Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Access Point DoS Attack

  1. #1
    Member
    Join Date
    Apr 2010
    Posts
    51

    Default Access Point DoS Attack

    Hi guys. I want to make a penetration testing to my Wifi network. I want to perform a DoS attack of authentication clients or disconnecting all the clients in my network.

    I tried the mdk3 v6 but no luck...

    Any other program to perform this penetration testing attack?

    Thank you

  2. #2
    Very good friend of the forum TAPE's Avatar
    Join Date
    Jan 2010
    Location
    Europe
    Posts
    599

    Default Re: Access Point DoS Attack

    mdk3 should work just fine in not allowing the clients to connect.

    what make is the router and what were your commands ?

  3. #3
    Member
    Join Date
    Apr 2010
    Posts
    51

    Default Re: Access Point DoS Attack

    Quote Originally Posted by TAPE View Post
    mdk3 should work just fine in not allowing the clients to connect.

    what make is the router and what were your commands ?
    The router is: Linksys
    The command is mdk3 with the a mode (Amok)
    I'm trying to disconnect all current clients and not to disallow new clients in the wifi network.

  4. #4
    Member
    Join Date
    Feb 2010
    Location
    Root
    Posts
    121

    Default Re: Access Point DoS Attack

    I did something to this effect once, just playing around. I used an ARP flood. It wasn't intended to work that way, I wanted to reboot the router to act like a hub. I know this didn't answer your question, just a different point of view...

  5. #5
    Very good friend of the forum TAPE's Avatar
    Join Date
    Jan 2010
    Location
    Europe
    Posts
    599

    Default Re: Access Point DoS Attack

    Well the Amok mode is not done using the 'a' option.. that would be the 'authentication DOS mode'
    intended to try to stop the AP from functioning normally.
    Not all routers are vulnerable to that attack, I tested that on an old Asus router and the router held its own (only just mind you).

    What you are looking for is the 'd' option.

  6. #6
    Member
    Join Date
    Apr 2010
    Posts
    51

    Default Re: Access Point DoS Attack

    Quote Originally Posted by TAPE View Post
    Well the Amok mode is not done using the 'a' option.. that would be the 'authentication DOS mode'
    intended to try to stop the AP from functioning normally.
    Not all routers are vulnerable to that attack, I tested that on an old Asus router and the router held its own (only just mind you).

    What you are looking for is the 'd' option.
    First of all thanks for the replies. Yes It was my fault for the a mode. It's d

    I'm trying to disconnect all clients from my AP. I read the documentation and I run the commands: (I set my card to the channel 6 that is my AP)

    First of all I set my card in monitor mode:

    airmon-ng start wlan0
    iwconfig wlan0 channel 6 rate 1M (My AP is in 6 chan)

    ./mdk3 mon0 d -i <AP mac>

    Is that correct?

    I also have a Thomson router and a TPLink to test

  7. #7
    Very good friend of the forum TAPE's Avatar
    Join Date
    Jan 2010
    Location
    Europe
    Posts
    599

    Default Re: Access Point DoS Attack

    from ./mdk3 --fullhelp

    'd' option
    d - Deauthentication / Disassociation Amok Mode
    Kicks everybody found from AP
    OPTIONS:
    -w <filename>
    Read file containing MACs not to care about (Whitelist mode)
    -b <filename>
    Read file containing MACs to run test on (Blacklist Mode)
    -s <pps>
    Set speed in packets per second (Default: unlimited)
    -c [chan,chan,chan,...]
    Enable channel hopping. Without providing any channels, mdk3 will hop an all
    14 b/g channels. Channel will be changed every 5 seconds.


    Dont know where you got the -i from..

    > Head to mdk3 directory
    > Create blacklist file with your AP mac you want to deny access to
    > Fire up mdk3

    Code:
    cd /pentest/wireless/mdk3
    echo 00:11:22:33:44:55 > blacklist
    ./mdk3 mon0 d -b blacklist -c 6 -s 25

    I made a post on mdk3 a while ago, some googling should get you going.. which you really should have done more of before
    Last edited by TAPE; 04-26-2010 at 09:48 AM.

