Well,there can be situation where ->
- Your friendly neighbor is ruthlessly using your WiFi.
- Your roommate is downloading torrents and your game lags.
- Visitors show up and you don't want them to use your WiFi but as a social convention you just give them the password.
Or, you just wanna kick users off the network for fun.
In all the above situations you are tempted to perform a DOS attack on the WiFi network.
Who's Using My WiFi ?
There's an amazing app called Fing to see who's connected to your WiFi.Fing's IP network scanner discovers the connected devices on your network using superior device recognition techniques and tells you the IP, MAC address, device name, vendor, mobile of each connected client and performs other device analysis like NetBIOS, UPnP, SNMP and Bonjour names, properties and device types.
Step 1: Airmon-Ng
Open up a terminal and type
airmon-ng start wlan0
(Some times you might have to type airmon-ng check kill)
What you did is,you put your Wireless card into monitor mode so that it can monitor WiFi networks.The highlighted part monitor mode enabled on mon0 tells you the name of your wireless interface.It can be wlan0,wlan0mon or mon0 whatever that shows up,it's the name of your wireless interface.You won't be able to connect to WiFi as your wireless interface is in monitor mode.
Step 2: Airodump-Ng
In this step we lock our wireless card to monitor a specific WiFi.
Type
airodump-ng (name of your wireless interface)
In this case name of my wireless interface is wlan1mon.Next,you see the list of WiFi networks around you.Each WiFi network has a channel number and unique bssid(mac address of the router).To lock our wireless card to a specific WiFi type airodump-ng -c channel number -d bssid name of wireless interface
For example, to monitor BUCKYSWIFI we type airodump-ng -c 11 -d F0:7B:C8:5D:75:C2 wlan1mon
As you can see,our wireless card is monitoring a specific WiFi (BUCKYSWIFI)and a client is connected to that WiFi.The highlighted address can be mac address of mobile phone , PC, tab ,anything that is connected to the WiFi.Now we can see clients connected to any WiFi using the same approach.
So till now you can answer the question who's using my WiFi or who's connected to any other's WiFi network.
Step 3:Aireplay-Ng
Wi-Fi deauthentication attack is a type of denial-of-service attack that targets communication between a user and a Wi-Fi wireless access point(your router)
aireplay-ng -0 0 -a (bssid) -c (client's mac address) (name of the wireless inteface)
0 represents a deathentication attack where the number after -0 represents the number of deauth packets. In the image I have set it to 2000 packets but if you want to deauth continuously put a 0.Then -c is the client's mac address and -a is the bssid of the WiFi.
The deauthentication packets are sent directly from your PC to the clients. So you must be physically close enough to the clients for your wireless card transmissions to reach them.
It's Best Not to Give the Bad Guys a Chance.
Realistically, you cannot stop a bad guy from sending deauthentication packets.
Instead, you should focus on ensuring you are resilient to a deauth attack. Make sure your network is configured in a way that the deauth attack doesn't enable an attacker to compromise your network.
To do that, you need to make sure you are using WPA2. If you are using a pre-shared key, make sure the passphrase is very long and strong. If it is not already, change it immediately! If you are not using WPA2, fix that immediately!
Comments
No Comments Exist
Be the first, drop a comment!