许多Mac OS X用户对Mac缺乏复杂的网络分析工具感到遗憾,这些工具在Linux系统上普遍存在。许多人不知道的是Mac OS X附带了一个内置的命令行工具,可以对Wi-Fi网络进行各种的操作,从数据包捕获(流量监听)到扫描附近网络的信噪比。Airport是Apple 80211专用框架的一部分,该框架用于为Mac的Airport菜单栏图标提供动力。
1.帮助文件
在不带参数的情况下调用实用程序会显示一条有用的(如果不完整的)用法消息。在终端命令提示符下,键入:
/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport
内容如下,其中包括了各种参数和配置信息
Usage: airport
If an interface is not specified, airport will use the first AirPort interface on the system.
prefs If specified with no key value pairs, displays a subset of AirPort preferences for the specified interface. Preferences may be configured using key=value syntax. Keys and possible values are specified below. Boolean settings may be configured using 'YES' and 'NO'. DisconnectOnLogout (Boolean) JoinMode (String) Automatic Preferred Ranked Recent Strongest JoinModeFallback (String) Prompt JoinOpen KeepLooking DoNothing RememberRecentNetworks (Boolean) RequireAdmin (Boolean) RequireAdminIBSS (Boolean) RequireAdminNetworkChange (Boolean) RequireAdminPowerToggle (Boolean) WoWEnabled (Boolean) logger Monitor the driver's logging facility. sniff If a channel number is specified, airportd will attempt to configure the interface to use that channel before it begins sniffing 802.11 frames. Captures files are saved to /tmp. Requires super user privileges. debug Enable debug logging. A debug log setting may be enabled by prefixing it with a '+', and disabled by prefixing it with a '-'. AirPort Userland Debug Flags DriverDiscovery DriverEvent Info SystemConfiguration UserEvent PreferredNetworks AutoJoin IPC Scan 802.1x Assoc Keychain RSNAuth WoW P2P Roam BTCoex AllUserland - Enable/Disable all userland debug flags AirPort Driver Common Flags DriverInfo DriverError DriverWPA DriverScan AllDriver - Enable/Disable all driver debug flags AirPort Driver Vendor Flags VendorAssoc VendorConnection AllVendor - Enable/Disable all vendor debug flags AirPort Global Flags LogFile - Save all AirPort logs to /var/log/wifi.log No options currently defined. Examples: Configuring preferences (requires admin privileges) sudo airport en1 prefs JoinMode=Preferred RememberRecentNetworks=NO RequireAdmin=YES Sniffing on channel 1: airport en1 sniff 1 LEGACY COMMANDS: Supported arguments: -c[ -z --disassociate Disassociate from any network -I --getinfo Print current wireless status, e.g. signal info, BSSID, port type etc. -s[ Will perform a directed scan if the optional -x --xml Print info as XML -P --psk Create PSK from specified pass phrase and SSID. The following additional arguments must be specified with this command: --password= --ssid= -h --help Show this help 2.创建符号链接 首先为该实用程序创建一个符号链接(快捷方式),不必一直输入该长路径名: sudo ln -s /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport / usr / bin / airport 3.显示本机网络信息 显示无线的当前状态 airport -I将提供有关当前无线连接的信息。 $ airport -I agrCtlRSSI: -64 agrExtRSSI: 0 agrCtlNoise: -91 agrExtNoise: 0 state: running op mode: station lastTxRate: 48 maxRate: 54 lastAssocStatus: 0 802.11 auth: open link auth: wpa-psk BSSID: 0:b:55:6:6f:2f SSID: SSID MCS: -1 channel: 1 4.显示周边网络 打印计算机范围内的Wi-Fi网络列表,但是与Airport菜单栏项不同的是,此报告为显示了一堆额外的精确数据,例如哪种加密协议(如果有) )正在网络上使用: airport en0 -s 内容如下: SSID BSSID RSSI CHANNEL HT CC SECURITY (auth/unicast/group) CU_liuguangkaiwifi c4:ff:1f:0e:9e:b8 -75 10 Y -- WPA2(PSK/AES/AES) ChinaNet-kPU3 ec:f0:fe:4a:c4:18 -78 9 Y CN WPA(PSK/TKIP,AES/TKIP) WPA2(PSK/TKIP,AES/TKIP) TP-LINK_6E35 fc:d7:33:26:6e:35 -71 6,-1 Y -- WPA(PSK/AES/AES) WPA2(PSK/AES/AES) Ztt b0:6e:bf:e0:1d:70 -68 2 Y -- WPA2(PSK/AES/AES) dua kor 04:cf:8c:d4:df:52 -78 3 Y CN WPA2(PSK/AES/AES) SSID:网络名称BSSID:对于网络AP的MAC地址RSSI: 信号强度HT:802.11n高吞吐量(HT)模式,使用HT混合模式的设备以旧802.11a / b / g方式和新802.11n方式传输。具体地,HT混合模式设备发送传统格式前同步码,然后发送HT格式前同步码。SECURITY:加密类型 5.过滤信息 查看哪些邻居尚未从WEP升级,使用grep进行过滤: airport en0 -s | grep WEP 6.关闭airport 执行下面命令将关闭airport, airport -z 接着,执行下面的命令可以实现MAC地址伪装 ,需要sudo才能执行此操作: sudo ifconfig en0 lladdr 00:00:00:00:00:00:01 该工具最棒的是流量嗅探和捕获数据包的能力。选择通道,需要sudo才能执行此操作: 7.信息捕获 sudo airport en0 sniff 6 en0 本机无线网卡名称sniff 捕获命令捕获通道 将在/ tmp目录中创建一个名为airportSniffXXXXXX.cap的文件,其中XXXXXX是唯一性字符串。然后,可以将此文件输入到网络分析器中,例如Wireshark离线查看流量或者通过Aircrack-Ng 实践之WPA / WPA2 PSK进行分析或者密码猜测。