Jump to content

[Support] WiFi Deauth

masler77

By masler77
in Mark V Infusions

 Share

Recommended Posts

TheHackerNextDoor Newbie

TheHackerNextDoor

Posted
Posted

Hi,

I'm having trouble with the WiFi jammer infusion. I tried posting on the official support thread a while ago, but I didn't get any help.

When I am at my house, with about 6 devices, the WiFi jammer works fine. When I am in a public area with about 30 devices, the deauth works a few times, then it breaks. The log shows that it's working about 3 times, then it just goes to "sleeping for 10 seconds..." over and over until I reboot.

Does anybody know how I can fix this? I thought about writing a script so it only deauths 10 random people each time.

Link to comment
Share on other sites
  • Replies 139
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Posted Images

thesugarat Newbie

thesugarat

Posted
Posted

Do all of it from the command line... Record logs, take screenshots etc the more data the better, then post it all in the original thread. We're not mind readers. The sleeping for 10 seconds portion is normal but you're supposed to see lines for what is being deauthed. Again, to begin with ignore the infusion and do it all manually. Once you can get that to work move on to the infusion. You'll have a better idea of what you're seeing and what the infusion is doing.

Just suggestions...

Link to comment
Share on other sites
TheHackerNextDoor Newbie

TheHackerNextDoor

Posted
Posted

Do all of it from the command line... Record logs, take screenshots etc the more data the better, then post it all in the original thread. We're not mind readers. The sleeping for 10 seconds portion is normal but you're supposed to see lines for what is being deauthed. Again, to begin with ignore the infusion and do it all manually. Once you can get that to work move on to the infusion. You'll have a better idea of what you're seeing and what the infusion is doing.

Just suggestions...

How should I run it from the command line? With the sh script provided with the jammer?

Link to comment
Share on other sites
  • 4 weeks later...
cheeto Newbie

cheeto

Posted
Posted

Hi guys, I'm having some issue with Deauth (or jammer)

I re-flashed my MKV just make sure everything was ok on my end.

Anyway, when i set my wlan1 to monitor mode and start "Deauth" it simply does not work.

Must be connected to an ethernet cable?

Here's a video on what's happening:

https://mega.co.nz/#!yE0BUaSA!rDjqfy5B9LKIeD-kF6_YKYc5Q8IHmTrRXgG8y69cvss

thx,

cheeto

Link to comment
Share on other sites
cheeto Newbie

cheeto

Posted
Posted

Hi Whistle master,

I'm having a similar problem.

The Deauth version of jammer doesn't work.

I set my wlan1 to monitor mode

select my white/black list and as soon as I hit start, it was that it's not working. This never happened with jammer.

Any help would be more than welcomed.

Thanks for your hard work!!

Cheers,

cheeto

Link to comment
Share on other sites
cheeto Newbie

cheeto

Posted
Posted

Whistle Master,

I installed the new Deauth infusion and it works.

My doubts however are:

1) It deauthenticates Android devices but not my pc's. What works on pc's is when i deauth the machine's ssid.

in Kali this works on against every device that i know of: aireplay-ng -0 'number of deauth packages' -a 'access point bssid' -c 'victim machine bssid' 'interface'

Can this infusion work in the same manner? Or does it only deauth the AP along with Android devices?

2) If im trying to use Evil portal + Karma must i have an additional antenna?

Thanks again!!

Cheeto

Link to comment
Share on other sites
  • 3 weeks later...
cmw Newbie

cmw

Posted
Posted

I am running Deauth 1.7 (which I believe used to be called Jammer) on firmware 1.4.1. I am using wlan1 with a mon0 interface.

Simple deauthentication attacks do not work.

Screen shots are attached. When I run a deauth using aircrack-ng on Backtrack (or Kali) and capture the packets the deauthentication attack is plain to see (screenshot attached). Moreso, the client is wrecked.

When I run deauth using the Deauth infusion the client is unaffected by the attack. Capturing the packets shows a flurry of Probe Response packets being sent whenever the attack is active. There are no deauthentication frames sent by the Pineapple. I saw the same behavior when using the deauth option in the Site Survey infusion. I also ran aireplay-ng from an SSH connection to the Pineapple with the same bizarre result (screen shot attached).

I re-flashed the firmware and formatted the SD card (before and after re-flashing) in order to start fresh but results are the same.

The forum has random complaints about Jammer/Deauth not working but the lack of mass complaints has kept from thinking that there is something being done incorrectly on my side. Is anyone else seeing the specific behavior or do anyone have a solution?

Thanks.

post-47526-0-52497200-1405489402_thumb.j

post-47526-0-55939600-1405489405_thumb.j

Link to comment
Share on other sites
cheeto Newbie

cheeto

Posted
Posted

I had a very similar problem a while back.

I was able to deauth some devices like Android devices. (but not all)

When using Kali I could deauth the whole AP or Clients. It wipes everyone out.

I tried using Deauth + Evilportal on the MKV but I simply gave up. I can do this on Kali though.

Check this out:

https://forums.hak5.org/index.php?/topic/32963-attacking-wpa-evil-portal-deauth/

cheers

Link to comment
Share on other sites
  • 2 weeks later...
cmw Newbie

cmw

Posted
Posted

It seems random. I have had it work just fine and then come back and use it the next day and all it does is send what Wireshark sees as malformed packets that have no impact on the associated clients. As of now I don't really trust it. I need to explore more and see if I'm doing something weird that I'm not picking up on. Something done this common should be seen by more people if wasn't something on my side.

Link to comment
Share on other sites
cmw Newbie

cmw

Posted
Posted

I had a very similar problem a while back.

I was able to deauth some devices like Android devices. (but not all)

When using Kali I could deauth the whole AP or Clients. It wipes everyone out.

I tried using Deauth + Evilportal on the MKV but I simply gave up. I can do this on Kali though.

Check this out:

https://forums.hak5.org/index.php?/topic/32963-attacking-wpa-evil-portal-deauth/

cheers

Newer Windows OS' don't respond to broadcast deauth packets; you have to target them individually. (reminds me of their unwillingness to respond to broadcast ping). Could that explain what you were seeing?

Link to comment
Share on other sites
cmw Newbie

cmw

Posted
Posted

Update:

When I run Deauth using aircrack-ng I can see deauthention frames on channel 1, 4, 9 and 11. However, no deauth frames are sent on channel 6, which is where I happen to have been doing most of my work. That is unexpected.

Link to comment
Share on other sites
cheeto Newbie

cheeto

Posted
Posted

@CMW, YOU are right, Windows does not respond to a general deauth attack. (I learned it the hard way) Congrats to Micro$oft.

You can however deauth specific any client from an AP (windows or no windows)

As far as i know, you need Kali for that.

Do know if the MKV can do that?

cheers

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...