Hackers have replaced your uploads with malware, this is now a virus:
http://www.datafilehost.com/d/3c81deb0
and same with:
http://www.datafilehost.com/d/fd192b6d
Hackers have replaced your uploads with malware, this is now a virus:
http://www.datafilehost.com/d/3c81deb0
and same with:
http://www.datafilehost.com/d/fd192b6d
Thank you John Doe. We found an .exe file in place of the .zip package. We have deleted all three VMR releases and reloaded on 8 March as follows:
Download VMR-MDK011x8 package at:
http://www.datafilehost.com/d/4f95b97f
You can download VMR-MDK-K2-2016R-011x9.zip package at
http://www.datafilehost.com/d/c2a2b474
MTeams
@mmusket33
I still don't understand why you haven't made a github of your projects yet.
It's significantly more professional looking, and people can collaborate issues and suggestions.
And likely-hood of your files being compromised(assuming you choose a good password) is pretty
much null, so you won't have to keep changing the links or using apparently risky output channels.
Send me a msg if you need help setting something up :-)
Last edited by aanarchyy; 2016-03-09 at 00:40. Reason: Typo
To aanarchyy.
MTeams completely agree and we tried this but it appeared to post a download package required a pay account so we dropped the idea. We have an account we will have to find the password.
And furthermore we welcome any help here and correct us if we are wrong.
MTeams
Pay account? I have a few projects on my github, and plan a few more, and have not paid one red cent...
Either way, easiest ways you can contact me is my skype or maybe a PM on HF, or email ([email protected]).
Or meet up in the kali IRC channel( I'm usually there idling XD)
Hopefully we can set up some type of conversation sometime soon. Been interested in talking to you for a bit anyway :-)
Last edited by aanarchyy; 2016-03-09 at 03:53.
I have the exact same problem. I was able to run MDK3 just fine right before I followed the installation instructions of this too. But now even normal MDK3 won't work. It just says No such file or directory.
Things I have tried so far to fix this :
- Removed this took
- Re-installed default mdk3
-apt-get update and upgrade.
Still no luck. I am just not able to get the mdk3 tool to run. Every other tool works just fine.
Any help will be appreciated, thanks!
To Mayank017
You should have a mdk3 folder in root.
cd to the folder in root and run mdk3
./mdk3 [ENTER]
You should get the help file
Please tell us the Operating System you are using. We only support kali 1.10a 2.0 and 2016.1R
We will test the help instructions again BUT you should now have two mdk3 programs. One must be run from the folder in root. VMR-MDK looks for that root install. Using just the mdk3 command in the Terminal Window should give you the original mdk3 program that came with the program.
MTeams
Today I came across a router dats wps enabled and not locked. Funny thing is reaver doesn't work against it. That is there would be a successful association but. No pin counts it just keeps entering recurring delays... P1 still at zero. I wonder if it's my kali or sumfin am not doing right. I first ran vmr-mdk. Before trying reaver separately. Still same ish. No response for pin collections.
Please mmusket33 lemme know what you fink.
To Chnkingz
The tool of choice in most WPS pin collection cases is the command line. VMR-MDK and other programs using DDOS processes are really big guns that usually do not need to be employed. Many networks just lock up if the DDOS process is too intense.
If the Network in question is open MTeams would only use DDOS as a last resort and then for very limited time 10 to 20 seconds
In the case you mentioned above we suggest you use varmacscan. The latest version is available for download. Just turn it on and walk away. The program scans for WPS enabled Networks and then attacks each in turn with reaver. The scan and then reaver phase continues for as many cycles as you require.
Alternatively you could try Bully. See the threads in this section. We cannot help you with Bully.
MTeams
Last edited by mmusket33; 2016-03-11 at 00:41.
thank you and your awesome team for making life easier. I just want to say that on "Fritz Box Fon" model routers Manufactured by Http://www.avm.de doesn't work.
To wmxuser:
Thank you for your input.
MTeams has found that even the same make of router by mac code can react differently to the VMR-MDK series. This is why we have never ask for nor published a list of routers which are susceptible to the VMR-MDK approach. The only way to know if WPS pins can be obtained is to test that specific WPS Locked router for a few days.
Furthermore we have cracked WPS locked routers which when locked did not give up pins BUT during the VMR-MDK process, the router opened and the pin reset to 12345670 resulting in an extraction of the WPA Key.
So our rule is to test each specific router for the vulnerability and ignore the make and model.
MTeams
I admire the work done and time consuming for a personal satisfaction or therapy, but as a constructive criticism I believe that recently +/-
a lot of new process are just the pretty much the same dog with different collar. Just my 2cent, but let's keep testing and enjoy the time and keep watching when process runs and the uploads at our side network. Happy testing,
Thanks mmusket33,
If you could remove all the confirmations ('y') in the next release I would appreciate
Kali Linux USB Installation using LinuxLive USB Creator
Howto Install HDD Kali on a USB Key
Clean your laptop fan | basic knowledge
If you could remove all the confirmations ('y') in the next release I would appreciate [/QUOTE]
all those "y"es makes me feel like a baby with his mother at the toy store "so.. do you want this? are you sure? what about that?" why don't you pm Aanarchyy. he's the boss of writing/changing scripts. or you can do it yourself
Hi,
How do I disable FCS check? If there is that option?
Thanks.
Screenshot from 2016-03-16 22-40-37.jpg
Last edited by mk7e; 2016-03-16 at 22:12.
which version of reaver are you using?
You may need to update.
Last edited by aanarchyy; 2016-03-16 at 22:27.
I'm ditching Reaver. Code is way too buggy. Bully works SO much better and also runs on more *nix distributions... @mmusket I think you should switch to Bully for future scripts.
and the FCS checks are automatic :-p
But then why only one? It's a funny thing that on some APs, reaver 1.3 works better than 1.4-1.5 for example. I would like to see all of them as starting options including Bully.
- Would you like to choose from the wash list? Press (y/Y) to continue....
- y
- Enter (y/Y) to confirm or (n/N) to try again.
- y
- You have chosen BongoWiFi, are you sure about this? Press (y/Y) to continue....
- Y
- Seems to be a slow AP, but whatever. Enter (y/Y) to confirm the previous confirmation or (n/N) to try again.
- Y
- Would you like chicken? Enter (y/Y) to confirm or (n/N).
- N
- Lol ok just checking if you 'n' key is working. To confirm (n/N).
- N
- Would you like to put your wireless device into monitor mode? Press (y/Y) to continue....
- y
- You have chosen (y/Y). Enter (y/Y) to confirm or (n/N) to try again.
- y
- Enter (y/Y) to confirm the previous confirmation or (n/N) to try again.
- YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY Y
- You seem just about to blow a gasket? Are you ok? Press (y/Y) to continue....
- Y !@#$%?&*()_
- Press (y/Y) to continue or confirm that you have actually blown a gasket and about to throw your lappy out the window (f/F)....
- F
- Oh well that will cause some delay in operations then. Press (y/Y) to continue....
- F
- You entered 'F' and that was not an option. Too bad eh? Press (y/Y) to continue....
- Crtl+C
two things I do not do. One of them is coding.
Kali Linux USB Installation using LinuxLive USB Creator
Howto Install HDD Kali on a USB Key
Clean your laptop fan | basic knowledge
Up to date version of reaver is 1.5.2, in which the -C flag(the one to ignore bad FCS) has been reversed. Perhaps mmusket33 could add some version checking? I would love to help you, but no guthub to pull request...
I have MULTIPLE suggestions to clean up code(and i can also see there has been some "shoehorned" code and multiple different coding styles to suggest multiple contributors.... really needs to be some consistency to increase readability, reliability, and reusability of the code), but it is not my project, and i'm not gonna step on another coders toes, so yeah...
and check if aircrack-ng --wps says it sees WPS as enabled. I've found wash to kinda... well... suck at actually being accurate at times...
Last edited by aanarchyy; 2016-03-17 at 00:37.
What is your problem?
You can change all confirms in this code for your self so easy
change toecho -e "$inp Press $yel(y/Y)$inp to continue...."
echo -e " Press $yel(n/N)$inp to abort!!..Press any other key to try again:$txtrst"
read CONFIRM
#echo -e "$inp Press $yel(y/Y)$inp to continue...."
#echo -e " Press $yel(n/N)$inp to abort!!..Press any other key to try again:$txtrst"
CONFIRM=Y
Last edited by Laserman75; 2016-03-17 at 00:56.
