1

I am using Kali linux. I've updated all tools and services by apt-get update and apt-get upgrade. I was using aircrack-ng for pentesting my wlan network. I wanted to deauth any device connected to my mobile hotspot using aireplay-ng. syntax was correct and it started running, but, no device is being disconnected from my mobile hotspot. I used airmon-ng start wlan0 to initiate my wlan for aircrack-ng. Then, airodump-ng wlan0mon to list all the networks in its vicinity. I used airodump-ng -c [channel of router] --bssid [bssid of router] wlan0mon to show the details of devices connected to that router. Then, I used aireplay-ng --deauth 0 60 -a [bssid of router] wlan0mon to disconnect all the devices connected to that router. It repeated "Sending deAuth to broadcast - - BSSID [bssid of router]" the same line for 60 times, but not even a single device got disconnected from the hotspot. I even tried to deauth a specific device form router by aireplay-ng --deauth 0 60 -a [bssid of router] -c [mac address of device] wlan0mon, but still,the same case got repeated as above. Any help would be appreciated :>)

schroeder
  • 123,438
  • 55
  • 284
  • 319
GD777
  • 11
  • 1
  • 1
  • 2
  • 1
    Devices generally tend to reauthenticate immediately. The purpose of deauthentication is the ability to listen in on reauthentication handshake, which can be cracked. – Nomad Nov 09 '18 at 00:47
  • 1
    Why is there "0 60" after deauth? Having both arguments doesn't make sense. You are supplying "0" to deauth, which means to send continuously, not "60". – multithr3at3d Nov 09 '18 at 02:42
  • @Nomad Then, how could we verify whether the got de authenticated... because when my friends tried this in his laptop, there was a clear result showing that devices connected got to zero. – GD777 Nov 09 '18 at 03:52
  • @Nomad I even verified that whether my wireless card is capable of wireless injection or not! The results were positive. – GD777 Nov 09 '18 at 03:54
  • @multithr3at3d I even tried with just '0' but, that didn't make any improvement.! – GD777 Nov 09 '18 at 03:55

2 Answers2

1

First of all the command starts like this aireplay-ng --deauth 60 or aireplay-ng -0 60 for 60 packets or to send it continuously (DoS) aireplay-ng --deauth 0 or aireplay-ng -0 0. Anyway if you see an output it mean that you typed it right.

Second, have you tried the basic troubleshooting?

Why does deauthentication not work?

There can be several reasons and one or more can affect you:

  • You are physically too far away from the client(s). You need enough transmit power for the packets to reach and be heard by the clients. If you do a full packet capture, each packet sent to the client should result in an “ack” packet back. This means the client heard the packet. If there is no “ack” then likely it did not receive the packet.

  • Wireless cards work in particular modes such b, g, n and so on. If your card is in a different mode then the client card there is good chance that the client will not be able to correctly receive your transmission. See the previous item for confirming the client received the packet.

  • Some clients ignore broadcast deauthentications. If this is the case, you will need to send a deauthentication directed at the particular client. (I see that you already tried this one, some AP have a protection that if you're not "authenticated" it will drop a deauth from a random/unknown source for obvious reasons so always try to add the -c [target_mac] flag)

  • Clients may reconnect too fast for you to see that they had been disconnected. If you do a full packet capture, you will be able to look for the reassociation packets in the capture to confirm deauthentication worked. (Have you opened the packet capture?)

Taken from Aircrack-ng documentation

Please try all this and share what you wanted to achieve, what have you tried, what where the inputs and outputs.

Community
  • 1
Azteca
  • 1,116
  • 7
  • 16
1

I believe what is happening is that the deauth packets are successfully being sent to the router and the devices are successfully being disconnected, but since devices tend to connect back to the AP automatically you are not noticing anything. Try sending an infinite number of deauth that pretend to come from the AP and check if clients connected to it cannot access the internet or it gets significantly slower. The command for this is:

aireplay-ng -0 0 -a [bssid] [interface]

This will send deauth packets to all clients connected to an AP, the packets appear to be from the access point, thus jam the WiFi network for all devices. You can use -c to specific which devices. You can verify this by looking to see if the WiFi network is jammed and devices cannot connect to the internet. If this is the case then congrats! Your deauth packets are being sent successfully.

You can also try to get the WPA2 handshake after de authenticating clients connected to the router to verify it. If you successfully get the handshake saved to a file then the deauth packets are working.

CoderPE
  • 126
  • 1
  • 9
  • Note that while it is possible to send deauths to the AP with effect, aireplay-ng does not do this. Instead, it sends a broadcast deauth to all clients that appears to originate from the AP. – multithr3at3d Nov 10 '18 at 02:10
  • Sorry! Haven't been doing any WiFi hacking in a while. Will edit my question to fix this. – CoderPE Nov 10 '18 at 02:22