1
00:00:01,080 --> 00:00:05,780
From the previous lectures we learned the basics of how networks work.

2
00:00:06,240 --> 00:00:12,860
We learned that devices on the same network communicate with each other using packets.

3
00:00:13,240 --> 00:00:17,160
So regardless of what you do on the network, whether you're watching a video,

4
00:00:17,160 --> 00:00:22,220
whether you're logging into a website, sending chat messages, sending emails.

5
00:00:22,220 --> 00:00:26,960
Regardless of what you're doing, all the data is sent as packets.

6
00:00:27,920 --> 00:00:36,400
Now in the network, devices ensure that these packets go in the right direction using the MAC address.

7
00:00:36,820 --> 00:00:44,920
So each packet has a source MAC and a destination MAC and it flows from the source to the destination.

8
00:00:44,920 --> 00:00:49,800
So in this example, we have the client, it
has this MAC, we have the access point,

9
00:00:49,800 --> 00:00:56,500
which has this MAC and as an example if this client wanted to send a packet to the router,

10
00:00:56,500 --> 00:01:01,700
it will set the destination MAC to the routers MAC address.

11
00:01:02,340 --> 00:01:07,860
Therefore, by default each device only receives data

12
00:01:07,860 --> 00:01:13,460
that has the destination MAC as its own MAC address.

13
00:01:14,220 --> 00:01:17,800
But if you remember, I said in wireless networks,

14
00:01:17,860 --> 00:01:22,640
if you are within range, then you'll be able to capture all of this communication

15
00:01:22,640 --> 00:01:26,260
because these packets are literally sent
in the air.

16
00:01:26,260 --> 00:01:32,120
So we can just capture them, even if they do not have our MAC address as the destination MAC.

17
00:01:33,660 --> 00:01:38,780
To do this, we need to change the mode of operation of our wireless interface,

18
00:01:38,780 --> 00:01:42,800
so that it operates in monitor mode.

19
00:01:43,940 --> 00:01:45,520
So let me show you what I mean.

20
00:01:45,640 --> 00:01:51,040
If I go to 'my computer' here and run 'iwconfig' this time.

21
00:01:51,340 --> 00:01:54,880
So we see 'ifconfig', which lists all the interfaces.

22
00:01:55,260 --> 00:02:00,120
We can use 'iwconfig' to see the wireless interfaces only.

23
00:02:00,960 --> 00:02:05,900
And you can see we have LAN 0 right here, which is my external wireless adapter.

24
00:02:06,300 --> 00:02:11,560
And you can see the mode of this adapter is set to managed.

25
00:02:12,580 --> 00:02:18,700
What this means is basically this is the default mode of all wireless devices

26
00:02:18,700 --> 00:02:26,060
and what it means is, this device will only capture packets that has the destination MAC

27
00:02:26,060 --> 00:02:28,900
as the MAC address of this device.

28
00:02:28,900 --> 00:02:35,520
So basically it will only capture devices that are directed to my Kali machine.

29
00:02:36,680 --> 00:02:38,320
But this is not what we want.

30
00:02:38,560 --> 00:02:44,240
What we want is to be able to capture all the packets that are within our range.

31
00:02:44,340 --> 00:02:49,120
Even if they are sent to the router and even if they are set to another device.

32
00:02:50,120 --> 00:02:55,660
So to do this we need to set the mode to 'monitor mode' instead of 'managed mode'.

33
00:02:56,840 --> 00:03:02,640
So, as usual before you can change the options of your interface, you have to disable it

34
00:03:02,640 --> 00:03:06,500
and previously we've seen that we can do that by doing 'ifconfig',

35
00:03:06,500 --> 00:03:10,220
the device name, which is LAN 0 in my case, down.

36
00:03:11,720 --> 00:03:19,260
Then we can enable monitor mode, but before we do that, I'm actually going to run a command

37
00:03:19,260 --> 00:03:25,516
to kill any process that could interfere with using my interface in monitor mode.

38
00:03:26,500 --> 00:03:30,120
So the command that I'm going to run right now is not mandatory

39
00:03:30,120 --> 00:03:35,680
but running it will actually give you better results when you come to running the
attacks

40
00:03:35,680 --> 00:03:38,140
that you will learn as we go in the course.

