Kali Linux

Using Airmon-ng in Kali Linux 2020.2

Airmon-ng is used to read all the packets of data even if they are not sent to us. It controls the traffic received only on the wired/wireless networks. Wi-Fi adapters are mainly used for connecting your device to the internet. Most laptops, tablets, and mobile phones have an inbuild Wi-Fi card. In a wireless environment, the data is transferred from the device to the internet in the form of packets by sending a request of a packet to the router. The router fetches that packet from the internet, and once it gets the webpage, it sends it back to your device in the form of packets. It controls all the traffic going to all the devices. Here, the airmon-ng tool comes into play that controls packets sent through ethernet or wifi card.

Uses

For an ethical hacker, it is used to capture all these packets to check if the router is vulnerable or not. It is also used to check if the network is vulnerable to any threat or not. It has all the crucial information on every device. It is further used for observing the widespread traffic.

If you have the wireless adapter that supports the monitor mode, then you can easily set the wireless interface.

Configure wireless cards to turn on monitor mode:

For this purpose, we will use the POSIX sh script specifically designed to carry out this function:

$ sudo airmon-ng --help

$usage: airmon-ng <start|stop|check> <interface> [channel or frequency]

See the interface’s status

To view the interface’s status, type the following command into the terminal:

$ sudo airmon-ng

Kill background processes

Use the following syntax to check if any program is running in the background

$ sudo airmon-ng check

You can also terminate any process that you think is interfering with airmon_ng or taking up memory using:

$ sudo airmon-ng check kill

How to enable Monitor Mode using Airmon-ng

If you have tried enabling monitor mode by using iw and failed, then the good idea is to try to enable monitor mode by using a different method.

The first step is to get the information about your wireless interface

$ sudo airmon-ng

Of course, you would like to kill any process that can interfere with using the adapter in monitor mode. To do that, you can use a program called airmon-ng or else use the following command.

$ sudo airmon-ng check

$ sudo airmon-ng check kill

Now we can enable the Monitor Mode without any interference.

$ sudo airmon-ng start wlan0

Wlan0mon is created.

$ sudo iwconfig

Now, you can use the following commands to disable the monitor mode and return to the managed mode.

$ sudo airmon-ng stop wlan0mon

Follow the command to restart the network manager.

$ sudo systemctl start NetworkManager

How to turn off the NetworkManager that prevents Monitor Mode

$ sudo systemctl stop NetworkManager

Conclusion

Enabling monitor mode is the best way of sniffing and spying. There are several ways to use airmon-ng, and the best way to use airmon-ng is to activate monitor mode with it. Every method does not work for every adapter. So, you can go for any method if your adapter does not behave as expected.

About the author

Younis Said

I am a freelancing software project developer, a software engineering graduate and a content writer. I love working with Linux and open-source software.