-
Notifications
You must be signed in to change notification settings - Fork 110
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
106 changed files
with
21,925 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
Written by Pedro Larbig "ASPj" <pedro.larbig@carhs.de>, | ||
Using the 'osdep' Injection Library from www.aircrack-ng.org | ||
|
||
Including several patches and addons from the following contributors: | ||
Antragon, moongray, Ace, Zero_Chaos, Hirte, thefkboss, ducttape, | ||
telek0miker, Le_Vert, sorbo, Andy Green, bahathir, Dawid Gajownik | ||
and Alexander Oberle | ||
THANK YOU! |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
MDK3 Changelog | ||
|
||
v8: | ||
* Updated OSdep | ||
|
||
v7: Initial Release of new codebase | ||
* Complete Rewrite | ||
* Tons of new features |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
PREFIX = /usr/local | ||
SBINDIR = $(PREFIX)/sbin | ||
MANDIR = $(PREFIX)/share/man | ||
|
||
SRC = src | ||
|
||
|
||
all: clean | ||
$(MAKE) -C $(SRC) | ||
|
||
install: all | ||
PREFIX=$(PREFIX) $(MAKE) -C $(SRC) install | ||
install -D -m 0644 man/mdk3.8 $(MANDIR)/man8/mdk3.8 | ||
gzip -f $(MANDIR)/man8/mdk3.8 | ||
|
||
.PHONY : clean | ||
clean: | ||
$(MAKE) -C $(SRC) clean | ||
|
||
test: | ||
$(MAKE) -C $(SRC) test | ||
|
||
distclean: clean |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
MDK3 TODO List | ||
|
||
* Write complete docs | ||
* Update manpage | ||
|
||
802.11 allows you to fragment each packet into as many as 16 pieces. It would be nice if we could use fragmentated packets in every attack. | ||
if you want to make the WIDS vendors hate you, also match the sequence numbers of the victims | ||
* Done for TKIP QoS reinjection | ||
* NOT done for deauth | ||
* NOT done for eapol Logoff | ||
Ad-hoc compatibility? | ||
* Works for Probing | ||
* Deauth should work (untested) | ||
* AuthDos untested (does this even work?) | ||
-> do STA flooding instead | ||
Intelligent AuthDOS with Shared Key Auth | ||
SSID Bruteforce: Read Wordlist from stdin | ||
CTS control frame flooding | ||
|
||
* Fuzzing mode modifying incoming packets or creating random ones | ||
|
||
* Beacon Flooding should also have an options to send probe requests and responses (unicast + broadcast probes) to annoy IDS ;) | ||
|
||
* Match Sequence Numbers for all attacks that impersonate somebody (like, almost all attacks do) for MAXIMUM WIDS PAIN! | ||
|
||
EAP attacks: | ||
|
||
802.1X EAP-Failure | ||
Observing a valid 802.1X EAP exchange, and then sending the station a forged EAP-Failure message. | ||
|
||
802.1X EAP-of-Death | ||
Sending a malformed 802.1X EAP Identity response known to cause some APs to crash. | ||
|
||
802.1X EAP Length Attacks | ||
Sending EAP type-specific messages with bad length fields to try to crash an AP or RADIUS server. | ||
|
||
Above table was taken from | ||
http://searchsecurity.techtarget.com/general/0,295582,sid14_gci1167611,00.html?track=wsland |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,164 @@ | ||
PKG_CONFIG ?= pkg-config | ||
|
||
ifndef TOOL_PREFIX | ||
TOOL_PREFIX = | ||
endif | ||
ifndef OSNAME | ||
OSNAME := $(shell uname -s | sed -e 's/.*CYGWIN.*/cygwin/g' -e 's,/,-,g') | ||
endif | ||
ifndef SQLITE | ||
SQLITE = false | ||
endif | ||
|
||
ifndef LIBAIRPCAP | ||
LIBAIRPCAP = | ||
endif | ||
|
||
ifeq ($(OSNAME), cygwin) | ||
EXE = .exe | ||
PIC = | ||
SQLITE = false | ||
else | ||
EXE = | ||
PIC = -fPIC | ||
ifndef SQLITE | ||
SQLITE = true | ||
endif | ||
endif | ||
|
||
COMMON_CFLAGS = | ||
|
||
|
||
|
||
ifeq ($(subst TRUE,true,$(filter TRUE true,$(sqlite) $(SQLITE))),true) | ||
COMMON_CFLAGS += -DHAVE_SQLITE | ||
endif | ||
|
||
ifeq ($(pcre), true) | ||
PCRE = true | ||
endif | ||
|
||
ifeq ($(PCRE), true) | ||
COMMON_CFLAGS += $(shell $(PKG_CONFIG) --cflags libpcre) -DHAVE_PCRE | ||
