DDOS driver on WiFi network
MDK is a tool that shows us the security vulnerabilities of the IEEE 802.11 protocol.
The MDK3 (from Murder Death Kill 3) is one of the most popular wireless attack tools for WLAN. The main function of this tool is to "flood" the network with fake traffic, ie to send a large amount of fake packets, in order to overload the network.
As a prerequisite, make sure that the Kali Linux machine must have a USB WiFi adapter and check the type “iwconfigAt your terminal.
Now you need to turn on your wireless adapter with the help of Airmon-ng Package and put it in Packet Injecting mode, ie Monitor Mode, by typing the following command in your terminal:
Mandate: airmon-ng start wlan0
Fake SSID Flooding with MDK3
SSID (Service Set Identifier) Flooding or Beacon Flooding can be easily done with the help of MDK3. This means that MDK3 can transmit hundreds or even thousands of fake APs.
SSID Flooding is not a denial of service, but it is still a great trick to block the network.
Mandate: mdk3 wlan0mon b -c 1
Here option b tells MDK3 to use Beacon / SSID Flooding Mode
-c 1 tells MDK3 to broadcast all fake APs on channel 1.
You can also set the custom SSID from a file that you want to transmit to your network.
Let's create a text file named .list as shown below:
Now run the following command:
Mandate: mdk3 wlan0mon b -c 1 -f xxx.list
Here, -b defines the Beacon Flood function
-c 1 - In channel 1
-f specifies the file name
Now going to the real DOS attack, you can perform the DOS attack with MDK3 in two ways:
- Authentication Flooding
- Deauthentication Flooding
On our Authentication Flooding, too many authentication requests may cause the wireless access point to "freeze" and may stop working altogether.
Mandate: mdk3 wlan0mon a -a
Here, a defines Authentication DOS Mode
-a specifies the destination MAC address called BSSID (Base Service Set Identifier)
On our Deauthentication Flooding, works much better and does not require the resources needed for the first operation.
To do DOS with Deauthentication function, you need to save the entire BSSID address to a file and then specify the file with -b.
This command will send deauth packets to all clients that are connected to the AP specified in the file.
Mandate: mdk3 wlan0mon d -b blacklist
Here, d sets the Deauthentictaion / Disassociation Amok Mode
-b specifies the name of the file that contains the MAC addresses to attack
For a complete list of mdk3 options, type “mdk3 –fullhelp".