[Download Wifikill Pro For Android
Saija Grzegorek
I have an s8+ rooted device i've installed wifikill and gave it super user from magisk after that i opened it, pressed on the start button and it gave me an err message saying(sock_fd, siocgifhwaddr, i) permission denied.
I recently found that my friend is using wifikill apk on his rooted android and I would like to get rid of that software as I always get kicked from my wifi. I have to give him the password of my wifi but he his been doing such things and I am pretending like I don't know.
There is nothing you can do on your device as is (rooting changes matters: see below) - you would need to deploy an IP filter on the same, and drop all ARP packets. This would prevent you from talking to any device in the WLAN. To be able to do that again you would need to manually prime your device's ARP cache with values you know to be correct (a.k.a. static ARP entries).
But supposing you don't want, or can't, get him face to face... and assuming you do have the right to the connection, i.e., it is (in part at least) your access point and Internet connection, not his... there are ways.
You can start making life difficult for him, and have him perceive it is caused by his behaviour, without ever saying so. For example: you can start complaining about your unstable access point and begin resetting it to factory defaults every now and then. Change your WPA key and give it to him again, saying you had to reset the blasted thing yet again ("it keeps disconnecting"). He (and you too) will then have to reinsert the key. After some time, he will come to understand that every time he uses WFK, he gains a few minutes' full bandwidth... and then no bandwidth, and a whole evening of listening to you whining and ranting about unreliable hardware.
You might start spawning conspiracy theories by asking him whether it is likely that there's an incompatibility between your (not his!) phone and the AP, or start noticing unlikely coincidences ("Every time the microwave starts, the connection drops"). After a while grasping at straws, you can latch on the real coincidence ("The network disconnects me only when you are home") and suggest he takes his phone to the shop for a repair. This will reassure him that you accuse him of no wilful wrongdoing -- but at the same time it will be clear that you're onto something. This could be a minimally confrontational way of clearing the air. You can tune the "coincidence" you notice, in order to try and work out a compromise ("Probably when you play online games on your phone a weird combination of bandwidth, access point chip brand and magnetosphere resonance disconnects my phone. Not anyone's fault, but still -- can you tell me when you're going to have a long gaming session?").
The same approach can be used to drive home economic threats ("We need a new wireless access point with a stronger antenna. I found one for $180 -- if this AP reset I'm going to try does not work, we'll need to think about purchasing a new AP. How much could you contribute?").
I am far from sure since I haven't tested it personally, but this seems what applications like ARP Guard, ARPProtect or WiFi Protector do. The latter explicitly mentions WiFiKill. Downside: to fully protect a device you need to tamper with its network stack at a low level, so defense needs root too.
I have no experience on iOS (editing is welcome!), but there are hints that iOS7 employs some ARP spoofing mitigation techniques - possibly slow-caching, glean-refusal, gratuitous-refusal or others. Owners of iOS7 devices might have nothing to worry about.
Some access points have a special mode of operation - sometimes called "Private Mode", "Client Isolation", "Guest Mode" or "Privacy" - whereby, however large the pool of devices connected to the AP, you only see yours. You cannot "talk" to the other devices. The AP will accept packets from you to it, and not forward any other except for NATting you on the Internet.
This allows e.g. users in a caf to be relatively safe against their neighbours' curiosity - you might have a totally open system with services exposed on your laptop, but when you're connected to a private-mode AP nobody else can see them.
VERY IMPORTANT: if you have any WiFi device you need to access, e.g. a WiFi printer, it will not work in Privacy Mode, and it might still not work if connected via ethernet cable to one of the Ethernet ports some "APs" have. If this is the case, you might have to query the shop for the exact APs features, or give up on this possibility.
Several access points have the feature of filtering ARP in various ways. This can occasionally break other technologies, notably iOS AirPrint, that rely on ARP "openness", but it may be worth pursuing. On some systems this goes under "bandwidth protection".
Or you can say that you've had it with your faulty APs that always disconnects, and you buy a new AP which already has, and accidentally comes already configured with, Privacy Mode and/or ARP filtering.
Another possibility, also available on some APs but not all, is the "split SSID" or "Twin SSID" mode. In this mode the AP publishes two SSIDs, with different keys. In some APs you can also set the bandwidth limitation for one or both networks. You can then get even with your "friend" by copying the current SSID and key to the guest or low-bandwidth connection, then giving the other SSID the name of your neighbours' daughter or pet. Of course, if he gets suspicious, a little investigation will reveal the truth.
Several techniques are available to protect against ARP spoofing. There are some silver bullets, but they're not ubiquitous. The historical (and arguably outdated) tendence was to glob any ARP information you came about, and use it to improve network performance. This is an effective strategy, as long as you can trust that ARP information. Otherwise you need to only consider information you requested, and possibly refuse it if it looks suspicious, if the context seems fishy, or if some extra checks fail to deliver. To do so, of course, introduces a delay.
Not sure what OS you are using but on linux systems there used to be an arp command that let one do that. If you are on your cell not sure if you can use such a low level command unless you root your phone.
OTOH, for just keeping a watch on people like your evil roomie, there used to be a tool called arpwatch that will keep track of arp entries that change the IP-MAC association and then flag that as suspicious.
WiFi Kill is a new application that's currently appearing on a number of Android handsets. It's an application which allows you to remotely control your smartphone via Wi-Fi, or BLE (Broadband Internet) in order to protect it and keep it protected. In short, this is a feature that allows you to use your smartphone to gain access to the internet without any hardware requirement (no Bluetooth device or SIM card required). Here's how this works:
The WiFi Kill app will monitor the amount of available wifikill bandwidth on your device. After choosing a frequency to connect at (which can be manually chosen by going into the device's settings), the software will start communicating with your computer. It will connect to your device via its own dedicated SSID (string) and pass this information along to the computer. From there, the computer will establish a connection to the actual wireless router. This way, no one else can interfere with your connection, and you can freely use all the bandwidth that your device has available. The only requirement is that you have a relatively modern smartphone - which should be a Galaxy S4 or higher.
The best thing about the WiFi Kill android app is that it requires absolutely no configuration on your part. All you need to do is scan a new frequency on your own and then configure the connection accordingly. This means that even if you don't have any wifikill devices available (and you're pretty unlikely to do that), this application will still work for you. It's especially great for those who travel with multiple wifikill enabled devices, as it makes it easy to quickly switch from one to another in case of any conflict.
There is a program for Android, WifiKill, which disables wifi internet access of some neighbor peers connected to the same wifi AP. How does this program works? ARP poisoning or some other techniques?
It's the same idea as FaceNiff (I'm a developer of it also), basically it sends ARP Reply's to all of the devices in the network fooling them to think that your mobile is router. And then all of the devices try connecting to network THROUGH your device... and you just drop every single packet from them. In this version it's just dropping packets but maybe later I'll try adding some sort of primitive REJECT target.
Yes, it's using arp spoofing. I suppose there is a way to send deauth packets but it would require modifying kernel drivers for wifi card. AFAIK it won't work out-of-the-box because most of android wifi drivers don't allow packet injections and even changing the mac address of the NIC is super-difficult in a lot of devices.
795a8134c1