how I hacked my wifi

Disclaimer: This is not a tutorial. I only tested this on my own network and this article is meant for awareness and education. Never use this on networks that are not your own. Doing so is a crime.

Setting up Kali Linux on my Raspberry Pi
I had an old raspberry pi 4 laying around which I didnt use and as I was getting into webhacking I also learned more about other tools ethical hackers use and one of those is Kali Linux.

I have very little experience with linux so I thought why not get into it and install it on my pi. After doing all that I tested out some tools mainly nmap, wireshark and airodump. With a normal wifi card I couldnt really see much, so I did some research and found out there are specific wifi adapters that support two important features: monitor mode (so you can capture traffic without joining a network) and packet injection (so you can send crafted packets). Not every adapter can do that, but I bought one that can: the ALFA AWUS036ACHM.

First time using the wifi adapter
When it arrived I plugged it into my pi and I was mesmerized. I could suddenly see way more wifi networks than usual with my laptop or phone. Using airodump I could monitor all those networks and see details.

Inside the table that displays all this data there is a column called PWR.

PWR basically shows the signal strength (RSSI). The closer the value is to 0, the stronger the signal. For example -30 dBm is very strong, -50 is good, -60 is ok, -70 is weak, and -80 or lower is pretty much unusable. Its not an exact distance measurement, but it gives you a rough idea how near or far a device is.

I saw my own router SSID at around -30, which means its really close. I also saw other routers in my building in the -40 to -60 range.

Checking my own router more in depth
Now the scary part: you can also see the MAC address of each router and the connected devices. (A MAC address can count as personal data under GDPR if its tied to a person, so publishing or storing other peoples MAC address would already be problematic. Just passively seeing them is fine.)

I obviously only checked my own router. With its MAC I could see all the devices connected to it: my phone and laptop. Each had their own PWR value. For example, my phone showed around -33 when it was next to me on my desk, and when I moved it right next to the router it jumped up to -29.

That blew my mind, you can literally see where your devices are in relation to the router just by looking at the signal values.

Seeing the invisible world
In monitor mode I could also pick up networks way beyond my apartment, up to a few hundred meters away. (With the right antenna you can even get kilometers, but indoors its usually much less.)

And you can also see when traffic is flowing. For example, when I was watching a YouTube video on my laptop, I could see a lot of data frames being sent. Other routers around me were quiet.

It felt like suddenly I could peek into this invisible world of signals around us.

Discovering deauth attacks
Here comes the most interesting part.
There is something called packet injection and more specifically a deauthentication (deauth) attack.

This is crazy: you can send a special management frame to a router or a client device that basically tells it to disconnect. Management frames in Wi-Fi (like deauth) are historically unencrypted, so they can be spoofed easily.

I immediately tried it on my own laptop, I was watching a video, I started the deauth attack and the video froze, the little wifi icon in my windows bar turned to a "no internet" symbol. I was shocked how easy it is to just kick devices of the internet.

You just need to buy this 50€ wifi adapter and you can theoretically kick everyone off their network in your close proximity.

To be clear: modern standards like 802.11w (Protected Management Frames) can block or at least reduce this attack, but not every router or client has it enabled. So in practice, many networks are still vulnerable.

And yeah, you cant take down the entire internet, the router itself stays online, but you can just kick specific devices off as long as they are vulnerable.

Legal side in germany
Doing this to devices you dont own can become serious really quick. In germany and everywhere else the laws are really strict about this.

If you get caught doing this you might end up in jail:

• § 202a StGB - Unauthorized access to protected data: up to 3 years in prison or a fine.
• § 202b StGB - Unauthorized interception of data: up to 2 years in prison or a fine.
• § 303b StGB - Computer sabotage (disrupting networks/systems): criminal charges.
• Applies even without data theft if the act disrupts communication or systems.
• Authorities: BKA & BSI may investigate.

The BKA is basically Germanys version of the FBI, they investigate serious crimes including cybercrime. The BSI is more like the national cyber security agency, they warn about threats, analyze attacks and help protect systems.

This is not a minor offense, you cant say "oh I was just testing around". You will probably get a fine for the first time if you didnt do alot of damage but you will most likely go to jail if you do it again.

Why such harsh laws? Because it is so easy to abuse, as I said you literally just need a 50€ wifi adapter and you can wreak havoc.

Conclusion
This was my first real dive into wifi hacking, and I was amazed (and a bit scared) at how easy some of it is. And this is just scratching the surface. There are many other attacks like the “evil twin” (setting up a fake hotspot so people connect to you instead of their real one) or MITM attacks (man-in-the-middle, where an attacker secretly sits between you and the website you are visiting and can read or even change the data being sent).

Im not an expert and I barely understand most of this stuff yet, but I find it super interesting and I think more people should know about it, not to abuse it, but to raise awareness so we can improve our systems and spot attacks faster.

I will keep learning and sharing my insights!