DEAUTH_CLIENT
DEAUTH_CLIENT - Attempt to deauthenticate clients by sending spoofed deauthentication and disassociation packets.
When to use it
Use DEAUTH_CLIENT as part of an engagement when attempting to direct clients to a Pineapple access point or when harvesting handshakes.
Syntax
FIND_CLIENT_IP [bssid] [target] [channel]
bssid
BSSID (MAC address) of the access point, in the format xx:xx:xx:xx:xx:xx.
target
MAC address of the target client (or FF:FF:FF:FF:FF:FF for all clients) to attempt to disconnect.
channel
Channel to perform the disconnect on.
Results
DEAUTH_CLIENT returns immediately. In the background, the PineAP system will attempt to disconnect clients.
Limitations
DEAUTH_CLIENT can be used on 2.4GHz channels, and on 5GHz channels which are not DFS channels. DFS channels have stronger regulatory requirements which prohibit transmission. Networks on 6GHz must utilize WPA3 features which prevent injected deauthentication packets.
Networks which utilize Protected Management Frames (PMF) or the 802.11w standard will not be susceptible to injected disconnection packets. All networks utilizing WPA3 also enable Protected Management Frames.
Some clients ignore disconnection attempts deliberately regardless of the network type or channel.
Examples
DEAUTH_CLIENT 00:AA:BB:CC:DD:EE 00:DE:AD:BE:EF:44 6
Be sure to only trigger client deauthentication against networks that are in the scope of your engagement!
Deauthenticating clients from networks which aren’t yours and which you haven’t been given permission to test isn’t only a jerk move, it may be illegal in some jurisdictions. Know the laws of your region!