deauthentication
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
deauthentication [2007/03/10 23:03] – darkaudax | deauthentication [2009/08/14 17:40] – typo mister_x | ||
---|---|---|---|
Line 8: | Line 8: | ||
* Generate ARP requests (Windows clients sometimes flush their ARP cache when disconnected) | * Generate ARP requests (Windows clients sometimes flush their ARP cache when disconnected) | ||
- | Of course, this attack is totally useless if there are no associated wireless | + | Of course, this attack is totally useless if there are no associated wireless |
===== Usage ===== | ===== Usage ===== | ||
Line 16: | Line 16: | ||
Where: | Where: | ||
* -0 means deauthentication | * -0 means deauthentication | ||
- | * 1 is the number of deauths to send (you can send muliple | + | * 1 is the number of deauths to send (you can send multiple |
* -a 00: | * -a 00: | ||
* -c 00: | * -c 00: | ||
Line 30: | Line 30: | ||
Where: | Where: | ||
* -0 means deauthentication | * -0 means deauthentication | ||
- | * 1 is the number of deauths to send (you can send muliple | + | * 1 is the number of deauths to send (you can send multiple |
* -a 00: | * -a 00: | ||
* -c 00: | * -c 00: | ||
Line 81: | Line 81: | ||
After sending the ten batches of deauthentication packets, we start listening for ARP requests with attack 3. The -h option is mandatory and has to be the MAC address of an associated client. | After sending the ten batches of deauthentication packets, we start listening for ARP requests with attack 3. The -h option is mandatory and has to be the MAC address of an associated client. | ||
- | If the driver is [[http:// | + | If the driver is [[http:// |
===== Usage Tips ===== | ===== Usage Tips ===== | ||
Line 91: | Line 91: | ||
===== Usage Troubleshooting ===== | ===== Usage Troubleshooting ===== | ||
+ | |||
+ | ===== Why does deauthentication not work? ===== | ||
+ | |||
+ | There can be several reasons and one or more can affect you: | ||
+ | |||
+ | * You are physically too far away from the client(s). | ||
+ | * Wireless cards work in particular modes such b, g, n and so on. If your card is in a different mode then the client card there is good chance that the client will not be able to correctly receive your transmission. | ||
+ | * Some clients ignore broadcast deauthentications. | ||
+ | * Clients may reconnect too fast for you to see that they had been disconnected. | ||
+ | |||
+ | |||
+ | ===== General ===== | ||
See the general aireplay-ng troubleshooting ideas: [[aireplay-ng# | See the general aireplay-ng troubleshooting ideas: [[aireplay-ng# | ||
+ | |||
+ | ===== Release Candidate or SVN Version Notes ===== | ||
+ | |||
+ | This section ONLY applies the latest SVN version and to some release candidate versions of the aircrack-ng suite. | ||
+ | |||
+ | For directed deauthentications, | ||
+ | |||
+ | Here is a typical command: | ||
+ | |||
+ | aireplay-ng -0 1 -a 00: | ||
+ | |||
+ | Here is typical output: | ||
+ | |||
+ | | ||
+ | | ||
+ | |||
+ | Here is what the "[ 61|63 ACKs]" means: | ||
+ | |||
+ | * [ ACKs received from the client | ACKs received from the AP ] | ||
+ | * You will notice that the number in the example above is lower then 64 which is the number of packets sent. It is not unusual to lose a few packets. | ||
+ | * How do you use this information? | ||
+ |
deauthentication.txt · Last modified: 2010/11/21 13:34 by sleek