How to Kick People Out of a WI-FI Network
Disclaimer: This article is for educational purposes and seeks to promote ethical hacking and superior cybersecurity practices in organizations and private entities. It does not advocate for any malicious intent. Furthermore, all materials used in this tutorial are solely personal and intentionally set vulnerable. I, therefore, absolve myself from any future unauthorized scripting from parties reading this article that may compromise the integrity of respective wireless networks
Do you have those days when you have a meeting or just torrenting a PC game and the WIFI, shared of course, is so slow? Did you know you can technically “kick” people out of the WIFI?
In this quick article, I am gonna describe how you can kick people out of a WIFI Network by technically limiting their bandwidth rendering their connection unusable. I am also gonna add some cool tips you can add to the attack that can mask your IP/Mac address so that The server admin cannot identify where the attack is coming from.
While this attack works 100% efficiently, it is not a definitive assurance you are not gonna get caught especially when attempting to hack into the WPA2 Enterprise system which usually requires an employee or a member of that organization to sign in using some credentials. Or WIFI networks that require you to verify your identity over a link or get an OTP. This method works for networks that require users to type in a password or require someone to type in the password [Like in hotels]
Requirements
- Kali Linux Separate OS /VMware Kali Linux
- Macchanger — Easy installation
- Evillimiter — Easy installation
- Anonsurf — Easy installation, link attached
- Installing Macchanger → This program masks your Computer’s Mac address. The steps below outline how to install it. basically, run :
sudo apt-get install macchanger
2. Installing Anonsurf → This program changes your IP address, kind of like a VPN by routing your traffic via a tor(anonymous browser):
mkdir Anonsurf && cd Anonsurf
git clone https://github.com/Und3rf10w/kali-anonsurf.git
sudo ./installer.sh
3. Installing evillimiter → This program will allow us to have autonomy over the WIFI network now:
git clone https://github.com/bitbrute/evillimiter.git
cd evillimiter
sudo python3 setup.py install
Procedure
NB: I will change my mac address twice in succession, to mask my Permanent Mac in step 1, to avoid exposing this value.
- Type, macchanger -s wlan0, to confirm your IP address and note it somewhere or just copy to clipboard.
2. Time to change our Mac address For the sake of the tutorial, I will change my mac address twice in succession to avoid hacking attempts out here :
ifconfig wlan0 down → Makes our wireless wifi card enter monitoring mode
maccchanger -r wlan0 → Randomizes our new mac address. If anyone scans for our mac address, this virtual address will be shown
3. We need to change our IP address to mask our identity even more. Anonsurf does this more accurately.
systemctl start anonsurf
anonsurf start
Optional; run ifconfig, our IP address has changed from 192.168.0.4 to A random IP from 192.168.0.7–192.168.0.254 [ Observe figure 2.2 below] where its currently at 192.168.0.109. The IP address will keep changing in this range making the attack more anonymous
4. Launch evillimiter. you need administration privileges before attempting to launch. From the window below, We note the IP of the router, the mac and another terminal
5. We need to type scan to note all the hosts. As you can observe, the system has discovered six hosts connected, this is my Home Router, which is expected.
6. [IMPORTANT] Type hosts. We can see that we have our PC’s IP address is not in the list nor is our initial IP address of 192.168.0.104 or our new 192.168.0.110. Anonsurf masks everything for us hence making it hard for any web admin to track us. This is very vital for anonymity whilst executing this attack
7. [IMPORTANT] To eject everyone out of the WIFI, simply type block all. This move blocks all the other users by completely limiting their bandwidth to 0. They cannot download/upload/stream or basically access internet while WIFI connection status remains on. This concludes our attack !! To restore access to WIFI to everyone else, simply type free all .
NB: still researching if the attack also blocks the main router from dispensing bandwidth to the rest of the network [ We can see the Router’s gateway is also blocked ]
Follow up Notes
Explore more what Evillimiter by typing help and seeing other features like:
- We can also customize by how much we limit our bandwidth and for which devices.
- How to block specific hosts
- Explore how to add custom hosts masking our attacks even more
- Furthemore, we can analyze a specific target’s bandwidth usage to basically know who uses much of the bandwidth in the system and specifically chose to kick them out
Recommendations
WPA2 Enterprise WIFI Technology encrypts the network only allowing intranet users to access the Network. In case of an attack, the Web Admin can identify which user is executing the attack despite changing IP/Mac address as the username or unique ID can't be masked easily remains.
This article is a foundation for our oncoming series of reconnaissance where I will curate articles that help us capture a particular’s, open source of course, domain Server info/emails/IP addresses and try to understand from a hacker’s perspective how they gather information before executing attacks.