  8. #8
    Member
    Join Date
    Apr 2010
    Posts
    51

    Default Re: Access Point DoS Attack

    Quote Originally Posted by TAPE View Post
    from ./mdk3 --fullhelp

    'd' option
    d - Deauthentication / Disassociation Amok Mode
    Kicks everybody found from AP
    OPTIONS:
    -w <filename>
    Read file containing MACs not to care about (Whitelist mode)
    -b <filename>
    Read file containing MACs to run test on (Blacklist Mode)
    -s <pps>
    Set speed in packets per second (Default: unlimited)
    -c [chan,chan,chan,...]
    Enable channel hopping. Without providing any channels, mdk3 will hop an all
    14 b/g channels. Channel will be changed every 5 seconds.


    Dont know where you got the -i from..

    > Head to mdk3 directory
    > Create blacklist file with your AP mac you want to deny access to
    > Fire up mdk3

    Code:
    cd /pentest/wireless/mdk3
    echo 00:11:22:33:44:55 > blacklist
    ./mdk3 mon0 d -b blacklist -c 6 -s 25

    I made a post on mdk3 a while ago, some googling should get you going.. which you really should have done more of before
    Thanks for the help. Yeap sorry for that. I used the documentation that is incoplete. I will now use the --fullhelp

    In the end I want to ask something last:

    But the previous commands are correct? before running the mdk3....

    I mean this: iwconfig wlan0 channel 6 rate 1M (My AP is in 6 chan)
    Or just firing up the mdk3 with the -c 6 ? or and the 2 commands?

    Also in this command we use the mon0 inteface we created or the wlan0?

    Thanks again ;-)

  9. #9
    Very good friend of the forum TAPE's Avatar
    Join Date
    Jan 2010
    Location
    Europe
    Posts
    599

    Default Re: Access Point DoS Attack

    Your card needs to be in promiscuous mode for mdk3
    No need to start your card fixed to any channel

    And thats enough spoonfeeding for today me thinks !

    Just test on your setup and revert with the commands you have tried if experiencing issues..

    Again, if you had done a good search you would have stumbled across a video I have made on mdk3 which shows some usage and from there a blogpost showing further options..
    Flex your google-fu !

  10. #10
    Member
    Join Date
    Apr 2010
    Posts
    51

    Default

    Ok it worked. Thanks for the help

    @TAPE: When the attack (d) started...to a blacklist client... the client didnt disconnect but he can't see a page in the browser or something. And when he tries to disconnect-reconnect to the AP... he can't... I think that this is the attack and he doesn't see any disconnect warning or message... but only can't connect to a site etc and he can't reconnect to the AP while the d attack is running..

    Quote Originally Posted by TAPE View Post
    Your card needs to be in promiscuous mode for mdk3
    No need to start your card fixed to any channel

    And thats enough spoonfeeding for today me thinks !

    Just test on your setup and revert with the commands you have tried if experiencing issues..

    Again, if you had done a good search you would have stumbled across a video I have made on mdk3 which shows some usage and from there a blogpost showing further options..
    Flex your google-fu !
    Ok the attack is ok. But the clients are not disconnecting. They cannot access any site and If they try to reconnect they can't. Is that normal? Is there any way to kick them out and to see disconnection message?

    Thanks
    Last edited by Archangel-Amael; 04-27-2010 at 06:29 PM.

Page 1 of 2 12 LastLast

Similar Threads

  1. Rogue Access Point
    By Spark1223 in forum Beginners Forum
    Replies: 7
    Last Post: 03-27-2010, 01:28 AM
  2. Access Point: Not-Associated
    By romava in forum Soporte en Wireless
    Replies: 1
    Last Post: 03-18-2010, 05:56 AM
  3. Virtual Access Point
    By .virtual in forum OLD Newbie Area
    Replies: 4
    Last Post: 11-25-2009, 01:10 PM
  4. Access Point -Smartbridge
    By sphinix in forum OLD Newbie Area
    Replies: 0
    Last Post: 03-28-2009, 02:09 PM
  5. Access point question
    By Upsman in forum OLD BT3final Support
    Replies: 5
    Last Post: 11-14-2008, 08:22 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •