Results 1 to 6 of 6

Thread: mdk3 : bruteforce MAC filters

  1. #1
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    3

    Default mdk3 : bruteforce MAC filters

    Hello,
    Just a question about mdk3. I'm testing mdk3 with the mode "bruteforce MAc filters" on a modem which is OPN and without connected stations. I'm using BT4 final in Live CD mode. When I begin my attack, the MAC filters tested is always 00:00:22:00:00:01. I can stay a long time like this. Is it normal?
    Thanks in advance for your replies.
    Regards,
    --
    Benoit

  2. #2
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: mdk3 : bruteforce MAC filters

    Holy Smokes batman that's not a bug. Please post in the correct section.

  3. #3
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    3

    Default

    Really sorry Archangel.Amael. Thank you for moving the topic in the right section. So now I understand that if I do not succeed in bruteforce of mac addresses, it is due to a bug of me! I rather prefer this issue. That can be solved.

    I tried to upgrade the mdk3 version (from 5 to 6) by downloading the latest version of the official website. Booting BT4 in liveCD mode, I tried the upgrade but I seems to failed as I always have the mdk3-v5 title and still stay on the 00:00:22:00:00:01 mac address when I launch the "attack".

    Should I precise my problem to get more answers?

    Thanks in advance for all of your replies
    Regards,

    Hi,
    Is someone could just confirm me that MAC filters bruteforce is not working fine on unencrypted network?
    Does anybody just encounter same issues as me? Please submit your experience!
    Thanks in advance for all of your replies,
    Regards,
    --
    Benoit
    Last edited by Archangel-Amael; 01-28-2010 at 02:09 PM.

  4. #4
    Member xX_Spiidey_Xx's Avatar
    Join Date
    Jan 2010
    Location
    /dev/urandom
    Posts
    256

    Default Re: mdk3 : bruteforce MAC filters

    Quote Originally Posted by batman View Post
    I tried to upgrade the mdk3 version (from 5 to 6) by downloading the latest version of the official website. Booting BT4 in liveCD mode, I tried the upgrade but I seems to failed as I always have the mdk3-v5 title
    Your first problem is that you're trying to update software that resides on read-only media. I would recommend that you use a persistent USB install, use a VMWare image, or simply dual boot.

    This issue brings to light your likely inexperience with *nix systems... maybe you should go with the VMWare idea first, see if you like it, and are able to learn it and take it from there. Read the manpages for the software you are trying to use, I'm sure there's something you are likely missing.

    Back|Track was not (and will never be) designed to be a beginner's tool. That said, I recommend a LOT of reading and hands-on coding. You will never reach the pinnacle of hackerdom until you've mastered the basics and run with them. I can promise you that this is not a flame, a personal attack or anything like it. I still have a long way to go myself, but this was (very close) to what I had to hear to keep me away from becoming a skididiot, and learn how things work from the inside out. I hope this helps steer you in the right direction if you are serious about this stuff, young padawan.

    xX_Spiidey_Xx
    thou shalt treat all computers as thou wouldst treat thyself, for thou art the creator of thine own problems.

  5. #5
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    3

    Default Re: mdk3 : bruteforce MAC filters

    Thanks for your reply and explanation xX_Spiidey_Xx.
    Concerning the upgrade I was thinking that can be updated as the mdk3 files are temporary in the RAM memory (even if it will be done until the shut down of the system). But as you guess, I'm a newbie with *nix systems.
    Concerning VMWare (or Sun VirtualBox), I was thinking that will add more technical issues compared to liveCD "installation". I had understood that integrated wifi card could be problematic to use in virtual machine... And I do not have usb key for wifi connection.
    Did you experience mdk3? If yes, did you notice the problem encountered?
    Thanks in advance for your reply,
    Regards,
    Last edited by batman; 01-29-2010 at 02:51 PM. Reason: keystroke

  6. #6
    Very good friend of the forum TAPE's Avatar
    Join Date
    Jan 2010
    Location
    Europe
    Posts
    599

    Default Re: mdk3 : bruteforce MAC filters

    I decided to have a go at the MAC bruteforce option a while ago and had a similar issue.
    As there is precious little information available on MDK3 tutorials on the web I sent an email to the developer asking for some guidance on it.

    I trust this is OK with the BT team on posting this, if not please msg me or edit as appropriate..

    (part of) My query;
    ============
    > I am using mdk3 in BackTrack 4 (Final) however cannot get MAC bruteforcing
    > to work.
    >
    > My test lab is a simple router, No encryption set, and with mac filtering
    > enabled.
    >
    > Using the normal;
    >
    > ./mdk3 mon0 f -t <AP Mac>
    >
    > Does not seem to change the mac address it is trying and testing 0 MACs per
    > second and 10 retries

    Answer;
    =====

    Seems like your router is not 802.11 compliant.

    In the official standard, a client who wants to join the network sends an auth
    request providing the data for the AP to check if this new client is ok to
    join. The AP answers to this client with an auth response which either
    specifies success or failure and also contains an error code to explain why
    the client couldn't join.
    MAC filtering is NOT standard 802.11, so there is NO error code saying:
    "Sorry, can't join, you got the wrong MAC!"
    However, EVERY failure has to be reported to the client, and for this cases,
    the AP may use a special error code:
    "Denied due to reason outside the standard"
    Another option would be using a reserved error code:
    http://www.gthill.com/managementframes.pdf

    In your case, your router seems to just IGNORE auth requests if they came from
    an unauthorized MAC, and it doesn't respond with anything. But current mdk3
    implementation only works for 802.11 compliant routers who correctly deny
    authentication.

    Greetings
    ASPj

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •