Jump to content

DEauthing with aireplay-ng


WallE

Recommended Posts

Alright so I was trying to use aireplay to DEauth an AP unfortunately something is wrong.

I am using my wifi pineapple with an alfa awus036h connected to it. The wifi pineapple is plugged into the wall so there is no power issue. Here's what I did

root@Pineapple:~# airmon-ng start wlan1

root@Pineapple:~# airodump-ng -c 1 wlan1

root@Pineapple:~# aireplay-ng -0 0 -a 00:14:6C:7E:40:80 wlan1
19:49:24 Waiting for beacon frame (BSSID: 00:14:6C:7E:40:80) on channel 1
NB: this attack is more effective when targeting
a connected wireless client (-c <client's mac>).
19:49:24 Sending DeAuth to broadcast -- BSSID: [00:14:6C:7E:40:80]
19:49:25 Sending DeAuth to broadcast -- BSSID: [00:14:6C:7E:40:80]
19:49:25 Sending DeAuth to broadcast -- BSSID: [00:14:6C:7E:40:80]
19:49:26 Sending DeAuth to broadcast -- BSSID: [00:14:6C:7E:40:80]
19:49:26 Sending DeAuth to broadcast -- BSSID: [00:14:6C:7E:40:80]

And that goes on and on forever so I tough the job was done but when I connect to the AP I can still go on internet and surf at a normal speed...

Any tough?

PS: It's the first time I am DEauthing. So I was also wondering if it's possible to totally shutdown an AP (Invisible when you scan for AP)? or it will just disconnect people from it?

EDIT: I also tried



root@Pineapple:~# aireplay-ng -0 0 -a 00:14:6C:7E:40:80 -c 00:14:6C:7E:40:80 wlan1
19:56:10 Waiting for beacon frame (BSSID: 00:14:6C:7E:40:80) on channel 1
19:56:10 Sending 64 directed DeAuth. STMAC: [00:14:6C:7E:40:80] [166|166 ACKs]
And it's go on and on for that lane
19:56:10 Sending 64 directed DeAuth. STMAC: [00:14:6C:7E:40:80] [166|166 ACKs]

But I still can surf the web ....

Edited by WallE
Link to comment
Share on other sites

-a is the access point

-c should be the client

looks like your trying to deauth the AP with itself???

-c can either equal a client mac aa:bb:cc:dd:ee:ff or equal a broadcast ff:ff:ff:ff:ff:ff:ff do deauth all clients

Link to comment
Share on other sites

But the -c is to Deauth a specific user of the AP no?

If you don't put the -c command and just the -a command isn't supose to deauth all the AP user?

Like that command?

root@Pineapple:~# aireplay-ng -0 0 -a 00:14:6C:7E:40:80 wlan1

And I am not sure what is a -c broadcast

-c can be a command to deauth a particular user (client) or equal a broadcast ff:ff:ff:ff:ff:ff

but what is a broadcast ff:ff:ff:ff:ff:ff

Link to comment
Share on other sites

Well I tried to deauth a specific user and it's working like a charm. But this is not exactly what I want to do. So 2 questions here:

1. Is it possible to deauth every client connected to the AP or we can only jam one client at a time?

2. Is there a way to SHUTDOWN the AP, I want to find a way to not be able to see the AP anymore. Some kind of DDoS. How can I perform that?

Link to comment
Share on other sites

  • 2 weeks later...

Well I tried to deauth a specific user and it's working like a charm. But this is not exactly what I want to do. So 2 questions here:

1. Is it possible to deauth every client connected to the AP or we can only jam one client at a time?

2. Is there a way to SHUTDOWN the AP, I want to find a way to not be able to see the AP anymore. Some kind of DDoS. How can I perform that?

1. Yes, you can deauth every client, however you need a rule based script from what I understand. Like airdrop-ng (instructions). I have airdrop running in Kali on my laptop and am starting to get in on my Kali Raspberry Pi which is already connected to my Pineapple.

2. Shutdown the AP? Unplug it.. j/k. Depends on the AP. What I generally do is run reaver against the AP (if it's protected) get the PSK key. Then connect to the AP in client mode. Then I goto to the AP's config page and try the PSK password which, for me, works about 30-40 percent of the time, another 10 percent of the time it's the default or just "password". Otherwise I brute force in. Then I shut it down.

If it's open. Connect to it and try bruteforcing your way in. Remember to spoof your MAC address if you have to or at least change it every time you connect to not arise suspicion. yadda yadda yadda.

Some routers you can essentially shut down or jam. Do a quick search on google for those.

Remember, with great power comes great responsibility... Only do this on networks your authorized on. :/

Link to comment
Share on other sites

Ok, so here is my setup and works beautifully.

Pineapple MkIV: connected to Anker 10000 MaH battery. USB Powered 4 port hub, powered by the Elite battery.

Raspberry Pi running Kali: connected to POE port on Pineapple configured with 172.16.42.42 static. USB Wireless N adapter (Thumb type) connected to my iPhone's hotspot. Routing from hotspot through the pineapple using wp4.sh on the Pi. The Pi is powered by a second 10000 MaH battery.

USB Hub connected to the MKIV has a USB Drive (for modules, logs etc) and an Alfa AWUS036NH (more on this)...

The Alfa serves as my de-auth adapter. I use wifi jammer module(in the pineapple bar) I whitelist my iPhones hotspot and away it goes. Disconnects everyone in range and the Pineapple saying "HERE I AM" gladly advertises and everyone that was de-authed connects to my Pineapple. Works great!

Why the 3 batteries? Well glad you asked. Even though my two honking big batteries have more than 1 USB charge port they only offer 1A and 2.5A on both respectively. I use the 2.5A on the Pineapple and the Raspberry Pi. The USB hub doesn't stay powered with the 1A ports. I use the 5A elite battery for the USB hub. There you have it.

All fits great in my tablet man purse. Do I look like a pen-tester/Hacker with one of those? Hell no. <evil grin>

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...