Three ways to set wireless interface to Monitor mode and Managed mode
You can use the following command to set wireless interface to Monitor mode and Managed mode on any Linux distro. The only requirement is availability wireless adapter that supports monitor mode. This one is recommended.
1. How to enable monitor mode using iw
You should check whether the operating system is able to recognize your Wi-Fi card. In addition, you need to know the name of the wireless interface.
Get to know the wireless interface name:
1
| sudo iw dev |
Output:
1
2
3
4
5
6
7
| phy#0 Interface wlan0 ifindex 3 wdev 0x1 addr 3a:c9:39:0d:fc:1a type managed txpower 20.00 dBm |
As you can see, the name of my wireless interface is wlan0. In addition, you can see that it is in managed mode.
To set wireless interface to Monitor mode with iw you can use the following command sequence:
1
2
3
| sudo ip link set IFACE downsudo iw IFACE set monitor controlsudo ip link set IFACE up |
Where IFACE replace with actual name of your wireless interface. In may example:
1
2
3
| sudo ip link set wlan0 downsudo iw wlan0 set monitor controlsudo ip link set wlan0 up |
Then check the status of you wireless interface one more time:
1
2
3
4
5
6
7
8
9
| sudo iw devphy#0 Interface wlan0 ifindex 3 wdev 0x1 addr 16:30:78:80:a3:26 type monitor channel 1 (2412 MHz), width: 20 MHz (no HT), center1: 2412 MHz txpower 20.00 dBm |
As you can see, now type monitor. Note: the name of interface is not changed by this method.
To return wireless interface in Managed mode with iw you can use the following command sequence:
1
2
3
| sudo ip link set IFACE downsudo iw IFACE set type managedsudo ip link set IFACE up |
Where IFACE replace with actual name of your wireless interface. In may example:
1
2
3
| sudo ip link set wlan0 downsudo iw wlan0 set type managedsudo ip link set wlan0 up |
2. How to enable monitor mode using Airmon-ng
Again, we should get information about our wireless interface:
1
| sudo airmon-ng |
Output:
1
2
3
| PHY Interface Driver Chipsetphy0 wlan0 rt2800usb Ralink Technology, Corp. RT3572 |
The name of interface is wlan0.
Checking for interfering processes
Before putting a card into monitor mode, it will automatically check for interfering processes. It can also be done manually by running the following command:
1
| sudo airmon-ng check |
This command stops network managers then kill interfering processes left:
1
| sudo airmon-ng check kill |
At last, we start monitor mode:
1
2
3
4
5
6
7
8
9
| sudo airmon-ng start wlan0PHY Interface Driver Chipsetphy0 wlan0 rt2800usb Ralink Technology, Corp. RT3572 (mac80211 monitor mode vif enabled for [phy0]wlan0 on [phy0]wlan0mon) (mac80211 station mode vif disabled for [phy0]wlan0) |
As you can see, it created a monitor mode interface called wlan0mon.
1
2
3
4
5
6
7
8
| sudo iwconfigwlan0mon IEEE 802.11 Mode:Monitor Frequency:2.457 GHz Tx-Power=20 dBm Retry short limit:7 RTS thr:off Fragment thr:off Power Management:off lo no wireless extensions.eth0 no wireless extensions. |
Disable monitor mode
1
2
3
4
5
6
7
8
9
| sudo airmon-ng stop wlan0monPHY Interface Driver Chipsetphy0 wlan0mon rt2800usb Ralink Technology, Corp. RT3572 (mac80211 station mode vif enabled on [phy0]wlan0) (mac80211 monitor mode vif disabled for [phy0]wlan0mon) |
Don't forget to restart the Network Manager. It is usually done with the following command:
1
| sudo systemctl start NetworkManager |
3. How to enable monitor mode using iwconfig
As usual, start from checking interface name:
1
2
3
4
5
6
7
8
9
10
| sudo iwconfiglo no wireless extensions.eth0 no wireless extensions.wlan0 IEEE 802.11 ESSID:off/any Mode:Managed Access Point: Not-Associated Tx-Power=20 dBm Retry short limit:7 RTS thr:off Fragment thr:off Encryption key:off Power Management:off |
The network interface with wireless extension is called wlan0.
Enable monitor mode:
1
2
3
| sudo ifconfig IFACE downsudo iwconfig IFACE mode monitorsudo ifconfig IFACE up |
Actual example:
1
2
3
| sudo ifconfig wlan0 downsudo iwconfig wlan0 mode monitorsudo ifconfig wlan0 up |
Disable monitor mode:
1
2
3
| sudo ifconfig wlan0 downsudo iwconfig wlan0 mode managedsudo ifconfig wlan0 up |
NetworkManager prevents monitor mode
If NetworkManager restarts automatically after each kill, and it pretends monitor mode, you can stop it manually:
In Kali Linux, BlackArch, Ubuntu, Linux Mint:
1
| sudo systemctl stop NetworkManager |
Note: when you stop NetworkManager, your Internet access disappears!
No comments:
Post a Comment