Reaver is all code ripped from Hostapd, it was meant to be a quick and crappy solution. Bully, was developed correctly and wasn't just a quick solution. In my testing, Bully completed the WHOLE process of obtaining a key at a distance farther than it should've worked in 1/30 the time Reaver would've taken. Reaver is just really *@&$%* code.
t6_x just implemented the pixie dust attack into it, never really fixed the rest of the code.
I'm actually surprised AAnarchYY's Bully hasn't made it into the Kali repos yet. @g0tmilk, make this happen!
Also mmusket, I strongly urge you to put your code on GitHub so you can get better community input and involvement. Also beats having to post new download links each time, and it's a safe place to store all your projects.
Loaded 10 March 2016
https://github.com/musket33/VMR-MDK-Kali2-Kali2016. try reading also the first page soxrok
to Quest: wich is the other thing you won't do? having chicken i presume, as in the script?
Last edited by bob79; 2016-03-17 at 07:12.
To soxrok2212
MTeams tried to substitute Bully for reaver in varmacscan a less code intensive program but Bully did not function well in xterm windows. We ran several tests for almost a month with Bully and Reaver and Reaver functioned fine while Bully failed every time. Your previous comments did not go unnoticed
However MTeams will start another test series using Bully and see if we can figure out why? In our areas of operation Bully does not work well even from the command line in a terminal window.
Musket Teams
A repository that only hosts a zip file...
Uhm... that's kinda.. pointless...
@mmusket33, are you using some kinda specialized version of mdk3 that you have to include a PRE-COMPILED binary with your script?
To aanarchyy
Our associate C++ programmer wrote an additional mdk3 attack type. He was in contact with soxrok2212 on the matter and it might be posted on github not sure?
We can post the latest VMR-MDK script in raw format if you wish. If you wish to post it fine by us.
Reference Bully it did not function for us at all compared to Reaver. We embedded bully in varmacscan, it ran first then reaver ran against all targets seen. Bully did not function well in xterm windows. We then tried it from the command line. Against our targets reaver ran fine while bully did nothing.
We did these tests for over a month thinking we were doing something wrong. After a month we just gave up.
Again we will check the Bully version and retest. The test scripts are stored. You might give us your favorite bully command line to test again.
MTeams
as mmusket33, also in my area bully doesn't work. i believe it might be a lil too intrusive. all aps cracked with reaver +K 1, bully wasn't able to do it. the ap locks itself or even timeout on me while bully tries it's features. and another thing.. reaver reaches -70dbm and more maybe working a little slow(but it does), while bully tells that those(far away) aps are not in range or wps locked etc.
if bully gets a little too aggressive, then just increase the time per pin (it defaults to 0). And I've had bully work just fine for me even in the -80's whereas reaver can't even associate with AP's in the -40's. Obviously I'm talking about the version i made, not the one that comes with kali.
But to each their own, I prefer bully as it actually works on Openwrt and several other pieces of hardware that reaver fights with.
and mmusket33, why wouldn't you just make mdk3 it's own separate repo? It is a separate tool. ;-) Then just add in the readme that it requires that to be installed.
Just like how reaver says that it requires pixiewps to be installed to use the pixiedust attack.
Last edited by aanarchyy; 2016-03-17 at 18:58.
I was hesitant to switch to Bully but I've found the same exact results. Distance is no longer a problem with Bully and everything runs much, much quicker.
Also, I do have the modified version of MDK3 if you'd like me to put it back on GitHub, though I didn't have any success with the extra modifications.
Bob, the other one is 3D modeling. The reason is, there are very talented ppl that already do an amazing job at coding and modeling, so I do not see why I should do that, ontop of doing everything else. So coding and modeling is a definite niope
Kali Linux USB Installation using LinuxLive USB Creator
Howto Install HDD Kali on a USB Key
Clean your laptop fan | basic knowledge
To aanarchyy
When approaching WPS locked routers the processes must be automated due to the complex series of steps required to extract pins. Using keyboard output to the commandline is not practicable.
