Como o mdk3 funciona?
mdk3 funciona explorando as deficiências do protocolo IEEE 802.11.
Tem diferentes opções de linha de comando ("modos de teste") para selecionar exploits particulares.
Veja abaixo um resumo dos modos de teste. Há documentação mais completa na Documentação do MDK3
Teste de estresse do WiFi usando MDK3, Flooding de beacon & Ataque de desentenção.
Syntax :
mdk3 <interface> <testmode> <test-options>
Mdk3 –help <test mode>: for test optionsTEST MODES:
b- Beacon Flood ModeSends beacon frames to show fake APs at clients. This can sometimes crash network scanners and even drivers!
a- Authentication DoS modeSends authentication frames to all APs found in range. Too much clients freeze or reset some APs.
p- Basic probing and ESSID Bruteforce modeProbes AP and check for answer, useful for checking if SSID has been correctly decloaked or if AP is in your adaptors sending range SSID Brute-forcing is also possible with this test mode.
d- Deauthentication / Disassociation Amok ModeKicks everybody found from AP
m- Michael shutdown exploitation (TKIP)Cancels all traffic continuously
x- 802.1X tests
w- WIDS/WIPS ConfusionConfuse/Abuse Intrusion Detection and Prevention Systems
f- MAC filter bruteforce modeThis test uses a list of known client MAC Adresses and tries to authenticate them to the given AP while dynamically changing its response timeout for best performance. It currently works only on APs who deny an open authentication request properly
g- WPA Downgrade testDeauthenticates Stations and APs sending WPA encrypted packets. With this test you can check if the sysadmin will try setting his network to WEP or disable encryption.
Teste de estresse do WiFi usando MDK3, Flooding de beacon & Ataque de desautenticação