Our Cyber War Scenario
Your
side, the good guys, of course, are about to launch an attack against the bad
guys. Your mission is to knock out all of the wireless communication from their
field command and control center so that your army can attack without any
notifications being sent via Wi-Fi.
Of
course, in this scenario, we are only knocking out Wi-Fi communication. The bad
guys could certainly still communicate by cellular phone, by wired communication,
by satellite, etc., but those are the tasks of your compatriots. Your single
task is to knock out their Wi-Fi communication indefinitely, or at least, as
long as possible.
How We'll Get the Job Done
In this tutorial, we will use Aircrack-ng and
a BASH shell script that will DoS a wireless AP continuously. Unlike
other resources on the web, APs are VERY easy to deny access to. There are
multiple ways to DoS a wireless AP, but among the easiest is to use the
de-authenticate frame.
Step 1:
Put Your Wireless Adapter into Monitor Mode
First, fire up Kali and open a terminal.
Then, in order to use Aircrack-ng effectively, we need to put our wireless
adapter into monitor mode. This is the equivalent of promiscuous mode on a
wired network card. When we do this, we can see all the wireless traffic
passing through the air around us.
kali > airmon-ng start wlan0
Step 2:
Use Airdump-Ng to Get the Parameters
Now that we have our adapter in monitor mode, we
need to use Airdump-ng to view all the parameters of all the traffic
around us.
kali airodump-ng mon0
Note
that the enemy's AP is named "TheDragonLair." That is the AP we will
be DoSing, and that is the MAC address we need to write our script. In this
case, it is 78:CD:8E:3B:B7:08, but yours, of course, will be different.
Step 3:
Open a Text Editor & Write the Script
Now, we are going to use Aireplay-ng to
de-authenticate the users on TheDragonLair AP. You will need a text editor to
create our script. Here, I will be using Leafpad, but you can use any text
editor of your choice.
We want
a script that will send de-authentication frames to the AP and all clients,
knocking everyone off the network. After doing so, we will give them 60 seconds
to re-authenticate and then de-authenticate them again. We could write the
script to send continuous de-authenticate frames, but that would likely be met
with a countermeasure. We want to both confuse and block any effective wireless
communication by the enemy.
Copy this script into your text editor, replacing the MAC
address with the MAC address of your target AP. This simple script does the
following.
·
#!/bin/bash tells the terminal what
interpreter to use.
·
for
i in {1..5000} creates
a for loop that will execute our commands 5,000 times.
·
do contains the commands we
want to execute. Everything after the do and before the done will be executed
in each loop.
·
aireplay-ng sends the deauth frames
1,000 times (the default is continuous) to the MAC address of the AP (-a) from
the interface mon0.
·
sleep
60s tells
the script to sleep for 60 seconds. In this way, the clients will be able to
re-authenticate for 60 seconds before we send another deauth flood. Hopefully,
this short interval will lead them to believe that the problem is with their AP
and not us.
·
done closes the for loop.
The way
we have written this script, it will de-authenticate ALL clients. Some APs will
not allow this, and we would have to rewrite this script with the individual
MAC addresses we want to de-authenticate.
Now, save the script as wirelessDoS.
Step 4:
Change Permissions
To be able to execute the script, we will need to
give ourselves execute permissions. We use the Linux command chmod for
this.
kali > chmod 755 wirelessDoS
Step 5:
Execute the Script
Finally,
we execute the script by typing:
kali > ./wirelessDoS
Now that
we have disabled the enemy's wireless communication, they may try to block your
MAC address. An advanced variation of this script would be one where you use a
tool like macchanger to change your MAC address before each de-authentication
making it much harder for the enemy to block you deauth frames.
Keep
coming back, my nascent hackers, as we delve deeper into the world of hacking,
cyber warfare, and cyber espionage!
No comments:
Post a Comment