許多Mac OS X使用者對Mac缺乏複雜的網絡分析工具感到遺憾,這些工具在Linux系統上普遍存在。許多人不知道的是Mac OS X附帶了一個内置的指令行工具,可以對Wi-Fi網絡進行各種的操作,從資料包捕獲(流量監聽)到掃描附近網絡的信噪比。Airport是Apple 80211專用架構的一部分,該架構用于為Mac的Airport菜單欄圖示提供動力。
1.幫助檔案
在不帶參數的情況下調用實用程式會顯示一條有用的(如果不完整的)用法消息。在終端指令提示符下,鍵入:
/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport
内容如下,其中包括了各種參數和配置資訊
Usage: airport <interface> <verb> <options>
<interface>
If an interface is not specified, airport will use the first AirPort interface on the system.
<verb is one of the following:
prefs If specified with no key value pairs, displays a subset of AirPort preferences for
the specified interface.
Preferences may be configured using key=value syntax. Keys and possible values are specified below.
Boolean settings may be configured using 'YES' and 'NO'.
DisconnectOnLogout (Boolean)
JoinMode (String)
Automatic
Preferred
Ranked
Recent
Strongest
JoinModeFallback (String)
Prompt
JoinOpen
KeepLooking
DoNothing
RememberRecentNetworks (Boolean)
RequireAdmin (Boolean)
RequireAdminIBSS (Boolean)
RequireAdminNetworkChange (Boolean)
RequireAdminPowerToggle (Boolean)
WoWEnabled (Boolean)
logger Monitor the driver's logging facility.
sniff If a channel number is specified, airportd will attempt to configure the interface
to use that channel before it begins sniffing 802.11 frames. Captures files are saved to /tmp.
Requires super user privileges.
debug Enable debug logging. A debug log setting may be enabled by prefixing it with a '+', and disabled
by prefixing it with a '-'.
AirPort Userland Debug Flags
DriverDiscovery
DriverEvent
Info
SystemConfiguration
UserEvent
PreferredNetworks
AutoJoin
IPC
Scan
802.1x
Assoc
Keychain
RSNAuth
WoW
P2P
Roam
BTCoex
AllUserland - Enable/Disable all userland debug flags
AirPort Driver Common Flags
DriverInfo
DriverError
DriverWPA
DriverScan
AllDriver - Enable/Disable all driver debug flags
AirPort Driver Vendor Flags
VendorAssoc
VendorConnection
AllVendor - Enable/Disable all vendor debug flags
AirPort Global Flags
LogFile - Save all AirPort logs to /var/log/wifi.log
<options> is one of the following:
No options currently defined.
Examples:
Configuring preferences (requires admin privileges)
sudo airport en1 prefs JoinMode=Preferred RememberRecentNetworks=NO RequireAdmin=YES
Sniffing on channel 1:
airport en1 sniff 1
LEGACY COMMANDS:
Supported arguments:
-c[<arg>] --channel=[<arg>] Set arbitrary channel on the card
-z --disassociate Disassociate from any network
-I --getinfo Print current wireless status, e.g. signal info, BSSID, port type etc.
-s[<arg>] --scan=[<arg>] Perform a wireless broadcast scan.
Will perform a directed scan if the optional <arg> is provided
-x --xml Print info as XML
-P --psk Create PSK from specified pass phrase and SSID.
The following additional arguments must be specified with this command:
--password=<arg> Specify a WPA password
--ssid=<arg> Specify SSID when creating a PSK
-h --help Show this help
2.建立符号連結
首先為該實用程式建立一個符号連結(快捷方式),不必一直輸入該長路徑名:
sudo ln -s /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport / usr / bin / airport
3.顯示本機網絡資訊
顯示無線的目前狀态
airport -I
将提供有關目前無線連接配接的資訊。
$ airport -I
agrCtlRSSI: -64
agrExtRSSI: 0
agrCtlNoise: -91
agrExtNoise: 0
state: running
op mode: station
lastTxRate: 48
maxRate: 54
lastAssocStatus: 0
802.11 auth: open
link auth: wpa-psk
BSSID: 0:b:55:6:6f:2f
SSID: SSID
MCS: -1
channel: 1
4.顯示周邊網絡
列印計算機範圍内的Wi-Fi網絡清單,但是與Airport菜單欄項不同的是,此報告為顯示了一堆額外的精确資料,例如哪種加密協定(如果有) )正在網絡上使用:
airport en0 -s
内容如下:
SSID BSSID RSSI CHANNEL HT CC SECURITY (auth/unicast/group)
CU_liuguangkaiwifi c4:ff:1f:0e:9e:b8 -75 10 Y -- WPA2(PSK/AES/AES)
ChinaNet-kPU3 ec:f0:fe:4a:c4:18 -78 9 Y CN WPA(PSK/TKIP,AES/TKIP) WPA2(PSK/TKIP,AES/TKIP)
TP-LINK_6E35 fc:d7:33:26:6e:35 -71 6,-1 Y -- WPA(PSK/AES/AES) WPA2(PSK/AES/AES)
Ztt b0:6e:bf:e0:1d:70 -68 2 Y -- WPA2(PSK/AES/AES)
dua kor 04:cf:8c:d4:df:52 -78 3 Y CN WPA2(PSK/AES/AES)
- SSID:網絡名稱
- BSSID:對于網絡AP的MAC位址
- RSSI: 信号強度
- HT:802.11n高吞吐量(HT)模式,使用HT混合模式的裝置以舊802.11a / b / g方式和新802.11n方式傳輸。具體地,HT混合模式裝置發送傳統格式前同步碼,然後發送HT格式前同步碼。
- SECURITY:加密類型
5.過濾資訊
檢視哪些鄰居尚未從WEP更新,使用grep進行過濾:
airport en0 -s | grep WEP
6.關閉airport
執行下面指令将關閉airport,
airport -z
接着,執行下面的指令可以實作MAC位址僞裝 ,需要sudo才能執行此操作:
sudo ifconfig en0 lladdr 00:00:00:00:00:00:01
該工具最棒的是流量嗅探和捕獲資料包的能力。選擇通道,需要sudo才能執行此操作:
7.資訊捕獲
sudo airport en0 sniff 6
- en0 本機無線網卡名稱
- sniff 捕獲指令
- 捕獲通道
将在/ tmp目錄中建立一個名為airportSniffXXXXXX.cap的檔案,其中XXXXXX是唯一性字元串。然後,可以将此檔案輸入到網絡分析器中,例如Wireshark離線檢視流量或者通過Aircrack-Ng 實踐之WPA / WPA2 PSK進行分析或者密碼猜測。
![無線網絡安全--BackTrack 的U盤啟動盤制作[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)