The Hidden Danger of Free Wi-Fi

Inside a Real 802.11 Deauth Attack

by Neo

Date: 26 Nov 2025

Goal of the Session

Participants will understand how attackers exploit 802.11 management frames to deauthenticate users and perform man-in-the-middle (MITM) attacks on public Wi-Fi, and learn practical steps to stay safe.

Learning Objectives

Cognitive (Understanding): Describe how a deauthentication attack works in 802.11 and explain how a fake access point enables MITM interception.
Psychomotor (Recognition): Identify real-world attack tools (e.g., Hak5 Wireless Pineapple) and state at least two security measures to avoid MITM attacks.
Affective (Awareness): Demonstrate increased caution by recognizing risks of public Wi-Fi and expressing willingness to adopt safer habits.

How Does a Deauthentication Attack Work?

Attacker sends deauth frames to disconnect victim from Wi-Fi.
Victim device scans for available networks and reconnects, often to the strongest signal.
Attacker’s rogue AP mimics real Wi-Fi, capturing the connection.
MITM attacker intercepts all victim's traffic and can eavesdrop or inject malicious data.

Attack Flow: Visual Diagram

Step 1-5: Client is forcibly deauthenticated and reconnects to fake AP, attacker intercepts traffic.

Common Attack Tools in the Wild

Hak5 Wireless Pineapple

Specialized device for Wi-Fi attacks, including deauth and rogue AP creation.

Aircrack-ng Suite

Popular toolkit for packet analysis, deauth, and cracking Wi-Fi encryption.

How to Protect Yourself

Use mobile data instead of public Wi-Fi for sensitive activities.
Always use a VPN when connecting to public networks.
Turn off automatic Wi-Fi connection on your devices.
Look out for rogue access points and suspicious Wi-Fi names.

Changing Habits for Safer Connections

Awareness is power: Always question the safety of free Wi-Fi and be willing to change how you connect online. Stay alert, use VPN, and prefer mobile data for crucial transactions.

Thank You!

Questions & Discussion

Stay safe online: mail@matnet.my