41
00:03:38,920 --> 00:03:42,540
So this command is going to be 'airmon-ng check kill'.

42
00:03:44,760 --> 00:03:47,060
Now you'll notice when you're on this command,

43
00:03:47,060 --> 00:03:51,300
it will actually kill the network manager that usually runs in here.

44
00:03:51,640 --> 00:03:55,740
So you'll completely lose your internet connection.

45
00:03:56,100 --> 00:04:01,320
But this is no problem because we will only need to be in 'monitor mode'

46
00:04:01,480 --> 00:04:04,280
when we are running preconnection attacks.

47
00:04:04,500 --> 00:04:08,780
So attacks that do not require us to connect to any network.

48
00:04:08,780 --> 00:04:15,760
So we actually do not need internet connection to run any of the attacks that require monitor mode.

49
00:04:16,920 --> 00:04:22,600
Now we're going to enable monitor mode, so we're going to do 'iwconfig'

50
00:04:23,340 --> 00:04:29,040
followed by the interface name that we want to enable monitor mode on, which is LAN 0.

51
00:04:29,920 --> 00:04:35,440
We're going to say that I want to change the mode and I want to change that to monitor.

52
00:04:36,460 --> 00:04:41,880
So very very simple command, we're using 'iwconfig' to change the mode.

53
00:04:41,880 --> 00:04:45,920
We're given the name of the interface that we want to change its mode.

54
00:04:45,920 --> 00:04:50,980
We're saying I want to change the mode and I want to set it to monitor mode.

55
00:04:52,220 --> 00:04:56,260
Now if I had enter, you'll see the command will run with no errors

56
00:04:56,260 --> 00:05:03,160
which means the command got executed properly and finally we'll need to enable the interface again.

57
00:05:03,160 --> 00:05:06,160
Similar to what we did when we change the MAC address.

58
00:05:06,260 --> 00:05:10,400
So we just have to do 'ifconfig LAN 0 up'.

59
00:05:11,840 --> 00:05:12,860
That's done.

60
00:05:12,860 --> 00:05:15,920
Now if I run 'iwconfig' again,

61
00:05:16,860 --> 00:05:20,260
you will see that the mode is set to monitor now.

62
00:05:21,320 --> 00:05:29,600
So basically this interface now can be used to capture any packet that is within our range.

63
00:05:29,600 --> 00:05:33,880
Not only the packets that are directed to this computer.

64
00:05:35,000 --> 00:05:40,120
That's why in the future you'll see how we can use it to sniff packets, to analyze them

65
00:05:40,120 --> 00:05:42,400
and even break into networks.

66
00:05:44,040 --> 00:05:50,760
So, in the future if I say use your interface in monitor mode, this is what I mean.

67
00:05:50,760 --> 00:05:55,000
You'll basically have to enable monitor mode as shown in here.

68
00:05:56,260 --> 00:06:01,380
Now I've also included a YouTube video in the resources of this lecture,

69
00:06:01,380 --> 00:06:05,580
to show an alternative method to enable monitor mode.

70
00:06:05,880 --> 00:06:08,900
Just in case you got errors with this method

71
00:06:08,900 --> 00:06:13,760
or you try to follow something that I do in the next lectures and it didn't work.

72
00:06:13,760 --> 00:06:17,360
Then you can come back and try the alternative method.

73
00:06:17,680 --> 00:06:23,800
But if this worked and if monitor mode is enabled successfully, then you don't need to watch that video,

74
00:06:23,800 --> 00:06:25,780
you can just continue with the course.

75
00:06:27,020 --> 00:06:33,560
One more thing to keep in mind, not all wireless adapters support monitor mode.

76
00:06:33,720 --> 00:06:39,700
So for this to work, you need to make sure that your actual adapter supports monitor mode.

77
00:06:40,200 --> 00:06:42,960
There are a number of adapters that support that

78
00:06:42,960 --> 00:06:50,120
and I've included another video again in the resources of me talking about wireless adapters.

79
00:06:50,120 --> 00:06:51,740
How to pick the best one

80
00:06:51,740 --> 00:06:59,259
and which ones that I recommend and use when I'm testing the security of networks.