]
07-07-2011, 04:11 PM
((W))Interface's of mass destruction.
Hello everyone just wanted to say thanks for all the feed back and support. Just want to talk a little about today's tutorial and how I found it is super effective but before we start.
This tutorial is for educational purposes only I am not responsible for what you do with this information.
After all we don't learn to hack, we hack to learn.
Now what we are going to be doing is deauthentication all connected computer from an access point. Now I know what your thinking whats the big deal. Well what happens to people once they get disconnected they refresh the network list right. Right so when they are going to refresh the list we are going to flood the air with fake access points and when I mean flood we really flood the air some if not all computer wireless drivers will crash. I don't know about you but that sounds like allot of fun don't take this the wrong way I'm a good guy but sometimes good guys get bored and want to see people's reaction when something does go wrong and they start restarting their computers. So if this sounds kinda fun to do to your dad, mom, sister, friend or whoever is ON YOUR OWN NETWORK then what the hell give it a try.
Let's get started
About MDK3
Using MDK3 is quite simple, since it comes with lots of help screens directly included in the code.
You can easily access them by typing only mdk3
MDK3 displays the main help screen. To see all possible options, type mdk3 --fullhelp
To see only information for a specific test, type mdk3 --help followed by the test mode identifier (b, a, p, d, m or x)
Before you can use MDK3, you need to setup your wireless adaptor. As far as there are different driver architectures, the way to setup your adaptor may vary depending on which driver is in use. To make this procedure easy, it is recommended to use airmon-ng from the aircrack project, since this can setup almost every known driver correctly.
To enable injection, your card needs to be started, switched to the monitor and a bitrate and channel have to be set.
Now lets put our wireless interface in monitor mode and a quick ifconfig to find out our mac address.
![[Image: 1.png]](https://2.bp.blogspot.com/-oW6EubqL0YU/TZIyvcyxerI/AAAAAAAAAHM/xJrOkgn4HKI/s1600/1.png)
Lets go to the mdk3 directory
Now we want to deauthenticated everyone in our WLAN range in order to do that we need to make a list of mac numbers that we DO NOT WANT TO GET AFFECTED witch is call a whitelist. So in my whitelist I'm going to be just adding my mac address because I don't care about all the others. So copy you mac address and type this in the MDK3 directory.
echo YOUR_MAC > whitelist
![[Image: 2.png]](https://3.bp.blogspot.com/-keYt06W4CxA/TZIy41PeUuI/AAAAAAAAAHQ/JZFHSMsQMJA/s1600/2.png)
Now let's look at our d option the Deauthentication / Disassociation Amok Mode:
d - Deauthentication / Disassociation Amok Mode
Kicks everybody found from AP
OPTIONS:
-w
Read file containing MACs not to care about (Whitelist mode)
-b
Read file containing MACs to run test on (Blacklist Mode)
-s
Set speed in packets per second (Default: unlimited)
-c [chan,chan,chan,...]
Enable channel hopping. Without providing any channels, mdk3 will hop an all
14 b/g channels. Channel will be changed every 5 seconds.
So what we are going to use is the w option whitelist mode. leave the s option alone it's set to unlimited. Now the c option channel is up to you but I'm going with all AP's on channel 6 because most AP's are on that channel by default.
![[Image: whitelist.png]](https://2.bp.blogspot.com/-TpXwyoBe8EE/TZIzC0bTZ_I/AAAAAAAAAHU/g6QAE2K-7ho/s1600/whitelist.png)
So now we have successfully launched the attack soon everyone will be disconnected. Now lets start flooding the air with fake access points. Open a new shell and browse to MDK3 directory and run this.
b - Beacon Flood Mode
Sends beacon frames to show fake APs at clients.
This can sometimes crash network scanners and even drivers!
OPTIONS:
-n
Use SSID instead of randomly generated ones
-f
Read SSIDs from file
-v
Read MACs and SSIDs from file. See example file!
-d
Show station as Ad-Hoc
-w
Set WEP bit (Generates encrypted networks)
-g
Show station as 54 Mbit
-t
Show station using WPA TKIP encryption
-a
Show station using WPA AES encryption
-m
Use valid accesspoint MAC from OUI database
-h
Hop to channel where AP is spoofed
This makes the test more effective against some devices/drivers
But it reduces packet rate due to channel hopping.
-c
Fake an AP on channel . If you want your card to hop on
this channel, you have to set -h option, too!
-s
Set speed in packets per second (Default: 50)
a - Authentication DoS mode
Now let me explain the b options is beacon flood mode. The -g option is Show station as 54 Mbit. -c option is channel now you can put an h if you want it to hope but if you specify a channel it will produce fake APs faster.
