Simplest Command to Fetch SSIDs Around You

Today we will discuss how we can easily capture network SSIDs from the various devices around you.

This will help you find previously connected networks from various devices due to the fact that any wireless enabled device will keep looking for previously connected network after a certain period of time.

To keep it simple we will simply use 'tshark' the command line sequel for wireshark.

The first step is to put your wireless card in monitor mode-

airmon-ng start wlan0 

Next, issue the following command-

tshark -i mon0 -R wlan.fc.type_subtype==0x04 -T fields -E separator=- -e wlan.sa -e wlan_mgt.ssid

Lets understand this command, -i denotes the interface to capture packets from and since we have put our wireless card in monitor mode, we will use mon0.

-R denotes the filter to use, wlan.fc.type_subtype==0x04 denotes the 'Probe Request' packet which is used for seeking a network actively, by the device. we used Hex notation of probe packet that is 0x04. Next, to list only the information which we require rather than the entire packet we use -T fields. -E separator denotes the character separator between two fields. -e denotes the actual fields which we want to display.

Therefore, our command should display something like-

XX:XX:XX:XX:XX:XX-[Network Name]

 running this command will output something similar to the following-

This was a simple tutorial but i thought it will be helpful for few people who wants to get information about previously connected networks from certain devices.