How to DOS any WiFi network
Even though you don’t know the WiFi password you can kick anyone off the WiFi network.
This content is for educational purposes only.
Well,there can be situation where
- Your friendly neighbor is ruthlessly using your WiFi.
- Your roommate is downloading torrents and your game lags.
- Visitors show up and you don’t want them to use your WiFi but as a social convention you just give them the password.
Or, you just wanna kick users off the network for fun.
In all the above situations you are tempted to kick people off your or anyone’s WiFi network.
Who’s using my WiFi ?
There’s an amazing app called Fing to see who’s connected to your WiFi.Fing’s IP network scanner discovers the connected devices on your network using superior device recognition techniques and tells you the IP, MAC address, device name, vendor, mobile of each connected client and performs other device analysis like NetBIOS, UPnP, SNMP and Bonjour names, properties and device types.
While Fing app can only tell who’s connected to your WiFi, there’s a way where you can find out client connected to other’s WiFi through kali linux.
Step 1 : Airmon-Ng
Open up a terminal and type airmon-ng start wlan0 (Some times you might have to type airmon-ng check kill)
What you did is,you put your Wireless card into monitor mode so that it can monitor WiFi networks.The highlighted part monitor mode enabled on mon0 tells you the name of your wireless interface.It can be wlan0,wlan0mon or mon0 whatever that shows up,it’s the name of your wireless interface.You won’t be able to connect to WiFi as your wireless interface is in monitor mode.
Step 2 : Airodump-ng
In this step we lock our wireless card to monitor a specific WiFi.
Type airodump-ng [name of your wireless interface]
In this case name of my wireless interface is wlan1mon
Next,you see the list of WiFi networks around you.Each WiFi network has a channel number and unique bssid(mac address of the router).To lock our wireless card to a specific WiFi type airodump-ng -c [channel number] -d [bssid] [name of wireless interface]
For example, to monitor BUCKYSWIFI we type airodump-ng -c 11 -d F0:7B:C8:5D:75:C2 wlan1mon
As you can see,our wireless card is monitoring a specific WiFi (BUCKYSWIFI)and a client is connected to that WiFi.The highlighted address can be mac address of mobile phone , PC, tab ,anything that is connected to the WiFi.Now we can see clients connected to any WiFi using the same approach.
So till now you can answer the question who’s using my WiFi or who’s connected to any other’s WiFi network.
Let’s kick people off the WiFi network
Once you are aware of the mac address of the device you want to disconnect and the bssid(mac address of the router)of the WiFi that the device is connected to you can perform a deauthentication attack.
Step 3 : Aireplay-ng
Wi-Fi deauthentication attack is a type of denial-of-service attack that targets communication between a user and a Wi-Fi wireless access point(your router)
Type aireplay-ng -0 0 -a [bssid] -c[client’s mac address] [name of the wireless inteface]
0 represents a deathentication attack where the number after -0 represents the number of deauth packets ,In the image I have set it to 2000 packets but if you want to deauth continuously put a 0.Then -c is the client’s mac address and -a is the bssid of the WiFi.
The deauthentication packets are sent directly from your PC to the clients. So you must be physically close enough to the clients for your wireless card transmissions to reach them.
It’s best not to give the bad guys a chance.
Realistically, you cannot stop a bad guy from sending deauthentication packets.
Instead, you should focus on ensuring you are resilient to a deauth attack. Make sure your network is configured in a way that the deauth attack doesn’t enable an attacker to compromise your network.
To do that, you need to make sure you are using WPA2. If you are using a pre-shared key, make sure the passphrase is very long and strong. If it is not already, change it immediately! If you are not using WPA2, fix that immediately!