![[Image: 3.png]](https://3.bp.blogspot.com/-trGBWRxKguE/TZI1c5rg4lI/AAAAAAAAAHY/0-2AgNJ4MqI/s1600/3.png)
Now when the user refreshes his network list he should a never ending scan in linux or windows.
![[Image: APoints.png]](https://1.bp.blogspot.com/-IC3pRgO8y5Y/TZI1zpwhUhI/AAAAAAAAAHc/7epTw0njxpE/s1600/APoints.png)
And thats it for this tutorial.
More tutorials and fun things to do here @ Hello everyone just wanted to say thanks for all the feed back and support. Just want to talk a little about today's tutorial and how I found it is super effective but before we start.
This tutorial is for educational purposes only I am not responsible for what you do with this information.
After all we don't learn to hack, we hack to learn.
Now what we are going to be doing is deauthentication all connected computer from an access point. Now I know what your thinking whats the big deal. Well what happens to people once they get disconnected they refresh the network list right. Right so when they are going to refresh the list we are going to flood the air with fake access points and when I mean flood we really flood the air some if not all computer wireless drivers will crash. I don't know about you but that sounds like allot of fun don't take this the wrong way I'm a good guy but sometimes good guys get bored and want to see people's reaction when something does go wrong and they start restarting their computers. So if this sounds kinda fun to do to your dad, mom, sister, friend or whoever is ON YOUR OWN NETWORK then what the hell give it a try.
Let's get started
About MDK3
Using MDK3 is quite simple, since it comes with lots of help screens directly included in the code.
You can easily access them by typing only mdk3
MDK3 displays the main help screen. To see all possible options, type mdk3 --fullhelp
To see only information for a specific test, type mdk3 --help followed by the test mode identifier (b, a, p, d, m or x)
Before you can use MDK3, you need to setup your wireless adaptor. As far as there are different driver architectures, the way to setup your adaptor may vary depending on which driver is in use. To make this procedure easy, it is recommended to use airmon-ng from the aircrack project, since this can setup almost every known driver correctly.
To enable injection, your card needs to be started, switched to the monitor and a bitrate and channel have to be set.
Now lets put our wireless interface in monitor mode and a quick ifconfig to find out our mac address.
Hidden Content
Lets go to the mdk3 directory
Hidden Content
Now we want to deauthenticated everyone in our WLAN range in order to do that we need to make a list of mac numbers that we DO NOT WANT TO GET AFFECTED witch is call a whitelist. So in my whitelist I'm going to be just adding my mac address because I don't care about all the others. So copy you mac address and type this in the MDK3 directory.
echo YOUR_MAC > whitelist
Hidden Content
Now let's look at our d option the Deauthentication / Disassociation Amok Mode:
d - Deauthentication / Disassociation Amok Mode
Kicks everybody found from AP
OPTIONS:
-w
Read file containing MACs not to care about (Whitelist mode)
-b
Read file containing MACs to run test on (Blacklist Mode)
-s
Set speed in packets per second (Default: unlimited)
-c [chan,chan,chan,...]
Enable channel hopping. Without providing any channels, mdk3 will hop an all
14 b/g channels. Channel will be changed every 5 seconds.
So what we are going to use is the w option whitelist mode. leave the s option alone it's set to unlimited. Now the c option channel is up to you but I'm going with all AP's on channel 6 because most AP's are on that channel by default.
Hidden Content
So now we have successfully launched the attack soon everyone will be disconnected. Now lets start flooding the air with fake access points. Open a new shell and browse to MDK3 directory and run this.
Hidden Content
b - Beacon Flood Mode
Sends beacon frames to show fake APs at clients.
This can sometimes crash network scanners and even drivers!
OPTIONS:
-n
Use SSID instead of randomly generated ones
-f
Read SSIDs from file
-v
Read MACs and SSIDs from file. See example file!
-d
Show station as Ad-Hoc
-w
Set WEP bit (Generates encrypted networks)
-g
Show station as 54 Mbit
-t
Show station using WPA TKIP encryption
-a
Show station using WPA AES encryption
-m
Use valid accesspoint MAC from OUI database
-h
Hop to channel where AP is spoofed
This makes the test more effective against some devices/drivers
But it reduces packet rate due to channel hopping.
-c
Fake an AP on channel . If you want your card to hop on
this channel, you have to set -h option, too!
-s
Set speed in packets per second (Default: 50)
a - Authentication DoS mode
Now let me explain the b options is beacon flood mode. The -g option is Show station as 54 Mbit. -c option is channel now you can put an h if you want it to hope but if you specify a channel it will produce fake APs faster.
Now when the user refreshes his network list he should a never ending scan in linux or windows.
And thats it for this tutorial.
[To see links please register here]
DON'T FORGET A + REP I WANT TO PASS 1234HotMaster ^_^
