Wifi Deauthentication Attack
Sends deauth
(deauthentication) packets to wifi network which results network outage for connected devices. Uses scapy
module to send deauth
packets.
Know more about Deauthentication Attack
Dependencies
- aircrack-ng.(I highly recommend to install latest version, from source to support more network drivers/cards.)
sudo apt-get install aircrack-ng -y
- scapy
sudo apt-get install python-scapy -y
How to run?
We can run in 2 ways:
-
sudo python deauth.py
It will automatically creates
mon0
withairmon-ng start wlan0
(it wont create, if already exists) and sniffs the wifi signal on that interface. After few seconds, it will displays theSSID
and itsMAC
to choose. -
sudo python deauth.py -m XX:YY:AA:XX:YY:AA
MAC address as command line argument. In this case, there is no need to sniff wifi.
What's new in version 3.1
- Daemonize the attack i.e performs attack in background
- Compatable to new
airmon-ng
version - Able to detect different wireless interface name(like
wlp13s0
) - Kill daemon option
- Now you can get wifi networks with
iwlist
tool (Relatively faster)
Usage
root@ghost:/opt/scripts#./deauth.py -h
usage: deauth.py [-h] [-d] [-c COUNT] [-m MAC] [-w] [-k] [-v]
Sends deauthentication packets to a wifi network which results network outage
for connected devices. [Coded by VEERENDRA KAKUMANU]
optional arguments:
-h, --help show this help message and exit
-d Run as daemon
-c COUNT Stops the monitoring after this count reachs. By default it is
2000
-m MAC Sends deauth packets to this network
-w Uses "iwlist" to get wifi hotspots list
-k Kills "Deauth Daemon" if it is running
-v show program's version number and exit
FAQ
-
What is the option-c
"COUNT"?It is a threshold value to stop the "monitoring". The access point or wifi hotspot trasmits beacon frames periodically to announce it's presence. The beacon frame contains all the information about the network. Now, the script looks for these beacons and makes count. If the count reachs the limit, it will stops the monitoring.
- If you think, the monoring is taking to much time? then specify the count with less number(Default is 2000), but it may not get all wifi hotspots near to you. Because you are listening only few beacons
-
What is the option-w
"Uses "iwlist" to get wifi hotspots list"?Script runs
iwlist wlan0 s
and gets wifi networks near to you -
What is the option-d
"Run as daemon"?Script runs in background while attacking. (Use option
-k
to kill)
Known Issues
- For some reasons, sometimes the script is not able to find all near wifi hotspots.(Use
-w
option) - If you try to attack on a wifi hotspot which is created by "Android" device, it won't work!.(May be it uses
802.11w
) - Don't run the script with
-w
continously twice or more, you may get below error. If this is the case, restartnetwork-manager
;sudo service network-manager restart
wlp13s0 Interface doesn't support scanning : Device or resource busy
Get it!
wget -qO deauth.py https://goo.gl/bnsV9C
How to avoid Deauthentication attack?
Use 802.11w
suppored routers. Know more about 802.11w and read cisco document
NOTE:
In order to work deauthentication attack successful, you should near to the target network. The deauth
packets should reach the connected devices of the target network(s)