endif | ||
|
||
ifeq ($(OSNAME), cygwin) | ||
COMMON_CFLAGS += -DCYGWIN | ||
endif | ||
|
||
ifeq ($(OSNAME), Linux) | ||
ifneq ($(libnl), false) | ||
NL3xFOUND := $(shell $(PKG_CONFIG) --atleast-version=3.2 libnl-3.0 && echo Y) | ||
ifneq ($(NL3xFOUND),Y) | ||
NL31FOUND := $(shell $(PKG_CONFIG) --exact-version=3.1 libnl-3.1 && echo Y) | ||
ifneq ($(NL31FOUND),Y) | ||
NL3FOUND := $(shell $(PKG_CONFIG) --atleast-version=3 libnl-3.0 && echo Y) | ||
endif | ||
ifneq ($(NL3FOUND),Y) | ||
NL1FOUND := $(shell $(PKG_CONFIG) --atleast-version=1 libnl-1 && echo Y) | ||
endif | ||
ifneq ($(NL1FOUND),Y) | ||
NLTFOUND := $(shell $(PKG_CONFIG) --atleast-version=1 libnl-tiny && echo Y) | ||
endif | ||
endif | ||
|
||
|
||
ifeq ($(NL1FOUND),Y) | ||
NLLIBNAME = libnl-1 | ||
COMMON_CFLAGS += -DCONFIG_LIBNL | ||
endif | ||
|
||
ifeq ($(NLTFOUND),Y) | ||
NLLIBNAME = libnl-tiny | ||
COMMON_CFLAGS += -DCONFIG_LIBNL -DCONFIG_LIBNL20 | ||
endif | ||
|
||
ifeq ($(NL3xFOUND),Y) | ||
COMMON_CFLAGS += -DCONFIG_LIBNL30 -DCONFIG_LIBNL | ||
LIBS += -lnl-genl-3 | ||
NLLIBNAME = libnl-3.0 | ||
endif | ||
|
||
ifeq ($(NL3FOUND),Y) | ||
COMMON_CFLAGS += -DCONFIG_LIBNL30 -DCONFIG_LIBNL | ||
LIBS += -lnl-genl | ||
NLLIBNAME = libnl-3.0 | ||
endif | ||
|
||
# nl-3.1 has a broken libnl-gnl-3.1.pc file | ||
# as show by pkg-config --debug --libs --cflags --exact-version=3.1 libnl-genl-3.1;echo $? | ||
ifeq ($(NL31FOUND),Y) | ||
COMMON_CFLAGS += -DCONFIG_LIBNL30 -DCONFIG_LIBNL | ||
LIBS += -lnl-genl | ||
NLLIBNAME = libnl-3.1 | ||
endif | ||
|
||
NLLIBNAME ?= $(error Cannot find development files for any supported version of libnl. install either libnl1 or libnl3.) | ||
|
||
LIBS += $(shell $(PKG_CONFIG) --libs $(NLLIBNAME)) | ||
COMMON_CFLAGS +=$(shell $(PKG_CONFIG) --cflags $(NLLIBNAME)) | ||
COMMON_CFLAGS := $(COMMON_CFLAGS) | ||
endif | ||
endif | ||
|
||
ifeq ($(subst TRUE,true,$(filter TRUE true,$(airpcap) $(AIRPCAP))),true) | ||
LIBAIRPCAP = -DHAVE_AIRPCAP -I$(AC_ROOT)/../developers/Airpcap_Devpack/include | ||
endif | ||
|
||
ifneq ($(origin CC),environment) | ||
CC = $(TOOL_PREFIX)gcc | ||
endif | ||
|
||
RANLIB ?= $(TOOL_PREFIX)ranlib | ||
ifneq ($(origin AR),environment) | ||
AR = $(TOOL_PREFIX)ar | ||
endif | ||
|
||
REVISION = mdk3-v7 | ||
REVFLAGS ?= -D_REVISION=$(REVISION) | ||
|
||
OPTFLAGS = -D_FILE_OFFSET_BITS=64 | ||
CFLAGS ?= -g -W -Wall -O3 | ||
CFLAGS += $(OPTFLAGS) $(REVFLAGS) $(COMMON_CFLAGS) | ||
|
||
prefix = /usr/local | ||
bindir = $(prefix)/bin | ||
sbindir = $(prefix)/sbin | ||
mandir = $(prefix)/share/man/man1 | ||
smandir = $(prefix)/share/man/man8 | ||
datadir = $(prefix)/share | ||
docdir = $(datadir)/doc/aircrack-ng | ||
libdir = $(prefix)/lib | ||
etcdir = $(prefix)/etc/aircrack-ng | ||
|
||
GCC_OVER41 = $(shell expr 41 \<= `$(CC) -dumpversion | awk -F. '{ print $1$2 }'`) | ||
GCC_OVER45 = $(shell expr 45 \<= `$(CC) -dumpversion | awk -F. '{ print $1$2 }'`) | ||
GCC_OVER49 = $(shell expr 49 \<= `$(CC) -dumpversion | awk -F. '{ print $1$2 }'`) | ||
ifeq ($(GCC_OVER41), 0) | ||
GCC_OVER41 = $(shell expr 4.1 \<= `$(CC) -dumpversion | awk -F. '{ print $1$2 }'`) | ||
endif | ||
ifeq ($(GCC_OVER45), 0) | ||
GCC_OVER45 = $(shell expr 4.5 \<= `$(CC) -dumpversion | awk -F. '{ print $1$2 }'`) | ||
endif | ||
ifeq ($(GCC_OVER49), 0) | ||
GCC_OVER49 = $(shell expr 4.9 \<= `$(CC) -dumpversion | awk -F. '{ print $1$2 }'`) | ||
endif | ||
|
||
|
||
ifeq ($(GCC_OVER49), 0) | ||
ifeq ($(GCC_OVER41), 1) | ||
COMMON_CFLAGS += -fstack-protector | ||
endif | ||
endif | ||
|
||
ifeq ($(GCC_OVER49), 1) | ||
COMMON_CFLAGS += -fstack-protector-strong | ||
endif | ||
|
||
ifeq ($(GCC_OVER45), 1) | ||
CFLAGS += -Wno-unused-but-set-variable -Wno-array-bounds | ||
endif | ||
|
||
ifeq ($(subst TRUE,true,$(filter TRUE true,$(duma) $(DUMA))),true) | ||
LIBS += -lduma | ||
endif |
Oops, something went wrong.