Skip to content

Commit

Permalink
copy code from mdk3
Browse files Browse the repository at this point in the history
  • Loading branch information
E7mer committed Feb 5, 2018
1 parent cac4593 commit 91594bb
Show file tree
Hide file tree
Showing 106 changed files with 21,925 additions and 0 deletions.
8 changes: 8 additions & 0 deletions AUTHORS
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
Written by Pedro Larbig "ASPj" <pedro.larbig@carhs.de>,
Using the 'osdep' Injection Library from www.aircrack-ng.org

Including several patches and addons from the following contributors:
Antragon, moongray, Ace, Zero_Chaos, Hirte, thefkboss, ducttape,
telek0miker, Le_Vert, sorbo, Andy Green, bahathir, Dawid Gajownik
and Alexander Oberle
THANK YOU!
8 changes: 8 additions & 0 deletions CHANGELOG
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
MDK3 Changelog

v8:
* Updated OSdep

v7: Initial Release of new codebase
* Complete Rewrite
* Tons of new features
674 changes: 674 additions & 0 deletions COPYING

Large diffs are not rendered by default.

23 changes: 23 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
PREFIX = /usr/local
SBINDIR = $(PREFIX)/sbin
MANDIR = $(PREFIX)/share/man

SRC = src


all: clean
$(MAKE) -C $(SRC)

install: all
PREFIX=$(PREFIX) $(MAKE) -C $(SRC) install
install -D -m 0644 man/mdk3.8 $(MANDIR)/man8/mdk3.8
gzip -f $(MANDIR)/man8/mdk3.8

.PHONY : clean
clean:
$(MAKE) -C $(SRC) clean

test:
$(MAKE) -C $(SRC) test

distclean: clean
38 changes: 38 additions & 0 deletions TODO
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
MDK3 TODO List

* Write complete docs
* Update manpage

802.11 allows you to fragment each packet into as many as 16 pieces. It would be nice if we could use fragmentated packets in every attack.
if you want to make the WIDS vendors hate you, also match the sequence numbers of the victims
* Done for TKIP QoS reinjection
* NOT done for deauth
* NOT done for eapol Logoff
Ad-hoc compatibility?
* Works for Probing
* Deauth should work (untested)
* AuthDos untested (does this even work?)
-> do STA flooding instead
Intelligent AuthDOS with Shared Key Auth
SSID Bruteforce: Read Wordlist from stdin
CTS control frame flooding

* Fuzzing mode modifying incoming packets or creating random ones

* Beacon Flooding should also have an options to send probe requests and responses (unicast + broadcast probes) to annoy IDS ;)

* Match Sequence Numbers for all attacks that impersonate somebody (like, almost all attacks do) for MAXIMUM WIDS PAIN!

EAP attacks:

802.1X EAP-Failure
Observing a valid 802.1X EAP exchange, and then sending the station a forged EAP-Failure message.

802.1X EAP-of-Death
Sending a malformed 802.1X EAP Identity response known to cause some APs to crash.

802.1X EAP Length Attacks
Sending EAP type-specific messages with bad length fields to try to crash an AP or RADIUS server.

Above table was taken from
http://searchsecurity.techtarget.com/general/0,295582,sid14_gci1167611,00.html?track=wsland
164 changes: 164 additions & 0 deletions common.mak
Original file line number Diff line number Diff line change
@@ -0,0 +1,164 @@
PKG_CONFIG ?= pkg-config

ifndef TOOL_PREFIX
TOOL_PREFIX =
endif
ifndef OSNAME
OSNAME := $(shell uname -s | sed -e 's/.*CYGWIN.*/cygwin/g' -e 's,/,-,g')
endif
ifndef SQLITE
SQLITE = false
endif

ifndef LIBAIRPCAP
LIBAIRPCAP =
endif

ifeq ($(OSNAME), cygwin)
EXE = .exe
PIC =
SQLITE = false
else
EXE =
PIC = -fPIC
ifndef SQLITE
SQLITE = true
endif
endif

COMMON_CFLAGS =



ifeq ($(subst TRUE,true,$(filter TRUE true,$(sqlite) $(SQLITE))),true)
COMMON_CFLAGS += -DHAVE_SQLITE
endif

ifeq ($(pcre), true)
PCRE = true
endif

ifeq ($(PCRE), true)
COMMON_CFLAGS += $(shell $(PKG_CONFIG) --cflags libpcre) -DHAVE_PCRE
endif

ifeq ($(OSNAME), cygwin)
COMMON_CFLAGS += -DCYGWIN
endif

ifeq ($(OSNAME), Linux)
ifneq ($(libnl), false)
NL3xFOUND := $(shell $(PKG_CONFIG) --atleast-version=3.2 libnl-3.0 && echo Y)
ifneq ($(NL3xFOUND),Y)
NL31FOUND := $(shell $(PKG_CONFIG) --exact-version=3.1 libnl-3.1 && echo Y)
ifneq ($(NL31FOUND),Y)
NL3FOUND := $(shell $(PKG_CONFIG) --atleast-version=3 libnl-3.0 && echo Y)
endif
ifneq ($(NL3FOUND),Y)
NL1FOUND := $(shell $(PKG_CONFIG) --atleast-version=1 libnl-1 && echo Y)
endif
ifneq ($(NL1FOUND),Y)
NLTFOUND := $(shell $(PKG_CONFIG) --atleast-version=1 libnl-tiny && echo Y)
endif
endif


