Feb/100
Wireless packet capture Airport Extreme
So when using tools like the aircrack-ng suite, it becomes necessary to have a packet capture of the traffic. The problem is that if you are doing this from a newer Macbook like mine, there are sometimes issues with putting the card in monitor mode. This can create a problem when trying to capture the beacon frames that are used in cracking wireless encryption.
One of the things that Apple doesn't tell you is they actually have a packet capture tool built right into OSX. The best thing is it will capture all of the AP traffic so that you can run the aircrack-ng suite against it.
It is pretty buried so the first thing we will do is create a sym link to the actual binary.
sudo ln -sf /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport /opt/local/bin
Now that we have a sym link in an area that is inside of the system path, all we have to do now is
sudo airport sniff
This will start creating a .cap file in /tmp. Once you are finished with the capture you have to Ctrl-C to exit, but you now have a shiny .cap file of all the traffic. Downside to using this tool, it doesn't give you any type of status or progress, so it's you best guess as to whether you have enough traffic for something like a IV reuse attack for WEP cracking.