3

This might be a very simple question, but I couldn't find a good solution. When airodump-ng is running, if the list is too long, the bottom of the list will be cutoff to fit into the screen. In fact, most of the time I cannot see the STATION table at all, is there a way to see all the info while it's performing the scan? Or to only display the STATION table?

What I could think of is to run airodump-ng at background and write to a file, while at foreground I use tail to monitor the file, but this seems a bit over complicated. Are there any more manageable way? Thank you

Tim_Stewart
  • 5,884
  • 3
  • 11
  • 33
kdlsw
  • 55
  • 2
  • 6

4 Answers4

1

The easiest way is to use the bssid filter option in airodump-ng.

You may be able to change the columns and rows in the terminal that you are using. (Window sizing).

I always just found my pentest network, then CTRL + Z, copied the BSSID and used the "--bssid" argument.

airodump-ng -c 6 --bssid 11:22:33:44:55:66 -w targetdump wlan0mon

Depending on the OS that you are using changing the desktop resolution may help.

Tim_Stewart
  • 5,884
  • 3
  • 11
  • 33
  • Thanks for the reply, I understand the channel filter can be helpful, but sometime AP signals are still too many for the station table to display even in only 1 channel. And in the case, I'm more interested in the station table, wish to monitor stations across all channels, some are not associated with any bssid. – kdlsw Sep 21 '18 at 22:06
  • You usually only need a couple that are associated to an AP to use aireplay-ng. If you are just trying to monitor stations on a channel, you can use the airodump-ng gui. Or any of the other wireless site survey tools out there that **aren't** meant to attack stations or AP's but meant to document the capacity of a channel. **Netstumbler** would be a good example – Tim_Stewart Sep 21 '18 at 22:57
1

i know this is an old thread but if your using kali in gnome there is a zoom feature, thats the way i do it, just zoom out and expand the terminal window, yeah it can be a bit hard to see sometimes but you get the idea, zoom right out ctrl+c zoom back in and 'ta-da' scrollable results

SomethingWicked
  • 11
  • 2
1

If you simply press 'a' key when airodump is running it will toggle through the following options;

1: display ap+sta

2: display ap+sta+ack

3: display ap only

4: display sta only

Paddy Popeye
  • 111
  • 3
0

I had a similar question, but for a different purpose. Wanted to log all stations and their associated beacons. So I quick and dirty used regex and a pipe to log only station related lines to a file.

sudo airodump-ng wlan0mon | grep -E "^.*[\(\:].*....\:..\:..\:..\:...*$" > station_out.txt

The regex basically looks for either a paranthesis or a single colon, which would be present in the first MAC address (BSSID) or "(not associated)" string. Then the next is a full MAC for the station. With beginning and end line anchors around it.

This will do a raw dump and fill up a file quick. I am consuming the output and deduplicating it in another process.

Not sure if this was quite your use case, but my research for a station only output lead me here, and I needed the output to run headless, not interactively through terminal interaction at runtime.

Hopefully this help future viewers.

0xhughes
  • 135
  • 2
  • 2
  • 13