De-authentication attack using aireplay-ng

A classic and another basic attack a hacker would do is a de-authentication attack.In this the end result is that certain or even all users would be kicked out of the connection with the router.So how does it work?

In this ,the hacker takes advantage of the vulnerabilities in ARP of a network.So a hacker sends de-authentication packets to the router pretending to be the target.And at the same time the hacker sends packets to the victim pretending to be the router to re-authenticate itself.We are able to spoof devices easily because ARP ,which is responsible for handling requests and responses dosen’t authenticate from where the packet comes from.
So let us try to de-authenticate someone from the network BSNL_922:-

Lets target the device with mac address 3c:57:6c:47:1d:24 .To de-authenticate simply type:-

aireplay-ng — deauth 100000 -a 1c:a5:32:1c:5b:F4 -c 3c:57:6c:47:1d:24 wlan0

Lets discuss this command:-
-The 100000 signifies number of de-authentication packets you want to send.Ideally you should put a large number so that the device stays de-authenticated for a long time although there will be a few cases where you would need a user de-authenticated for a short period of time and in that case put a small number.
- The -a argument signifies the BSSID of the router.
-The -c argument signifies the device mac address.
-wlan0 is the interface in monitor mode.

If you want to de-authenticate all clients in a particular network just type:

aireplay-ng — deauth 100000 -a 1c:a5:32:1c:5b:F4 wlan0

But keep in mind, in my experience this doesn’t work with networks having huge number of clients.