As you have written a bully version maybe you can tell us why bully does not function well when in an xterm window or when outputting to a file thru tee"
For example the following with reaver runs well however bully output to the screen and tee is intermittent and no pins are ever collected.
xterm -g 80x15-1+1 -T "bully" -e "bully wlan0mon -b 55:44:33:22:11:00 -c 1 -B --force -v 3 -L -d -s 00:11:22:33:44:55 2>&1 | tee logfile" &
It could be xterm but we got the same results when we tried the commandline thru a terminal window.
what results were you expecting and what results did you get?
running the command you just posted seemed to work just fine for me. All output ended up in "logfile" and posted in the xterm... bully went on as usual... (slightly altered)
http://postimg.org/image/h5ebomytz/
This would be far easier(and litter your thread less) if you and i could arrange some other means of communication...
To aanarchyy:
MTeams is currently tied up with Pwnstar9.0 rewrite for kali 1.10, 2.0 and 2016. We would very much like you to alter VMR-MDK as you see fit. Second opinions are always welcome. You could post your rework on Github.
in behalf of us dropouts... Thanks for supporting KL1 in everything that you do
Kali Linux USB Installation using LinuxLive USB Creator
Howto Install HDD Kali on a USB Key
Clean your laptop fan | basic knowledge
i have to give credit to Quest.. KL1 rocks.. KL2 asks some time and.. there's others
@mmusket33:
As tempting as it is to wade through and rewrite +8k lines of code... I think i may pass on this one...
There is far too little structure to the code for me to make sense of it...
Then why would you make a program that is DESIGNED to work off "keyboard output to the commandline"????
Something with command line arguments; you type in your command, hit enter, and WALK AWAY!
I don't want to have to babysit a program in case it wants more input...
The whole concept of "input based" scripts(as opposed to command line arguments) is, by design ,NOT AUTOMATED!!!!
Plus i just find them seriously annoying and bloated with ****(read: slow!)
It also completely eliminates versatility in how it can be reused(no way for anyone to add it to anything, like how bully and reaver added support for pixiewps,
or how scripts like wifite added support for aircrack/reaver/wash/etc...)
It would take far more time than justifiable to basically "reverse engineer" everything this script is doing, especially since i don't see a reason for
a great deal of what it's doing... Perhaps if you were to lay-out exactly what you want this to do, i could make something that does what you are
looking for(in a better suited language, using bash sucks for this)
Especially since mdk3 has never done anything useful for me in any of the tests I've run...
I'm not trying to publicly trash your teams code(a GREAT deal of why I've been trying to get into a private conversation with you, so we could discuss
some of this more privately, but apparently you opted for this) just have some suggestions to improve your programs efficiency, effectiveness, and versatility.
Last edited by aanarchyy; 2016-03-20 at 05:34.
To Quest
MTeams will continue to support Kali 1.10. For us Kali 1.10 works all the time, Kali 2.0 can work and Kali 2016 well we will check it again in a month or two.
MTeams
ah! Was wondering where this thread went. Either it was moved from the kitchen, or I need a doctor asap. Anyways just to give you a little feedback,
- it works well on KL 1.1.0a (probly already knew).
- would like to see both, aanarchyy-bully and reaver-t6x as starting options eventually.
- would like to see all the (y/Y) confirmations, axed, shredded and then cremated at 5452 degrees c.
Kali Linux USB Installation using LinuxLive USB Creator
Howto Install HDD Kali on a USB Key
Clean your laptop fan | basic knowledge
thank you can you please add a download link + the command to install it
okay so ive been on this particular router for quite some time now...and i dont really seem to get whats going...ive used the vmr tool to pwn mr A, and now mr B is using the same kinda router mr A uses. but ive noticed one strange behaviour with the router, after some time of trying to pwn it , it duplicates its bssid example...
aa:aa:aa:aa:aa:aa gets two brothers aa:aa:aa:aa:aa:bb and aa:aa:aa:aa:aa:cc . i doubt it that someone would be running an evil twin attack cloning his mac and changing the last octets...so
bottom line when this guys are created sometyms vmr wouldnt be able to perform the fake association - aireplay attack for pin collection.sometyms i try to attack them one after the other to see who are the decoys and who is real.
i dunno if its some sorta IDS.
i should also add that mr A's router had none of such issues. and also mr B's router is seldom connected to...but still, i just want in!
and dont worry about my safety i know who and what am dealing with.
please if you've got any ideas, help a bro out.
tnx in advance.
Last edited by Chunkingz; 2016-03-27 at 22:49.