Great unbelievable way to Disable a WiFi network in 2 minutes
See what can happen with a 15$ microcontroller
Part 2
Following My article “how to create a fake access point in 2 minutes” let’s look at how we use our deauther microcontroller https://amzn.to/36kKSWa to deauthenticate access point or a station that broadcasts or listens in the 2.4Ghz.
By doing so, we actually use a denial of service attack, where our wireless access point or station cant establish a connection.
The deauth attack is done on my personal home gear, and if you plan to conduct one, be sure, that you have full permission to do so. It is described here for education purpose only
Before we start let’s understand more facts about the Wi-Fi process
Management frames
In a wi-fi world, we have 3 main types of frames
- Management frames
- Control frames
- Data frames
Management frames are the negotiators, they are used mainly to negotiate the initial connection and keep it stable, they are used by our wireless stations to join and leave the BSS ( basic service set )
The following is the process our station take in order to join and associate with a wireless access point
Following the probe request and the probe response of our wireless stations, we get into the authentication and association part, in which at the end of it, our stations are connected to the wireless router or access point
When we finish the authentication and association state, our clients can send data frames.
Management frames by default are at the lowest rate, duo to the fact that we want everyone to hear them, even older standards of wi-fi
When our station leaves the access point ( for example when it doesn’t receive any signals yet, due to the distance ( coverage area ), it sends a deauthenticate frames to the access point, telling him,” “I’m leaving “
On the other hand, your access point or wireless router can send to the station Disassociation frames for many reasons, one of them is when a station sends a wrong password
Disassociation frames disconnect the connection and set the whole connection process to start from the beginning
Now let’s see how our deauther terminates a connection, by sending numerous death frames to a target of choice, in this case, we will attack my own wifi network
I am using a 2.4 GHz deauther so only the 2.4Ghz wifi network will notice the attack
So Lets Start
As before. we need to connect to the pwned SSID and type on our URL field the following address 192.168.4.1
On our deauther admin page, we will select the access-point that we wish to send from deauth frames to its clients ( so no one will be able to connect to it
I will select my own home router, and from there I will move to the third section which is attacks
For our purpose, we will use the deauth attack, so let’s press the start attack, once we do so, we can stop the attack at any minute
The next thing we will do is to look at our wi-fi traffic using Wireshark
We can see very clearly that our access point send a Deauthenticate and Disassociate all over
Now let’s look at the frame itself, by double-clicking on it
And on the frame details, we can see that a disassociation frame was sent to the broadcast domain, so anyone who tries to connect will get a deauthenticate frame and a disassociation frame for anyone who is already connected
I have taken a video of the process, so here it is
Disclaimer — this demo is for educational purpose only, please use it carefully
You can subscribe to my channel at youtube.com/fortitip or join my FortiGate courses at https://www.udemy.com/course/fortigate-admin-crash-course/?referralCode=0B534DCF7A6D8BD3417E
