I am researching about the relatively well-known attack against wifi networks involving sending deauthentication packets. The wikipedia article indicates that this attack is performed by sending deauth packets to the AP pretending to be the client, causing any further data to be dropped until the client reauths. Many other sources that I have found (those using aireplay-ng) indicate that they are attacking the client with these deauth packets, not the AP. Which is correct? Are both methods valid attacks? Do I have some fundamental misunderstanding of what's happening here?
Asked
Active
Viewed 972 times
2 Answers
1
Here, you can find the answer to your question. Basically deauth attack uses both AP and Station (client) for a successful attack.
To further add to the answer and make it more specific, the attack can be done in two ways: -
1. Deauthenticating a specific station(s) -> In which a request is sent to the AP as well as to the station(s) to disconnect the station(s).
2. Deauthenticating all the stations -> A broadcast mechanism is used.
Hope this helps!
0
This attack target the AP network. You spoof the BSSID or ESSID of the AP and you send deauth packet to the client. I recommand you this article to understand each step of the attack.