Kali‐RPI4 tcpdump

Jump to bottom

reubenajohnston edited this page Apr 18, 2025 · 2 revisions

Setup monitor mode on the RPI

Kill problematic services
```
$ sudo airmon-ng check kill
```
Stop NetworkManager
```
$ sudo systemctl stop NetworkManager
```
Set the Broadcom radio to monitor mode on the desired channel
```
$ sudo airmon-ng start wlan0 <CHANNEL>
```

Capture traffic via tcpdump

Note: make sure to save in /tmp (since we are using NFS mounted home directories there is a problem with sudo privileges accessing them)
Capture the traffic on the current (please note to save files on the /mnt/ramdisk partition)
```
$ sudo tcpdump -i wlan0mon -w /mnt/ramdisk/<FILENAME>.pcap
```