MDK3 Option B method – Beacon Flood (With proof of working too)

July 24, 2015 | Views: 14151

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

MDK3 Option B.

Option -b means it’s a beacon flood, it will send to a target a lots of fake APs, which can crash scanners, drivers and make more harm to a target then you imagine, and can suprise you a lot if you don’t take any cauction with this attack.

1. airmon-ng start wlan0 ->>>> Should say this ” (monitor mode enabled on mon0) ” to make sure it’s enabled write: airmon-ng

2. Type now airodump-ng mon0
( You will now see a list with stations, bssid and continued. – You will know about this also if you know about aircrack-ng )

3. We are looking for our target under “station” it means it’s the computer you want to attack on the network.
Make sure you are not taking the BSSID then you have to use the option -a (So make sure you pick the ESSID)

4. Now to the attacking part you will be typing following: mdk3 mon0 b -t station/bssid -c channel
You can also choose to send packets each second by typing following: mdk3 mon0 b -t station/bssid -s 360
(360 is the packets you want to send each second, you can change that.)

And same as always you can stop the attack to ctrl + c

(Beside your attack are running –  open a new TAB and write airodump-ng mon0
and you see that beacon is growing and data.. )

Fake APs: – growing beacon and data:

Understanding beacon flood:
Little extra.
Understanding of options…

b   – Beacon Flood Mode
Sends beacon frames to show fake APs at clients.
This can sometimes crash network scanners and even drivers!
a   – Authentication DoS mode
Sends authentication frames to all APs found in range.
Too much clients freeze or reset some APs.
p   – Basic probing and ESSID Bruteforce mode
Probes AP and check for answer, useful for checking if SSID has
been correctly decloaked or if AP is in your adaptors sending range
SSID Bruteforcing is also possible with this test mode.
d   – Deauthentication / Disassociation Amok Mode
Kicks everybody found from AP
m   – Michael shutdown exploitation (TKIP)
Cancels all traffic continuously
x   – 802.1X tests
w   – WIDS/WIPS Confusion
Confuse/Abuse Intrusion Detection and Prevention Systems
f   – MAC filter bruteforce mode
This test uses a list of known client MAC Adresses and tries to
authenticate them to the given AP while dynamically changing
its response timeout for best performance. It currently works only
on APs who deny an open authentication request properly
g   – WPA Downgrade test
deauthenticates Stations and APs sending WPA encrypted packets.
With this test you can check if the sysadmin will try setting his
network to WEP or disable encryption.

Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
  1. Glad that you all like this share. Hope that everyone can use this and hopefully also perfectly execute. Else pm me in advance if any problems.

    Best regards, Kevin Mark.

  2. i think mdk3 made my homemade yagi antenna un-usable lol 😀 beware of using your homemade antennas as if they were machineguns taking out APs

Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?