Skip to main content

Destruction Mode with Charon 2 GUI

Last year we told about not so well know tool called MDK, as part of the "Cracking WEP key - Acces Point with pree-shared key (PSK" concept. Alot of time has passed by since then and now we have well workiong stable version even with GUI extension Charon. It was not much of a deal in Fall 2007, but the situation has changed. The autor has also decidedd to eneble the Destruction Mode in the menu. The extension is written in Java and is very stable. If you have not encountered the MDK tool before, it is a proof-of-concept tool from the authors of the PTW implementation in aircrack-ng (Darmstadt Lab). It tses 8 concepts of attacking wireless networks.

b - Beacon Flood Mode sends beacon frames and confuses the client by creating fake APs. This is able to make AP scanning applications and devices unusable
a - Authentication DoS mode sends auth frames to all APs in range. This results in freezinig or restarting devices
p - Basic probing a ESSID Bruteforce mode sends probe requests to APs and checks replys
d - Deauthentication / Disassociation Amok Mode. Disconnects AP's all clients
m - Michael shutdown exploitation (TKIP). Permanetnly interrupts all communication in the wireless network
x - Penetration test for 802.1X
w - WIDS/WIPS Confusion.
f - MAC filter bruteforce mode (works only on APs that use proper open auth denial)

The GUI interface makes clicking tool out of MDK and allows the use of the already mentioned Destruction Mode. Just so you know what really happens, it's scenario is described below:

Destruction mode
Destruction mode combines several attacks. This attack renders IDS Cisco useless. On system that dont colapse, it at least breaks the routing table. In the last version, the proccess is semi-automatic.

1. Beacon flood generates fake Access Points with the victim's SSID
2. Auth-DoS floods victim's AP with auth requests (ini inteligentnt mode)
3. Amok mode dissasociates clients from the AP
4. WIDS confusion mód connects the clients via fake APs back to the 'real' AP

In result, noone is able to connect because Amok mode disconnects anyone who tries, clients detect thousands of AP with no clue on whichone is the realone. That will produce a nice beacon flood. The real AP will be too busy processing auth frames generated by Auth-DoS.

via: airdump.net

Comments

Popular posts from this blog

Test New ALFA-AWUS036H v.2 (1.000mW) VS ALFA-AWUS036H v.1 (500mW)

- Recently emerged the New ALFA-AWUS036H v.2 (1.000mW), and these are the tests. TEST WITH NETSTUMBLER 1) usb da 100mW chipset railink 2) usb da 200mW chipset railink rt73 3) intel 2200 b/g con connettore esterno rp-sma 4) Alfa-AWUS036H 500mW 5) New Alfa-AWUS036H V2 da 1.000mW

TBS5520 Multi-standard TV Tuner USB Box review

Noul TBS5520 Multi-standard TV Tuner USB Box a celor de la TBS se foloseste de RafaelMicro R848 multi-standard tuner si  AVL6882 Demodulator pentru a reda urmatoarele standarde: ETSI EN 302-755 V1.3.1 (DVB-T2/T2-Lite) ETSI EN 300-744 V1.6.1 (DVB-T) ETSI EN 300-429 V1.2.1 (DVB-C) ETSI EN 307-421 V1.2.1 (DVB-S2) ETSI EN 300-421 V1.1.2 (DVB-S) ARIB STD-B31 V1.6-E2 (ISDB-T) ITU-T J.83 Annex B 12/2007 (J.83/B) http://www.tbsdtv.com/products/tbs5520_multi-standard_tv_tuner_usb_box.html Pe aspectul fizic nu insist, sunt destule fotografii pe internet, vreau doar sa punctez cateva aspecte: pentru alimentare este necesar cablu Y USB - este singura modalitate de a furniza energie si de aici avem o limitare in ceea ce priveste functionalitatea cu motor HH mobilitate sporita si posibilitatea alimentarii directe din bateria unui notebook sau chiar conectarea la Tableta Android (de indata ce driverele vor fi gata) “TBS 5520 USB2.0 in warm state” nici rece dar nici fierbin

FTS4BT Wireless Bluetooth® Protocol Analyzer & Packet Sniffer

Complex & Ever Changing Bluetooth is an extremely complex software and hardware technology that is evolving fast. Even the most experienced Bluetooth developers and test engineers are challenged by keeping up with the latest changes from the baseband all the way to the profile level. Interoperability There are now enough Bluetooth-enabled devices on the market to prove that the technology is viable. Commercial success is tied to making sure that your devices interoperate smoothly so consumers can realize the benefits of Bluetooth. Currently Supported Version 2.1+EDR Features: Extended Inquiry Response. Secure Simple Pairing. QoS. Non-Automatically Flushable Packet Boundary Flag. Sniff Subrating. Erroneous Data Reporting. Encryption Pause and Resume. Link Supervision Timeout Changed Event. Security Mode 4. Supports EDR (Enhanced Data Rate): FTS4BT is the only analyzer currently on the market to support Bluetooth v2.1 + EDR. Finger-sized Bluetooth ComProbe: Air sniffing hardware