Article on De-authentication attack
De-authentication attack is a type of DOS attack (Denial of Service) that targets the communication between the Access point and the client connected to it. It is a MAC layer attack-- belongs to the Data Link layer. In short this attack is also known as Deauth attack.
Enough Intro!!!...
Note:
The tests and procedures I explore should only be executed on your own system or on a system that you are charged with protecting. If ownership and responsibility lie with another party, be sure to get clear written instructions with explicit permission to conduct ethical hacking activities. Do not investigate individuals, websites, servers, or conduct any illegal activities on any system you do not have permission to analyze.
I am not liable for anything you do with this knowledge. It is purely presented for educational purposes only.
Deauth attack:
- Works on encrypted networks (WEP, WPA and WPA2)
- No need to know the network key (wifi password)
- No Need to connect to network
How does this work:
Hacker sends a deauth packet to the Access Point as the client and asks him to disconnect from the network. Access Point then sends the deauth packets directly to the client without any prior notice.
The client will be disconnected from the network.
Syntax:
aireplay-ng --deauth [#Deauthpackets] -a [APMac] -c [TargetMac] [Interface]
Explanation of syntax:
- -deauth is used to tell airplay-ng that we want to run a deauthentication attack and assign 100000 which is the number of packets so that it keeps sending a deauthentication packets to both the router and client and keep the client disconnected.
- -a is used to specify the MAC address of the router. 00:22:22:22:22:22 is the target access point.
- -c specifies the MAC address of the client. 00:11:22:33:44:55 is client's MAC address.
- wlan0 is the wireless adaptor in Monitor mode.
Pre Requisities:
1) A computer or mobile device that is capable of running Kali Linux or Parrot OS
2) Network adapter that supports the monitor mode
3) aireplay-ng (comes pre-installed on Kali Linux and Parrot OS)
If you wish to make the Deauth attack on a 5GHZ bandwidth then you need to have a network adapter that supports dualband wifi
Steps of Execution:
We successfully completed the execution of the deauth attack (disconnected a client from the network). Some parts of the execution are blurred due to security concerns.
Thank You ...
Keep it up ☺️