Welcome back, my cyberwarriors!
Now that the brutal Russian invaders have taken and occupied some Ukrainian cities, the next stage is cyber guerilla warfare. This means attacking and disrupting the Russian occupiers at every turn. Some will use Molotov cocktails, some will use Stinger missiles and some will use cyber attacks.
In this tutorial, I will show you have to disrupt Russian installations Wi-Fi access. Now that they are occupiers, they will set up command and control centers within Ukrainian cities. In most cases, this will require Wi-Fi access since the setting up a wired LAN will taken additional time and resources. let's keep them from using this network!
Step#1 Identify Your Wireless Interface
The first step is to identify your wireless interface. Linux has a specific command, iwconfig, to identify wireless interfaces.
kali > sudo iwconfig
As you can see, mine is named wlan0. Yours may be different. If it is, simply replace your wireless interface name where I use wlan0 in the next step.
Step 2: Put Your Wireless Adapter into Monitor Mode
​Then, in order to use aircrack-ng effectively, we need to put our wireless adapter into monitor mode. This is the equivalent of promiscuous mode on a wired network card. When we do this, we can see all the wireless traffic passing through the air around us.
​
kali > airmon-ng start wlan0
Note that airmon-ng has renamed our wireless interface to wlan0mon. We will use that new name in the following steps.
Step 3: Use airodump-ng to Get the Parameters
​
Now that we have our adapter in monitor mode, we need to use airodump-ng to view all the parameters of all the traffic around us.
​
kali>sudo airodump-ng wlan0mon
Here, we can see all the wi-fi access points within range. The key at this step is to identify the AP, get its BSSID (the physical address) and its channel.
When you have this information, shutdown airodump-ng (Ctrl+C) and start a new airodump-ng with the channel of the target's AP such as;
kali> sudo airodump-ng -c 9 wlan0mon
Where -c 9 designates the channel you want to attack.
Step 3: Open a Text Editor & Write the Script
​
Now, we are going to use aireplay-ng to de-authenticate the users the enemy's AP. You will need a text editor to create our script. Here, I will be using mousepad, but you can use any text editor of your choice.
We want a script that will send de-authentication frames to the AP and all clients, knocking everyone off the network. After doing so, we will give them 60 seconds to re-authenticate and then de-authenticate them again. We could write the script to send continuous de-authenticate frames, but that would likely be met with a countermeasure. We want to both confuse and block any effective wireless communication by the enemy.
​
Copy this script into your text editor, replacing the MAC address with the MAC address of your target AP. This simple script does the following.
​
#!/bin/bash tells the terminal what interpreter to use.
for i in {1..10000} creates a for loop that will execute our commands 5,000 times.
do contains the commands we want to execute. Everything after the do and before the done will be executed in each loop.
aireplay-ng sends the deauth frames 1,000 times (the default is continuous) to the MAC address of the AP (-a) from the interface wlan0mon.
sleep 60s tells the script to sleep for 60 seconds. In this way, the clients will be able to re-authenticate for 60 seconds before we send another deauth flood. Hopefully, this short interval will lead them to believe that the problem is with their AP and not us.
done closes the for loop.
​
Please see the script below. Make certain to replace the BSSID with the BSSID of your target.
The way we have written this script, it will de-authenticate ALL clients. Some APs will not allow this, and we would have to rewrite this script with the individual MAC addresses we want to de-authenticate.
Now, save the script as wirelessDoS.sh.
​
Step 4: Change Permissions
​
To be able to execute the script, we will need to give ourselves execute permissions. We use the Linux command chmod for this.
​
kali > chmod 755 wirelessDoS.sh
Step 5: Execute the Script
​
Finally, we execute the script by typing:
​
kali > ./wirelessDoS
Now that we have disabled the enemy's wireless communication, they may try to block your MAC address. An advanced variation of this script would be one where you use a tool like macchanger to change your MAC address before each de-authentication making it much harder for the enemy to block you deauthentication frames.
Summary
The Russian invaders have brutally taken a few cities in Ukraine. Now the resistance begins in the form of guerilla attacks. One of the things we can do is to attack any Wi-Fi access points the Russian military sets up at their command and control centers. This simple script should keep them from being able to access that AP and communicate.
Look for more tutorials on Hackers-Arise to cyber attack the Russian occupiers!