Jump to content

Recommended Posts

  • Replies 139
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Posted Images

Thanks for jumping in Whistle Master. Nothing like having the architect of this infusion working on this.

Again, Deauth works when deauthing my smartphone and from time to time it might deauth a pc. But's not 100% effective.

Looking forward to the update.

Thanks again.

Edited by cheeto
Link to comment
Share on other sites

Guys, let's me have a look at it and I will try to post a new version soon. Maybe the issue is in the channel hopping.

Whistle Master, for me part of the issue seems to be with the blacklist file, Using the web UI and adding any mac addresses in the list, or selecting one from the available AP list always results in adding the following to the blacklist file

root@Pineapple:/pineapple/components/infusions/deauth/includes/rules# cat blacklist.lst

# Every AP


Manually adding Mac addresses to the blacklist file fixed the mdk3 deauth for me. Once the mac was added, and setting the proper channel it deauth the client.

Link to comment
Share on other sites

There is a bug in the last version regarding the blacklist saving. I'm working one it.

However, please note that mdk3 can only works in one mode: either blacklist or whitelist. This means that you have to choose in the configuration tab which mode you would like to use for mdk3. Then, put the MAC addresses accordingly in one or another tab.

Only aireplay-ng can use both blacklist AND whitelist.

So, @cheeto, if you want to make it:

1) Enable wlan1 and start monitor mon0

2) Assuming you are in blacklist mode: add your target AP mac address.

3) Start to Deauth on wlan1 and mon0

Link to comment
Share on other sites

I was trying the steps you mentioned but it's still inconsistent. Sometimes it works and sometimes it doesn't.

In the configuration menu, Which mode should i be using? Whitelist or Blacklist? I tried both but it's giving me the same result.

Again, I'm just blackisting my target AP. Therefore I'm using mdk3 and Whitlelisting my MKV

I'm going to update the infusion and get back to you.

Thank you SO MUCH!!

Link to comment
Share on other sites


objective is to deauth my LINKSYS ROUTER.

1) open deauth

2) blacklist LINKSYS router

3) whitelist MKV

4) configuration -> Method MDK3 Mode: Whitlist

5) start Deauth

Results successful

Objective 2

Start pineAP along with Dogma, Harvester, Karma & Beacon response + Deauth.

Results: failed.

Conclusion, it's not possible to deauth and use PineAP (Harverster etc... ) at the same time.

Am I wrong?


By the way, Thanks Whist Mster for the UPDATE. IT's clearly BETTER!

Edited by cheeto
Link to comment
Share on other sites

Before making this video, I Reflashed my mkv and re-installed DEAUTH infusion.

My objective is to Deauthenticate using WLAN0 (disabled) + mon0

Target AP: LINKSYS router.

This method does work very well against smartphones.

The problem is deauhing pc's.

If you see's what im doing wrong, PLEASE let me know.

Thanks guys

Link to comment
Share on other sites

Nothing wrong with the infusion as well, if you can deauth smartphones, you should be able to deauth workstations as well.

I've just noticed that, if you put your target AP is in the blacklist list, you should use the "Blacklist" mode in the configuration tab, not the "Whitelist" mode.

From mdk3 usage, option used by the infusion:

d - Deauthentication / Disassociation Amok Mode
Kicks everybody found from AP
-w <filename>
Read file containing MACs not to care about (Whitelist mode)
-b <filename>
Read file containing MACs to run test on (Blacklist Mode)
-s <pps>
Set speed in packets per second (Default: unlimited)
-c [chan,chan,chan,...]
Enable channel hopping. Without providing any channels, mdk3 will hop an all
14 b/g channels. Channel will be changed every 5 seconds.
-d [target]
Enable WPA/WPA2-Downgrade-Attack
Blocks clients only if they use WPA Encryption, WEP and unencrypted traffic still works
Use this test to see if the Sysadmin thinks WEP is still enough security when WPA "doesn't work"
Edited by Whistle Master
Link to comment
Share on other sites

OK, here's the unexplained.

This is the ONLY combo that works against pcs, in fact it wipes EVERYTHING out.

BLACKLIST my target AP (linksys)


Configuration Mode: WHITELIST.

This is totally backwards!

I will make a video because seeing is believing.

Link to comment
Share on other sites

Your target ap should be in a whitelist, and use a whitelist mode ( whitelist meaning in the mdk3 sense, only attack the provided whitelist ap's, everything else is ignored ).

Blacklist means in mdk3 sense, attack all other ap's except for those provided in the blacklist, ignore the aps in blacklist.

Put your ap in the whitelist, and use mdk3 in whitelist

Link to comment
Share on other sites


Just for testing purposes, have you tried deauth from the CLI? I know the web Ui should work but trying it first from the CLI can go a long way to troubleshoot this.

I would first try aireplay-ng, then mdk3 via the CLI. if that works then you know it's with the infusion.

Also what channel is the AP you are trying to deauth on? and is it running a,b,g, n or ac?

I haven't tested a windows 8 client with the latest version of deauth but I can confirm that with the blacklist fixes I'm able to deauth IOS and Mac clients

Link to comment
Share on other sites

Well i stand corrected.actually mdk3 seems to whitelist / blacklist backwards. By looking at the options


-w <filename>

Read file containing MAC addresses to ignore (Whitelist mode)

-b <filename>

Read from a file containing MAC addresses to attack (Blacklist Mode)

-s <pps>

Set the speed in packets per second (Default: unlimited)

-c [chan,chan,chan,...]

Enables channel hopping. Without providing any channels, mdk3 will hop all channels until it finds the target you specified

Link to comment
Share on other sites

So, am I the only one experiencing these issues?

Pla12, My target AP is a Linksys Wireless-G Broadband Router WRT54G2 operating on Ch.1.

I have uninstalled and re-installed it in the internal memory abut I'm getting the same results.

In video 2 you could clearly see that I enabled WLAN1 + mon0 and it deauthed EVERYTHING (including pc's).

That alone is a problem since Wlan1 should be disabled.

And for some reason the Black/White options are doing just the opposite. Blacklisting is actually whitelisting and vice versa.

Anyway, thank you all for your help.

Link to comment
Share on other sites



I'm going the share the solution in case someone happens to run into the same problem.

First of all the Blackist/whitlist is INVERTED. For me to deauth anything i have to WHITELIST my target.

Also make sure to use MODE: "Whitelist". (using MDK3)

So after messing around with this thing all day, I thought why in the world am i scanning channels 1-11 if my AP target

is on Channel 1. (Thanks for the tip PLA12)

So i went to the Configuration channel and set my channel to 1 (instead of 1,2,3,4,5,6,7,8,9,10,11)

And BOOOOOM Knock out!!! It deauthed everying on the AP. YES PC's too!!

Guys, thank you all so much for your patience, I hope this tip could come in handy.

Link to comment
Share on other sites

do this

reboot the pineapple

use putty to ssh into and run the following commands

- airmon-ng start wlan1

-iwconfig wlan1 channel 1

-aireplay-ng -0 100 -a 00:21:29:D6:AC:06 wlan1

I use wlan1 on this command not mon0, also make sure the -a argument has the access point MAC,

to test death on the specific PC use the -c Mac of client

this works for me every time.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Create New...