freshlybobster Posted August 24, 2015 Share Posted August 24, 2015 So when using reaver with non antique router 99% of the time the AP locks up the WPS as most of you know. I've looked into this a bit in the past but the one tool which I've found - revdk3 which uses mdk3 attacks, does not work on the pineapple. I've tried to replicate 1 or 2 of the mdk3 attacks which would normally be generated by it, but to no avail. Here's my question: What exactly can be done in order to crash an AP with mdk3 attacks / something else? on the Pineapple? If there's nothing possible I will look into using the wlan1 interface on a Kali install, however aside from revdk3, are there any other tools? Thanks guys. Quote Link to comment Share on other sites More sharing options...
deadlyhabit Posted August 25, 2015 Share Posted August 25, 2015 mdk3 is available on the pineapple in the opkg section. Aside from revdk3 there's the VMR-MDK script by Musket Team. As far as running them on the pineapple, not too sure atm as they're having issues on Kali 2.0 for me currently that I'm pretty sure has to do with the newer versions of the aircrack suite. If I can resolve that I'll get to looking at them on the pineapple (also I may try to make a opkg of the mdk3 mod https://github.com/soxrok2212/mdk3-master ). Quote Link to comment Share on other sites More sharing options...
DataHead Posted August 25, 2015 Share Posted August 25, 2015 What makes revdk3 incompatible with the pineapple, is the use of xterm. Creating a script as such, for the pineapple, should either be streamlined in just one shell, or making use of the 'screen' package. Quote Link to comment Share on other sites More sharing options...
Foxtrot Posted August 25, 2015 Share Posted August 25, 2015 You could try: mdk3 mon0 a -a FF:FF:FF:FF:FF:FF which would crash the AP by connecting lots of non-existent clients to it. MAC Addresses of each client are generated by MDK3 thus only the MAC Address of the AP is needed. Quote Link to comment Share on other sites More sharing options...
freshlybobster Posted August 25, 2015 Author Share Posted August 25, 2015 (edited) mdk3 is available on the pineapple in the opkg section. Aside from revdk3 there's the VMR-MDK script by Musket Team. As far as running them on the pineapple, not too sure atm as they're having issues on Kali 2.0 for me currently that I'm pretty sure has to do with the newer versions of the aircrack suite. If I can resolve that I'll get to looking at them on the pineapple (also I may try to make a opkg of the mdk3 mod https://github.com/soxrok2212/mdk3-master ). Hey man thanks for sharing these tools, yeah I've found VMR-MDK as well but didn't get around to testing it out yet. The mdk3 mod does look like something I def want to try out though, I'll give it a shot tomorrow perhaps. So is this everything there is out there? I've tried the revdk3 tool but so far all the mdk3 attacks I've tested on a cheap TP-Link AP failed. Anyway, thanks. You could try: mdk3 mon0 a -a FF:FF:FF:FF:FF:FF which would crash the AP by connecting lots of non-existent clients to it. MAC Addresses of each client are generated by MDK3 thus only the MAC Address of the AP is needed. Well I've tried mdk3 $MON0 a -a $MAC -s 200 on a relatively newer but very cheap TP-Link AP, left it running for about 20 minutes but absolutely nothing. Edited August 25, 2015 by freshlybobster Quote Link to comment Share on other sites More sharing options...
deadlyhabit Posted August 26, 2015 Share Posted August 26, 2015 Wish I knew of something more than mdk3 or mdk3 mod as the scripts run off both of them and seemingly need to be updated for the new aircrack suite formats (been poking around). Working on my own python script to automate the process I usually use of: 1.) attempt pixiewps attack 2.) reaver or bully 3.) a.) if long ap rate try a mdk3 attack to get it to let me get some more pins in or reset the AP b.) if long ap rate limiting just put my reaver pro ii or pineapple on it, and set it and forget it for a few days 4.) try to capture a 4 way handshake and brute force it if all else fails like a non WPS access point Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.