ifeq ($(NL1FOUND),Y)
NLLIBNAME = libnl-1
COMMON_CFLAGS += -DCONFIG_LIBNL
endif

ifeq ($(NLTFOUND),Y)
NLLIBNAME = libnl-tiny
COMMON_CFLAGS += -DCONFIG_LIBNL -DCONFIG_LIBNL20
endif

ifeq ($(NL3xFOUND),Y)
COMMON_CFLAGS += -DCONFIG_LIBNL30 -DCONFIG_LIBNL
LIBS += -lnl-genl-3
NLLIBNAME = libnl-3.0
endif

ifeq ($(NL3FOUND),Y)
COMMON_CFLAGS += -DCONFIG_LIBNL30 -DCONFIG_LIBNL
LIBS += -lnl-genl
NLLIBNAME = libnl-3.0
endif

# nl-3.1 has a broken libnl-gnl-3.1.pc file
# as show by pkg-config --debug --libs --cflags --exact-version=3.1 libnl-genl-3.1;echo $?
ifeq ($(NL31FOUND),Y)
COMMON_CFLAGS += -DCONFIG_LIBNL30 -DCONFIG_LIBNL
LIBS += -lnl-genl
NLLIBNAME = libnl-3.1
endif

NLLIBNAME ?= $(error Cannot find development files for any supported version of libnl. install either libnl1 or libnl3.)

LIBS += $(shell $(PKG_CONFIG) --libs $(NLLIBNAME))
COMMON_CFLAGS +=$(shell $(PKG_CONFIG) --cflags $(NLLIBNAME))
COMMON_CFLAGS := $(COMMON_CFLAGS)
endif
endif

ifeq ($(subst TRUE,true,$(filter TRUE true,$(airpcap) $(AIRPCAP))),true)
LIBAIRPCAP = -DHAVE_AIRPCAP -I$(AC_ROOT)/../developers/Airpcap_Devpack/include
endif

ifneq ($(origin CC),environment)
CC = $(TOOL_PREFIX)gcc
endif

RANLIB ?= $(TOOL_PREFIX)ranlib
ifneq ($(origin AR),environment)
AR = $(TOOL_PREFIX)ar
endif

REVISION = mdk3-v7
REVFLAGS ?= -D_REVISION=$(REVISION)

OPTFLAGS = -D_FILE_OFFSET_BITS=64
CFLAGS ?= -g -W -Wall -O3
CFLAGS += $(OPTFLAGS) $(REVFLAGS) $(COMMON_CFLAGS)

prefix = /usr/local
bindir = $(prefix)/bin
sbindir = $(prefix)/sbin
mandir = $(prefix)/share/man/man1
smandir = $(prefix)/share/man/man8
datadir = $(prefix)/share
docdir = $(datadir)/doc/aircrack-ng
libdir = $(prefix)/lib
etcdir = $(prefix)/etc/aircrack-ng

GCC_OVER41 = $(shell expr 41 \<= `$(CC) -dumpversion | awk -F. '{ print $1$2 }'`)
GCC_OVER45 = $(shell expr 45 \<= `$(CC) -dumpversion | awk -F. '{ print $1$2 }'`)
GCC_OVER49 = $(shell expr 49 \<= `$(CC) -dumpversion | awk -F. '{ print $1$2 }'`)
ifeq ($(GCC_OVER41), 0)
GCC_OVER41 = $(shell expr 4.1 \<= `$(CC) -dumpversion | awk -F. '{ print $1$2 }'`)
endif
ifeq ($(GCC_OVER45), 0)
GCC_OVER45 = $(shell expr 4.5 \<= `$(CC) -dumpversion | awk -F. '{ print $1$2 }'`)
endif
ifeq ($(GCC_OVER49), 0)
GCC_OVER49 = $(shell expr 4.9 \<= `$(CC) -dumpversion | awk -F. '{ print $1$2 }'`)
endif


ifeq ($(GCC_OVER49), 0)
ifeq ($(GCC_OVER41), 1)
COMMON_CFLAGS += -fstack-protector
endif
endif

ifeq ($(GCC_OVER49), 1)
COMMON_CFLAGS += -fstack-protector-strong
endif

ifeq ($(GCC_OVER45), 1)
CFLAGS += -Wno-unused-but-set-variable -Wno-array-bounds
endif

ifeq ($(subst TRUE,true,$(filter TRUE true,$(duma) $(DUMA))),true)
LIBS += -lduma
endif
Loading

0 comments on commit 91594bb

Please sign in to comment.