Things to do with a monitor mode capable WiFi adapter

Wifi adapter with monitor mode:

Built-in wifi cards have monitor mode disabled by default. A wifi adapter that supports monitor mode is able to observe wireless traffic and capture packets even if they aren't directed at your device.

Set-up

Adapter

TP-Link AC600 also known as Archer T2U Plus

Kali

• Get a Kali Virtual box and set-up kali

• Open a terminal and type:

sudo apt update

If it doesn't work, use:

echo "deb http://http.kali.org/kali kali-last-snapshot main contrib non-free" | sudo tee /etc/apt/sources.list
sudo apt upgrade

Install the driver

The driver for Debian Based Linux Distros is on Github. Follow all the steps mention in the Readme.

Add adapter to usb drivers

• Plug in Archer T2U Plus

• If you're using Oracle's VM manager you can add usb drivers to the kali vm in settings

• Check if the adapter is recognized

lsusb
iwconfig

Start monitor mode

iwconfig
sudo airmon-ng check kill
sudo airmon-ng start wlan0
iwconfig

If monitor mode is enabled successfully, the terminal will look like this:

Kicking users off a wifi network

Youtube - Deauth attack on wifi user/s

Scan surrounding wifi networks and associated devices.

Send deauth packets to target device.

Finding the wifi network password

Youtube - Cracking WiFi WPA2 Handshake

The 4 way handshake can be seen in wireshark with the EAPOL filter.

The 2nd transaction has WPA key information which aireplay-ng will use.

References

1. How To Install Drivers T2U PLUS On Kali

2. Kali sources.list fix

3. TP-Link AC600 Driver

4. WiFi Wireless Security Tutorial - 7 - Deauthentication / Deauth Attacks

5. Cracking WiFi WPA2 Handshake