How to Disconnect any one from any Wi-Fi network

What is a Deauth Attack ?

Deauthentication attack  is a type of denial of service attack that targets communication between a user ( or all users ) and a Wi-Fi access point. This attack sends disassociate packets to one or more clients which are currently associated with a particular access point.

In the above show picture you can see that a hacker performs  a deauthentication attack to disconnect the user from the internet.This is how a deauthentication attack works.

Now let's learn how to do this in the real life, you need a Kali Linux OS  and a wireless Wi-Fi adapter , and that's it now you can disconnect any one from any Wi-Fi network.  

wireless Wi-fi adapters (chip sets supported by Kali Linux )that supports monitor mode are as shown below  : 

 Atheros AR9271.  

here are the links to buy it. 

https://www.amazon.in/AWUS036NEH-Range-WIRELESS-802-11b-USBAdapter/dp/B0035OCVO6/ref=as_sl_pc_tf_til?tag=mywebsit20007-21&linkCode=w00&linkId=51af5f33316c3bee5f47e4eb5963be90&creativeASIN=B0035OCVO6

https://www.amazon.in/Adapter-Internet-Wireless-Supports-10-4-10-11-4/dp/B07PT6QR47/ref=as_sl_pc_tf_til?tag=mywebsit20007-21&linkCode=w00&linkId=9040294ed5bfc6bf9fefe1602c5df20f&creativeASIN=B07PT6QR47 

https://www.amazon.in/Leoxsys-LEO-HG150N-150Mbps-Wireless-External/dp/B00IWT1JA6/ref=as_sl_pc_tf_til?tag=mywebsit20007-21&linkCode=w00&linkId=8be55e1b65d442256c946af7da82f129&creativeASIN=B00IWT1JA6

https://www.amazon.in/Alfa-AWUS036NHA-150Mbps-Wireless-Adaptor/dp/B004Y6MIXS/ref=as_sl_pc_tf_til?tag=mywebsit20007-21&linkCode=w00&linkId=b176f0753904db6320f9789e1a35c5f8&creativeASIN=B004Y6MIXS

Description

This attack sends disassocate packets to one or more clients which are currently associated with a particular access point. Disassociating clients can be done for a number of reasons:

• Recovering a hidden ESSID. This is an ESSID which is not being broadcast. Another term for this is “cloaked”.
• Capturing WPA/WPA2 handshakes by forcing clients to reauthenticate
• Generate ARP requests (Windows clients sometimes flush their ARP cache when disconnected)

Of course, this attack is totally useless if there are no associated wireless client or on fake authentications. 

Now follow the steps 

Step 1 : 

• Open the terminal 
• Type in the command ifconfig to see the interface which your using(The one your using has the ip address ) as shown below in the image.

• Here you can see that wlan0 has the IP address( inet )
• Now you need  to put into monitor mode in order to see the networks around you. 
• In order to put the wlan0 in the monitor mode you need to use the command iwconfig  wlan0 mode monitor these command will change the managed mode to monitor mode as show in the image below.

  Step 2 : 

     

• Now you need to run the command airodump-ng wlan0 to see the Wi-Fi networks around you .
• Now from that you can select the Wi-fi network of your choice and note the BSSID , ESSID and channel( CH ) which we need in future to run deauth attack .( BSSID , ESSID AND Channel are shown in the image )

     

Step 3 : 

     

• After selecting the essid( wifi network )  . You need to see the devices connected to that network. 
• To see the connected devices you need run the command airodump-ng  --bssid  00:14:6C:7E:40:80 --channel 2 --write root/Desktop/wifi 
• This will capture the data of the network in the file wifi.  

  step 4:   

• After capturing the data of the network you need to check for  device  you want to disconnect from the the network.
• This can be done by the wireshark (tool used to monitor the network)
• open the terminal and type in wireshark to open the graphical interface of the wireshark   
• After opening the wireshark . Select the file at top(left corner) and click open ,navigate to the wifi(root/desktop/wifi). and select  .cap file and open it .
• In it you can see the names of the devices and more about device.  
• From that search for the device you are looking for and note the mac_address of the device. 
• now your ready to perform the deauth attack. 

step 5 :  

• now use the command aireplay-ng -0 100 -a  bssid of the network -c mac_address of the target  interface(wlan0)   
• The usage of the command is shown below. 

Usage

 aireplay-ng -0 1 -a 00:14:6C:7E:40:80 -c 00:0F:B5:34:30:30 eth0

Where:

• -0 means deauthentication
• 1 is the number of deauth packets  to send (you can send multiple if you wish); 0 means send them continuously
• -a 00:14:6C:7E:40:80 is the MAC address of the access point
• -c 00:0F:B5:34:30:30 is the MAC address of the client to deauthenticate; if this is omitted then all clients are deauthenticated
• eth0 is the interface name 

THANK YOU FOR READING MY BLOG : ) 

SOON I WILL INCLUDE A LINK FOR  A VIDEO ABOUT THE DEAUTH ATTACK

DO COMMENT BELOW IF U HAVE ANY PROBLEM.