Airmon-ng 介绍

Airmon-ng 是aircrack-ng包中的工具,用于启用和禁用监控模式无线接口,
它也可以被用来从监控模式回到管理模式,

作者:Thomas d’Otreppe, Original work: Christophe Devine
证书:GPLv2

工具来源
工具主页
Kali aircrack-ng Repo 仓库

airmon-ng 是POSIX脚本设计将无线网卡变成监控模式,

root@kali:~# airmon-ng --help

usage: airmon-ng <start|stop|check> <interface> [channel or frequency]

airmon-ng 用法示例

进入airmon-ng命令没有参数将显示状态的接口。

root@kali:~# airmon-ng

PHY Interface   Driver  Chipset
phy0   wlan0   ath9k_htc   Atheros Communications, Inc. AR9271 802.11n

进程可以干扰 Airmon-ng。使用检查选项显示,任何进程可能引起麻烦,检查选项,杀死进程。

root@kali:~# airmon-ng check

Found 3 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to run 'airmon-ng check kill'

   PID Name
   465 NetworkManager
   515 dhclient
  1321 wpa_supplicant

root@kali:~# airmon-ng check kill

Killing these processes:

   PID Name
   515 dhclient
  1321 wpa_supplicant

启用监控模式(start)在指定的无线接口(wlan0),固定在6频道。将会创建一个新接口(在我们的例子中wlan0mon),即接口名称需要在其他应用程序中使用。

root@kali:~# airmon-ng start wlan0 6

PHY Interface   Driver      Chipset

phy0   wlan0   ath9k_htc   Atheros Communications, Inc. AR9271 802.11n

  (mac80211 monitor mode vif enabled for [phy0]wlan0 on [phy0]wlan0mon)
  (mac80211 station mode vif disabled for [phy0]wlan0)

停止选项将破坏监控模式接口,无线接口回管理模式。

root@kali:~# airmon-ng stop wlan0mon

PHY Interface   Driver      Chipset

phy0  wlan0mon  ath9k_htc  Atheros Communications, Inc. AR9271 802.11n

        (mac80211 station mode vif enabled on [phy0]wlan0)
        (mac80211 monitor mode vif disabled for [phy0]wlan0mon)