OP 02 July, 2020 - 03:53 PM
We all like to mess around and attack neighbors with deauth attack or try to hack their wifi or even targeting them with dos attack so it will jamm , but what if this time we are the target and our wifi is being attacked ..this will be discussed in this thread.
Wireshark is an analysing tool to search through packets and data transpassing between devices and router .. so it can also even detect through a specific filter in its settings an exterior packets coming from outside the network ..
the things you need are:
a) computer running linux or windows , but i prefer linux "debian distro" because it already has wireshark installed and also to enable monitor mode in wireless card adapter more easily
b) wireless adapter that supports monitor mode ,which can be tested in the command airdump-ng start "the name of your adapter on linux after monitor mode activated"
c) Wireshark installed and basic knowledge about using it and packets types but since we are using one filter so it will be an easy process
So let's first fire up debian linux " i'm using parrot security "
1- activate monitor mode for your wireless adapter " alpha wireless adapter is the best" by typing in the command line sudo airmon-ng start wlan0 or wlan1 according to the name of the wireless adapter "normally if it s internal adapter it s wlan0 and if external it s wlan1 since there is already one inside that s why it s called wlan1 because it comes second "
2- after activating monitor mode ,fire up wireshark and select the filter "wlan.fc.type_subtype eq 12" and the wireless card in monitor mode has the name wlan0mon
3- start capturing the packets ,if you find something under this filter then you are undergoing a deauth attack
note : you can test this by you where you can test your own router with deauth attack from another device by either using aireplay-ng command which is included in the aircrack-ng tool or you can actively use mdk3 or passive deauth attack ..anything you want and then test the packets with wireshark.
Wireshark is an analysing tool to search through packets and data transpassing between devices and router .. so it can also even detect through a specific filter in its settings an exterior packets coming from outside the network ..
the things you need are:
a) computer running linux or windows , but i prefer linux "debian distro" because it already has wireshark installed and also to enable monitor mode in wireless card adapter more easily
b) wireless adapter that supports monitor mode ,which can be tested in the command airdump-ng start "the name of your adapter on linux after monitor mode activated"
c) Wireshark installed and basic knowledge about using it and packets types but since we are using one filter so it will be an easy process
So let's first fire up debian linux " i'm using parrot security "
1- activate monitor mode for your wireless adapter " alpha wireless adapter is the best" by typing in the command line sudo airmon-ng start wlan0 or wlan1 according to the name of the wireless adapter "normally if it s internal adapter it s wlan0 and if external it s wlan1 since there is already one inside that s why it s called wlan1 because it comes second "
2- after activating monitor mode ,fire up wireshark and select the filter "wlan.fc.type_subtype eq 12" and the wireless card in monitor mode has the name wlan0mon
3- start capturing the packets ,if you find something under this filter then you are undergoing a deauth attack
note : you can test this by you where you can test your own router with deauth attack from another device by either using aireplay-ng command which is included in the aircrack-ng tool or you can actively use mdk3 or passive deauth attack ..anything you want and then test the packets with wireshark.
![[Image: uB8HTFl.gif]](https://i.imgur.com/uB8HTFl.gif)