11/6/2023 0 Comments Kali wireshark monitor modeWorth noting, I have the same issue here, when I do not disconnect my host machine first, even though it's using it's own WiFi adapter (i.e. When I put my adapter back into managed mode and join the network myself, capturing works fine (obviously, then just for my machine's traffic). When I use my other client and produce some traffic (constant pinging/ICMP, HTTPs traffic, etc.), it just doesn't show up / is not captured. The problem is: I'm only seeing broadcast traffic: ARP, some UDP broadcasts, MDNS, ICMP Router advertisments, etc. So I take another physical client and connect to the AP and can see the EAPOL packets being captured from then on I start seeing the decrypted traffic (my key is stored in Wireshark). I can see all kinds of management and control frames but not much more as my target network is encrypted. My host machine and also the kali vm are not connected to any network at this point. I'm now starting Wireshark and start capturing on wlan0mon. For testing purposes I also locked my AP on this channel. I'm now setting it to the channel of the AP I want to listen to: iwconfig wlan0mon channel 3 and I can verify that iwconfig now shows Frequency:2.422 GHz. Retry short limit:7 RTS thr:off Fragment thr:off Wlan0mon IEEE 802.11 Mode:Monitor Frequency:2.457 GHz Tx-Power=20 dBm (mac80211 station mode vif disabled for wlan0) (mac80211 monitor mode vif enabled for wlan0 on wlan0mon) Phy1 wlan0 ath9k_htc Qualcomm Atheros Communications AR9271 802.11n Here's how I put the adapter into monitoring mode: > airmon-ng check kill The adapter shows up in iwconfig as wlan0.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |