Note: Do not perform this attack in a network where you are not the administrator. It is illegal.

First a little bit of info on what De-authentication is:

It is an attack through which we send disassociation packets to computers/devices connected to a particular WiFi access point. This will disconnect all connected computers from that access point (It won’t work if there are no associated wireless client or on fake authentications).

This attack is usually used for following purposes:

  • Recovering a hidden ESSID. This is an ESSID which is not being broadcast. Another term for this is “cloaked”.
  • Capturing WPA/WPA2 handshakes by forcing clients to re-authenticate
  • Generate ARP requests (Windows clients sometimes flush their ARP cache when disconnected)

If those three point don’t make any sense, in simple words, this attack disconnects computers from an access point so you can have all WiFi bandwidth for yourself :p

(more…)