Locked AP mdk3 attacks on the Pineapple?

[freshlybobster]

So when using reaver with non antique router 99% of the time the AP locks up the WPS as most of you know. I've looked into this a bit in the past but the one tool which I've found - revdk3 which uses mdk3 attacks, does not work on the pineapple. I've tried to replicate 1 or 2 of the mdk3 attacks which would normally be generated by it, but to no avail. Here's my question:

What exactly can be done in order to crash an AP with mdk3 attacks / something else? on the Pineapple? If there's nothing possible I will look into using the wlan1 interface on a Kali install, however aside from revdk3, are there any other tools? Thanks guys.

[deadlyhabit]

mdk3 is available on the pineapple in the opkg section.

Aside from revdk3 there's the VMR-MDK script by Musket Team.

As far as running them on the pineapple, not too sure atm as they're having issues on Kali 2.0 for me currently that I'm pretty sure has to do with the newer versions of the aircrack suite.

If I can resolve that I'll get to looking at them on the pineapple (also I may try to make a opkg of the mdk3 mod https://github.com/soxrok2212/mdk3-master ).

[DataHead]

What makes revdk3 incompatible with the pineapple, is the use of xterm. Creating a script as such, for the pineapple, should either be streamlined in just one shell, or making use of the 'screen' package.

[Foxtrot]

You could try:

mdk3 mon0 a -a FF:FF:FF:FF:FF:FF

which would crash the AP by connecting lots of non-existent clients to it. MAC Addresses of each client are generated by MDK3 thus only the MAC Address of the AP is needed.

[freshlybobster]

mdk3 is available on the pineapple in the opkg section.

Aside from revdk3 there's the VMR-MDK script by Musket Team.

As far as running them on the pineapple, not too sure atm as they're having issues on Kali 2.0 for me currently that I'm pretty sure has to do with the newer versions of the aircrack suite.

If I can resolve that I'll get to looking at them on the pineapple (also I may try to make a opkg of the mdk3 mod https://github.com/soxrok2212/mdk3-master ).

Hey man thanks for sharing these tools, yeah I've found VMR-MDK as well but didn't get around to testing it out yet. The mdk3 mod does look like something I def want to try out though, I'll give it a shot tomorrow perhaps. So is this everything there is out there? I've tried the revdk3 tool but so far all the mdk3 attacks I've tested on a cheap TP-Link AP failed. Anyway, thanks.

You could try:

mdk3 mon0 a -a FF:FF:FF:FF:FF:FF

which would crash the AP by connecting lots of non-existent clients to it. MAC Addresses of each client are generated by MDK3 thus only the MAC Address of the AP is needed.

Well I've tried

mdk3 $MON0 a -a $MAC -s 200

on a relatively newer but very cheap TP-Link AP, left it running for about 20 minutes but absolutely nothing.

Edited August 25, 2015 by freshlybobster

[deadlyhabit]

Wish I knew of something more than mdk3 or mdk3 mod as the scripts run off both of them and seemingly need to be updated for the new aircrack suite formats (been poking around).

Working on my own python script to automate the process I usually use of:

1.) attempt pixiewps attack

2.) reaver or bully

3.) a.) if long ap rate try a mdk3 attack to get it to let me get some more pins in or reset the AP

b.) if long ap rate limiting just put my reaver pro ii or pineapple on it, and set it and forget it for a few days

4.) try to capture a 4 way handshake and brute force it if all else fails like a non WPS access point