Hackzzz - The Notebook

De-authentication

Intro

Denial of service attacks are necessary in most of your Wifi Pentest to capture the WPA Hanshake of the Access Point you're attacking. The most common way this sort of attack is done is with deauthentication packets.

What de-auth packets are?

These are a type of "management" frame responsible for disconnecting a device from an access point.
Forging these packets is the key to hacking Wi-Fi networks, as you can forcibly disconnect any client from the network at any time.
The ease of which this can be done is somewhat frightening and is often done as part of gathering a WPA handshake for cracking.

Conclusion

Aside from momentarily using this disconnection to harvest a handshake to crack, you can also just let those deauths keep coming, which has the effect of peppering the client with deauth packets seemingly from the network they are connected to.
Because these frames aren't encrypted, many programs take advantage of management frames by forging them and sending them to either one or all devices on a network.

Deauth attack using aireplay-ng:

aireplay-ng -0 0 -a '00:14:6C:7E:40:80' -c '00:0F:B5:34:30:30' wlan0mon

PreviousBasic Terminologies and Concepts NextDisassociation Packets

Last updated 1 year ago