0

I am trying to practice some packet sniffing on my virtual machine using tcpdump and writing it to a pcap file. I put wlan0 into monitor mode using these commands:

ifconfig wlan0 down iwconfig wlan0 mode Monitor ifconfig wlan0 up

I then used the command tcpdump -i wlan0 -s 1500 -v -w traffic.pcap to capture packets. However, it is saying that wlan0 has captured 0 packets. I am pretty sure this is cause all traffic is going through the eth0 interface, but I am not sure how to have the traffic go through the wlan0 interface as wlan0 can support monitor mode. Any help would be great thanks! Also I am running this on kali linux.

Improve this question
4
  • It is not clear what you are trying to achieve. If you want to sniff your own traffic you could sniff the eth0 interface and it's not a requirement to have the network interface in monitor mode.
    – Kate
    Commented Dec 31, 2019 at 23:48
  • Maybe you really haven't setup monitor mode and/or you're on a channel that has no activity? Did you study wiki.wireshark.org/CaptureSetup/WLAN
    – sawdust
    Commented Dec 31, 2019 at 23:49
  • I am trying to sniff all traffic on a wireless network. @Anonymous
    – Edward Wong
    Commented Jan 1, 2020 at 0:18
  • I have tried changing between channels 1,6, and 11 but still have got nothing, which shouldn't be the case especially since my wireless network is on channel 11, and I am pretty sure I have set up monitor mode because when I do iwconfig it states that my mode is in monitor. I'm not sure if the problem is because the networks around me are secure. @sawdust
    – Edward Wong
    Commented Jan 1, 2020 at 1:10

0

Reset to default

You must log in to answer this question.