airdecloak-ng
Remove WPA/WPA2 cloaked clients' MAC addresses
SYNOPSIS
airdecloak-ng options capture_file.cap
PARAMETERS
-h
Shows the help screen.
capture_file.cap
The capture file (e.g., .cap or .pcap) to read from. This is usually a file created by airodump-ng.
DESCRIPTION
airdecloak-ng is a tool part of the Aircrack-ng suite used to detect cloaked or hidden wireless networks. Hidden networks do not broadcast their SSID (Service Set Identifier). airdecloak-ng passively sniffs wireless traffic and attempts to determine the SSID of these hidden networks by analyzing probe requests and other 802.11 management frames.
It works by capturing packets from the air and analyzing them to find probe requests and other frames that might contain the hidden SSID. If a client station attempts to connect to a hidden network, it will broadcast the SSID in its probe requests. airdecloak-ng listens for these requests and displays the SSID of the hidden network.
The tool can also display other information about the network, such as the BSSID (Basic Service Set Identifier) and the encryption type. The tool is designed to work with a wireless network adapter in monitor mode.
CAVEATS
airdecloak-ng's success depends on client devices actively probing for the hidden network. If no devices are probing, the SSID cannot be revealed. The tool also requires a capture file containing sufficient 802.11 management frames.
USAGE EXAMPLE
A typical usage would be:
airodump-ng wlan0 (to capture the traffic)
airdecloak-ng capture_file.cap (analyze the capture file created by airodump-ng)
HISTORY
airdecloak-ng is part of the Aircrack-ng suite, a well-established collection of tools for auditing wireless network security. Its development has been ongoing within the Aircrack-ng project, evolving to adapt to changes in wireless protocols and security practices. It is a frequently used tool for network penetration testing and security audits.
SEE ALSO
airodump-ng(1), aircrack-ng(1), airmon-ng(8)