Deauthentication Attack workflow - sayotte/ESP32Marauder GitHub Wiki

Deauthentication Attack workflow

Deauthentication Flood

This attack will broadcast deauthentication frame to all clients connected to a target access point.
The following describes the order of operations necessary to properly execute this attack.

  1. Build list of target access points
    • scanap
      image
  2. Display list of available access points
    • list -a
      image
  3. Select a target access points from the list. Multiple access points may be specified
    • select -a 0,1
  4. Verify access points 0 and 1 have been selected with list
    • list -a
      image
  5. Execute deauthentication flood against the targeted access points
    • attack -t deauth
      image

Targeted Deauthentication Attack

This attack is intended to target only specific stations connected to a targeted access point rather than sending deauth frames to broadcast. Multiple stations and access points can be specified for a single attack. While it is possible to select many stations even when they are associated with different access points, only selected stations associated with selected access points will be targeted. If a station is selected but its associated access point is not, it will not be attacked.
The following describes the order of operations necessary to properly execute this attack.

  1. Build list of target access points
    • scanap
      image
  2. Display list of available access points
    • list -a
      image
  3. Select a target access points from the list. Multiple access points may be specified
    • select -a 0,1
  4. Verify access points 0 and 1 have been selected with list
    • list -a
      image
  5. Build list of target stations
    • scansta
      image
  6. Display list of available stations
    • list -c
      image
  7. Select target stations from the list. Multiple stations may be specified
    • select -c 0,12
  8. Verify stations 0 and 12 have been selected with list
    • list -c
      image
  9. Execute deauthentication flood against the targeted access points
    • attack -t deauth -c
      image

Manual Deauthentication Attack

With this attack, the source and destination address of each frame is manually set by the user. This attack does not require any scans to be performed.
The following describes the order of operations necessary to properly execute this attack.

  1. Execute manual deauthentication attack
    • attack -t deauth -s 00:00:00:00:00:00 -d ff:ff:ff:ff:ff:ff
      image

References