被动扫描发现无线设备

OS    Ubuntu 11.04 

Tools Aircrack-ng

安装环境配置

sudo apt-get install aircrack-ng     #安装aircrack-ng工具包

ifconfig wlan0                       #查看无线网卡wlan0是否驱动正常

airmon-ng start wlan0                #开启wlan0虚拟接口mon0

airbase-ng -e FreeWifi -c 11 -v mon0 

# 通过虚拟网卡mon0开启SSID为FreeWifi的接入点，工作信道为11

00:29:26  Created tap interface at0

00:29:26  Trying to set MTU on at0 to 1500

00:29:26  Trying to set MTU on mon0 to 1800

00:29:27  Access Point with BSSID 48:02:2A:41:1D:8D started.

# 接收网卡为at0

00:29:46  Got broadcast probe request from 74:E5:0B:81:88:4E

00:29:46  Got broadcast probe request from 74:E5:0B:81:88:4E

00:29:51  Got broadcast probe request from 00:21:63:CC:6E:33

00:29:59  Got broadcast probe request from 74:E5:0B:81:88:4E

00:29:59  Got broadcast probe request from 74:E5:0B:81:88:4E

00:30:00  Got broadcast probe request from 74:E5:0B:81:88:4E

存在两个无线设备为 74:E5:0B:81:88:4E 00:21:63:CC:6E:33

 

原理通过开启虚拟AP，发送广播包，无线设备收到广播包会得以回应获取对端MAC地址，方便下一步渗透，攻击。

 

                                                                学习心态

 

本文出自 “小技术” 博客，转载请与作者联系！