In fact, you can indentify the target with it too, and it has a really nice GUI. A ready-to-use application is provided there. We only want to send some deauthentification frames. You might read that airport cards do not support packet injection, but packet injections are for WEP attacks and nobody uses WEP anymore. The catch is that aireplay-ng can do a lot of other things besides deauth attacks. If you don’t have the beacon or the handshake, it will fail accordingly.Īs I said, aireplay-ng doesn’t work on a MacBook Pro. Identify the target - with airport “Install”Īircrack-ng -w wordlist.txt -b $TARGET_MAC_ADDRESS airportSniff.cap When they reconnect, they re-send the handshake. The good news is that you can deauthentificate people from the wifi network - it’s called wifi jamming and it’s useful to impress a girl and piss off people at Starbucks. What makes the retrieval of the handshake hard is that it appears only when somebody connects to the access point. a handshake (= four-way handshake), or some frames of it (hard).Sniff the channel in monitor mode to retrieve:.
Identify the target acces point: name (= BSSID), MAC address (= SSID) and channel (~ radio frequency).Some people say it is expensive, but last time I checked on Google Shopping, it cost less than half an Apple mouse. There is a list on the website of aircrack-ng, and I think the Alfa AWUS051NH v2 is great. So PLEASE, if you want to do other advanced networking things than network sniffing or what is described in this article, do yourself a favour and buy an USB adapter to use with the virtual machine.