will-wtf Posted October 20, 2008 Share Posted October 20, 2008 Same here. It keeps saying that it's sending out packets, but it never actually kicks you off a network. but we know it is working because of Snubs used it so that jasager could connect.. Quote Link to comment Share on other sites More sharing options...
jmaxxz Posted October 21, 2008 Share Posted October 21, 2008 yes what we need it a nice little deauth broadcast button in jasager that allows you to specify how long the deauths should be broadcast for. deauth for 10sec.....now everyone is searching for a new connection and your it. Quote Link to comment Share on other sites More sharing options...
digininja Posted October 21, 2008 Share Posted October 21, 2008 yes what we need it a nice little deauth broadcast button in jasager that allows you to specify how long the deauths should be broadcast for. deauth for 10sec.....now everyone is searching for a new connection and your it. I'm looking at porting Lorcon to openwrt, if I can then I've got a really nice deauth script I wrote for my SANS gold paper. I'll integrate that. Quote Link to comment Share on other sites More sharing options...
.exe Posted October 21, 2008 Author Share Posted October 21, 2008 hahahaha.... @ .exe UK only? yay i'm included but why not usa etc Dont ask for details because im not at a stage to give any :) However, ruining a N: DS for the ability to run Aircrack is a little silly so dont do anything hasty in the meantime. I'm looking at porting Lorcon to openwrt, if I can then I've got a really nice deauth script I wrote for my SANS gold paper. I'll integrate that. This is good for DOS but wont offer the ability to disconnect clients so they reauthenticate onto your Jasager. Its a very nice thing to have as an extra though. Quote Link to comment Share on other sites More sharing options...
jmaxxz Posted October 21, 2008 Share Posted October 21, 2008 This is good for DOS but wont offer the ability to disconnect clients so they reauthenticate onto your Jasager. Its a very nice thing to have as an extra though. Why is this not good for aggravating connections to your jasager? If you go into a cafe where everyone is already connected jasager will not work unless you can get them off the network they are currently on Quote Link to comment Share on other sites More sharing options...
will-wtf Posted October 21, 2008 Share Posted October 21, 2008 and you get them off that network, while you have jasager running, by deauthing them with a ds or somthing Quote Link to comment Share on other sites More sharing options...
.exe Posted October 22, 2008 Author Share Posted October 22, 2008 If you have a device with a single interface your not going to be able to send deauth packets continuously (obviously to specific AP's) AND accept connections without turning things off and on - which means your going to have some clients able to re-connect to there original AP and some connecting back to your Jasager. This was the original arguement for the seperate N:DS device handling the deauthentication and why Darren sent Snubbs round the tables in the video instead of messing around with all this on his own (except the range was inferior). Solve this and clients will only have the options of connecting to your Jasager or being denied service. Quote Link to comment Share on other sites More sharing options...
vector Posted October 22, 2008 Share Posted October 22, 2008 If you have a device with a single interface your not going to be able to send deauth packets continuously (obviously to specific AP's) AND accept connections without turning things off and on - which means your going to have some clients able to re-connect to there original AP and some connecting back to your Jasager. This was the original arguement for the seperate N:DS device handling the deauthentication and why Darren sent Snubbs round the tables in the video instead of messing around with all this on his own (except the range was inferior). Solve this and clients will only have the options of connecting to your Jasager or being denied service. deauthentication requests should be sent to clients on behalf of the AP not sent to AP's themselves. also certain clients may ignore broadcast deauth requests, in which case you may need to send several packets at different intervals, or pick to send to specific clients. Quote Link to comment Share on other sites More sharing options...
digininja Posted October 22, 2008 Share Posted October 22, 2008 deauthentication requests should be sent to clients on behalf of the AP not sent to AP's themselves. also certain clients may ignore broadcast deauth requests, in which case you may need to send several packets at different intervals, or pick to send to specific clients. If I remember right a client can send a deauth packet to the AP if it wants. The quickest way to deauth a group of clients is to send a spoofed broadcast deauth from the AP that will kick off everyone. If you are pen-testing in an office environment and you only had the one device then you'd need to set up an occasional broadcast deauth pretending to be the real AP, if you are in a more mobile environment where clients are coming and going all the time you'd have to increase the deauth rate. Quote Link to comment Share on other sites More sharing options...
.exe Posted October 22, 2008 Author Share Posted October 22, 2008 deauthentication requests should be sent to clients on behalf of the AP not sent to AP's themselves. also certain clients may ignore broadcast deauth requests, in which case you may need to send several packets at different intervals, or pick to send to specific clients. Sorry for the confusion but I just meant how its carried out using the Aircrack utility which implies whats below... Quote Link to comment Share on other sites More sharing options...
.exe Posted October 22, 2008 Author Share Posted October 22, 2008 If I remember right a client can send a deauth packet to the AP if it wants. The quickest way to deauth a group of clients is to send a spoofed broadcast deauth from the AP that will kick off everyone. If you are pen-testing in an office environment and you only had the one device then you'd need to set up an occasional broadcast deauth pretending to be the real AP, if you are in a more mobile environment where clients are coming and going all the time you'd have to increase the deauth rate. I believe this is exactly how the Aircrack-Ng deauth works. Im not sure what the effect would be of occasionally stopping traffic to send these packets on clients (I have seen first hand some really weird effects of doing things like this - so you would need to test stability). IMHO it is always best to have a dedicated interface for the task at hand. Quote Link to comment Share on other sites More sharing options...
bugjuice Posted March 23, 2009 Share Posted March 23, 2009 Dijininja, how do you set a default page users have to connect to? And darren, snubs and co. I still can't find anything on DS deauthing so pls help what i mean is when they connect, and no matter what site they try and go on, it will always put them onto the same page, like in internet cafe's in the airport, where you can only look at airport info (geneva). I think what you are thinking of is IPTables. I suggest you to check out the manpage of iptables, or take a look at airbase and or airchat, as they include such "gadget" in 'em. Maybe this can help you : "iptables -A PREROUTING -s 10.0.0.0/255.255.255.0 -p tcp --sport ! 52 -j DNAT --to-destination 10.0.0.1 -t nat" Got it on a german WarDriving wiki, dont really know what it does as i didnt had any successfull tests with that. Quote Link to comment Share on other sites More sharing options...
digininja Posted March 23, 2009 Share Posted March 23, 2009 Its a captive portal, here is the most famous http://nocat.net/ Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.