a minute.


On a saturated 802.11g network we captured around 140,000 IVs a minute.


   Copyright 2010 All Rights Reserved.