Deauthentication Attack

November 07, 2020

Disconnects any client from any network.
  • Works on encrypted networks (WEP, WPA, WPA2)
  • No need to know the network key/password/passphrase.
  • No need to connect to the network.
You can find a detailed explanation for Deauth Attacks here Concept of De-authentication Attack.

    Requirements:

    • Need Kali Linux installed as a host or as a virtual machine. We generally use Kali Linux as a Virtual Machine. Check this link for how to Install Kali Linux in Virtual Machine.
    • Get the MAC Address/BSSID for the router/access point. Check the section How to scan nearby wireless networks of the post Wireless Network Sniffing.
    • If want to attack a person get the MAC Address/BSSID of the target. Check the section How to scan a specific network of the post Wireless Network Sniffing to get the MAC of a particular person.
    • Wireless Adapter which supports Monitor Mode. We are using ALPHA AWUS036NHA which has an Atheros AR9271 chipset.
    • Your wireless adapter should be in Monitor Mode. Check this link for how to Enable Monitor Mode for Wireless Adapter.
    • It's good practice to change your MAC Address before scanning. Check this link for how to Change MAC Address in Kali Linux.

    Deauth Attacks

    How to deauth everyone from a network

    In the terminal, type:
    • Syntax
    aireplay --deauth <no._of_packets> -a <AP_MAC> <adapter_name> 
      • --deauth: to tell it's a de-authentication attack. Instead of --deauth you can type -0.
      • <no._of_packets>: specifies how many numbers of packets you want to send for deauth. 0 (Zero) means infinite or send packet continuously.
      • -a: is an option where you need to specify Target's router MAC Address.
      • <adpater_name>: type the adapter which is in monitor mode.
      • Example: 
              aireplay --deauth 0 -a e2:33:44:55:66:77 wlan0
        • Sending infinite packets to the router's mac address (e2:33:44:55:66:77) using the wireless adapter (wlan0) which is in monitor mode.

        How to deauth specific devices from a network

        In the terminal, type:
        • Syntax: 
        aireplay -0 <no._of_packets> -a <AP_MAC> -c <target's_mac> <adapter_name>
          • -0: is the short version of writing --deauth.
          • -c: is an option where you need to specify Target's Device's MAC Address.
          • Example: 
          aireplay -0 0 -a e2:33:44:55:66:77 -c e2:22:33:44:55:66 wlan0  
            • Sending infinite packets to Target's Device (e2:22:33:44:55:66) which is connected to the router (e2:33:44:55:66:77) using the wireless adapter (wlan0) which is in monitor mode.

            Video Tutorial 


            We hope this helps. If any suggestions or doubts you can add a comment and we will reply as soon as possible.
            , ,

            No comments:

            Post a Comment

            Subscribe to: Post Comments (Atom)