LabEx
Log InJoin Free

Perform an Initial Wi-Fi Network Scan with Fluxion

Beginner
Practice Now

Introduction

Welcome to this hands-on lab on performing a Wi-Fi network scan with Fluxion. Fluxion is a powerful and popular tool used for security auditing and social-engineering attacks on wireless networks. Before any advanced operations can be performed, the first essential step is to discover the available networks in your vicinity.

In this lab, you will learn the fundamental process of launching Fluxion, selecting a wireless interface, and initiating a scan to identify nearby Wi-Fi networks. We will be working in a simulated environment that includes a virtual wireless adapter, allowing you to practice these steps safely and effectively. By the end of this lab, you will be comfortable with the initial network discovery phase using Fluxion.

Start Fluxion and Select Your Wireless Adapter

In this step, you will start the Fluxion script and select the wireless network adapter you want to use for scanning. The setup process for this lab has already cloned the Fluxion repository into the ~/project/fluxion directory and created a virtual wireless adapter named wlan0.

First, navigate into the fluxion directory:

cd ~/project/fluxion

Next, execute the Fluxion script with sudo privileges. sudo is required because network scanning and adapter manipulation require root access.

sudo ./fluxion.sh

Upon starting, Fluxion will first ask you to select a language. The default is English, so you can just press Enter. After that, it will detect available wireless adapters. You should see your virtual adapter, wlan0, listed with a number next to it.

[#] Select your language
[1] English
...
[*] Please select your language [1-14]: 1

[*] Searching for wireless interfaces...
[#] Available wireless interfaces
[1] wlan0 (phy0)
[*] Select an interface (1-1) [1]:

Type the number corresponding to wlan0 (which is 1 in this case) and press Enter to select it.

Choose the 'Scan for networks' Option

After you select a wireless adapter, Fluxion will present its main menu. This menu lists all the major attack vectors and tools available within the script. For this lab, our goal is simply to scan for networks, which is the first and most fundamental option.

You will see a menu similar to the following:

[#] FLUXION V6 - Main Menu
[1] Scan for networks
[2] Captive Portal
...
[99] Exit
[*] Select an option (1-11) [1]:

The option Scan for networks is what we need. This will put your selected wireless adapter into monitor mode and start searching for Wi-Fi signals.

To proceed, type 1 and press Enter.

Select a Specific Wi-Fi Band to Scan (2.4GHz or 5GHz)

Once you've chosen to scan for networks, Fluxion will ask you which frequency band you want to scan. Modern Wi-Fi operates on two main bands: 2.4GHz and 5GHz.

  • 2.4GHz: Offers longer range but is more susceptible to interference and generally has lower speeds.
  • 5GHz: Offers higher speeds and less interference but has a shorter range.

For general-purpose scanning, the 2.4GHz band is often chosen first as it is more common and its signals travel further. Fluxion will present you with the choice:

[#] Select the WiFi band to scan
[1] 2.4GHz
[2] 5GHz
[3] Both
[*] Select an option (1-3) [1]:

For this lab, let's focus on the 2.4GHz band. Type 1 and press Enter to begin the scan.

Analyze the List of Discovered Networks

After selecting the band, Fluxion will immediately start scanning. A new window or section in your terminal will appear, displaying a list of all the Wi-Fi networks it discovers in real-time.

The output will look something like this, continuously updating:

CH 1 ][ Elapsed: 5 s ][ 2023-10-27 10:30

 BSSID              PWR  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID

 XX:XX:XX:XX:XX:A1  -45       10        0    0   1  54e  WPA2 CCMP   PSK  Example-Net-1
 XX:XX:XX:XX:XX:B2  -60        8        0    0   6  54e  WPA2 CCMP   PSK  MyHomeWiFi
 XX:XX:XX:XX:XX:C3  -75        3        0    0  11  54e  OPN              Free-Public-WiFi

Let's break down the key columns:

  • BSSID: The MAC address of the access point (the router).
  • PWR: The signal strength. A smaller negative number (e.g., -45) means a stronger signal.
  • CH: The channel the network is operating on.
  • ENC: The encryption type (e.g., WPA2, WEP, OPN for open).
  • ESSID: The public name of the Wi-Fi network (what you see on your phone or laptop).

Take a moment to observe this screen. This information is critical for deciding which network to target in a real security assessment. For now, just watch as Fluxion populates the list.

Stop the Scan by Pressing Ctrl+C

The network scanner will run indefinitely until you manually stop it. This allows you to capture information over a period of time, as networks may not broadcast their presence constantly.

To stop the scanning process, press the Ctrl+C key combination in your terminal.

When you press Ctrl+C, the scanner will halt, and Fluxion will display a static list of the networks it found. It will then prompt you to select a target from this list.

...
[*] Select a target (1-3), or rescan (r)

Since the goal of this lab is only to perform the initial scan, we will not proceed with selecting a target. To exit Fluxion completely and return to your regular command prompt, press Ctrl+C a second time. This will terminate the Fluxion script.

You should now be back at the ~/project/fluxion directory prompt.

Summary

In this lab, you successfully performed a basic Wi-Fi network scan using Fluxion. You have learned how to:

  • Navigate to the Fluxion directory and launch the script.
  • Select a wireless adapter for use with Fluxion.
  • Choose the main option to scan for networks.
  • Specify a frequency band (2.4GHz) for the scan.
  • Analyze the real-time output of discovered networks.
  • Stop the scanner and exit the Fluxion tool.

This initial reconnaissance is a fundamental and mandatory first step in any wireless network security assessment. You are now equipped with the basic knowledge to begin exploring the wireless landscape around you with one of the most recognized tools in the field.