Wednesday 14 March 2012

[802.11] Wireless Jamming

Ok. Infodox BRIEFLY touched upon 802.11 jamming in his talk at CampusCon (their site seems to be down at the moment).

For those interested, the talk can be downloaded here: Insecurety Research

Anyways, onward to "The Good Stuff". I (x41) am simply posting the parts he wrote so far, and when he comes back he says he will finish the job.

Wireless Jamming. Sometimes one wants to disable all 802.11 stuff within range (i.e. WiFi) for some reason (perhaps deauth everyone so a KARMA style attack will work better?) and often this can be a bit of a challenge.

Challenge accepted.

First off, let's get to grips with some software called "mdk3".

MDK3 is a 802.11 flooding tool, and comes preinstalled on BackTrack and several other Pentest distros.

However, let's assume you are running a standard Ubuntu box and have not got it installed... So start by installing aircrack.

apt-get install aircrack-ng (ubuntu)
yum install aircrack-ng (fedora)
...Or, compile from sauce...
http://www.aircrack-ng.org/

Now. MDK3.

http://homepages.tu-darmstadt.de/~p_larbig/wlan/

Grab the source from here, untar, ./configure, make && make install (as root).

Then to run (as root):

PUT CARD INTO MONITOR MODE BEFORE CONTINUING!
sudo airmon-ng start wlan0 (where wlan0 is your wifi card)

mdk3 (arguements)

Some samples... (assumes mon0 is your monitor mode interface)

1. mdk3 mon0 x 1 -c (target client MAC) -t (target AP MAC)
This one simply deauths the victim client. Good for targetted jamming.

2. mdk3 mon0 d -b /root/blacklist
assuming you have a list of MAC addresses you DONT wish to have online, you put em in a list and blacklist em. This jams them.

3. mdk3 mon0" d -w (and the path to your whitelist file)
This kills everyones WiFi EXCEPT the devices in the whitelist.

Now. On to more fun things... Killing AP's.

Introducing "ap fucker".















AP Fucker is a python script that automates these DoS attacks. My preferred mode is "Destruction Mode". For obvious reasons.

Grab AP fucker here.. ApFucker - Pastebin

Running this is very simple. Just sudo bash (must be root), start the interface in monitor mode, and run it.

More to come - this was just an introduction!
Posted by at 05:19
Labels: , , , , , , , , , , , ,

1 comment:

  1. bemonolit3 July 2012 at 07:11

    Very nice work but can you make a video tutorial

    ReplyDelete

Subscribe to: Post Comments (Atom)