So, I've been using my alfa awus051nh to play with various networks, cracking my WEP router at home, as well as finding a WEP wireless router at work during a recent audit, and cracking that one as well.

I began playing with my 5ghz wireless router at home, and wondered if it would be possible to crack it as well. I first had to set my Alfa to US wireless ranges, as the country code set on my Alfa "00" would not show my network (country code '00' is the default on this card)

My first attempt using airodump-ng gave me the following:

BSSID PWR Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID
00:22:6B:68:5D:19 -34 17549 0 0 -1 54e WPA2 CCMP PSK Office(5N)

Unfortunately, I could not use '-1' for the channel when filtering out my networks. So I had to use the '-C' and set the channel range to the 5ghz ranges, but whittling it down to the frequency was difficult. I ended up finding '5260 mhz', and that translated to 'channel 140', but that did not seem to work with airodump-ng, so I locked the frequency in (airodump-ng -C 5260-5260 --bssid 00:22:6B:68:5D:19 -w office5ghz wlan0mon)

It takes a few seconds for that to find the router, but it does find it. I took my phone and connected to the Office(5N) router. It's odd though, sometimes airodump-ng saw my phone (I recognized it by MAC), but fails to see my macbook pro, which I'm using on that network right now to send this post.

And even though it didn't see my phone or macbook all the time, I was able to capture packets being sent by it, and airodump-ng apparently caught the 4-way handshake my phone did at one point with the router.

*update* about 5 seconds ago, I switched back to my airodump-ng console to watch the progress, and it found 4 hosts... which I believe are my phone, macbook, and the extender AP, and 15 seconds later, they disappeared again... I don't know what the heck is going on...

Has anyone played around with sniffing 5ghz networks, and do they have any pointers or if there is a better application to use when sniffing these networks?