3

While I was reading the docs on deauth for aireplay, I found that the parameter -c 'mac addr' is used for deauth of a specific client if I am not wrong. But what I don't know is how to find the MAC address of clients on different networks? It's easier to find the MAC address on the same network but is there any tool or specific method for this? I am on latest Kali.

Anders
  • 64,406
  • 24
  • 178
  • 215
Spark
  • 43
  • 1
  • 1
  • 4

2 Answers2

2

1.First choose the Access Point:

airodump-ng wlan0mon

2. Retrieve client's MAC Address from the chosen Access Point:

airodump-ng -c 9 --bssid 00:14:6C:7E:40:80 -w psk ath0

Where:

-c 9 is the channel for the wireless network (channel 9) . It is important to note the channel of that AP so you must specify the same channel as the AP else it will display an error that the AP is on different channel

--bssid 00:14:6C:7E:40:80 is the access point MAC address. This eliminates extraneous traffic.

-w psk is the file name prefix for the file which will contain the IVs.

wlan0mon is the interface name which can be different for yours. You have to check first what is your wireless interface name after setting your card to monitor mode to avoid network interface name error.

The output of this command shows the BSSID which is the MAC Address of Access Point and the Station adjacent to it lists the client's MAC Address.

Source

defalt
  • 6,231
  • 2
  • 22
  • 37
  • But don't you have to be on the same network as the client for these to work? – schroeder Dec 26 '16 at 21:37
  • @schroeder That's why you need to specify **channel**. For packet injection you just have to be on the same channel as the victim else it will display an error that the **AP is on different channel** from where you are(*something like that*). – defalt Dec 27 '16 at 05:24
  • Ok, then can you expand this answer with some of those details? This answer assumes the reader has done this before. – schroeder Dec 27 '16 at 16:55
0

You just have to use airodump to find an access point which has station connected to it. Then, your goal is to deauthenticate station. So you use tu the mac adress that you found with airodump

Camille Gerin-Roze
  • 101
  • 1
  • So airodump will give me the clients mac address also? Can you tell me the parameters? – Spark Dec 26 '16 at 05:04
  • According to what you want to do, that can be very different. You can refer to this documentation https://www.aircrack-ng.org/doku.php?id=airodump-ng but for example you can use : airodump-ng -c 11 wlan0 To listen the channel 11 with the interface wlan0. After, you will be able to see mac adress of clients connected – Camille Gerin-Roze Dec 26 '16 at 15:10