Linux

 

Linux tools, Howtos

 

Tools Index

 

Wireless Commands

 

FC6 Build Howto

 

FC5 Build Howto

 

FC4 Build Howto

 

Live Linux Distros

 

 

Site Search

 

 

 

 

Windows

 

WIN32 tools, Howtos

 

Tools Index

 

 

Get Firefox!

 

 

General

 

Miscellaneous WI-FI

 

Default WI-FI Settings

 

Rogue AP Howtos

 

WI-FI Certifications

 

802.11 Standards

 

STEP BY STEP Guides

 

Formats / Extensions

 

WI-FI Home Security

 

Useful Links

 

 

 

 

 

Void11 Main:

 

"Void11 a  free implementation of some basic 802.11b attacks." -www.wlsec.net

Project homepage: http://www.wlsec.net/void11 (Currently offline)

Local Mirror: void11-0.2.0.tar.bz2   MD5: 1c5b3e3e70916de74c2932c7f3e46d9e

Local Mirror: hostapd-0.1.3.tar.gz   MD5: 54563fb51f143c4bf26ddec2516e8f9f

NOTE: Void11 only works with the hostap driver (e.g. the Prism card)

 

 

 

Void11 Installation:

 

The following installation process assumes that you are utilising the Auditing Laptop Build as described in the Auditing Laptop Build: HOWTO 

 

* Void11 only works with the hostap driver (e.g. the Prism card)

 

Download hostapd-0.1.3.tar.gz from http://hostap.epitest.fi/releases to /tools/wifi  (The void11 install does not work with later versions of hostapd)

 

cd /tools/wifi/

 

tar zxvf hostapd-0.1.3.tar.gz

 

cd hostapd-0.1.3

 

make

 

Download void11-[version].bz2 from http://www.wlsec.net/void11 to /tools/wifi

 

cd /tools/wifi

 

bunzip2 void11-version].bz2

 

tar xvf void11-[version].tar

 

cd void11-[version]

 

make HOSTAPD_PATH=/tools/wifi/hostapd-0.1.3 USEGTK=1 USECONSOLE=1 all install

 

This will fail, but it will create libvoid11.so in /tools/wifi/void11-[version]/lib

 

cp lib/libvoid11.so /usr/lib

 

make HOSTAPD_PATH=/tools/wifi/hostapd-0.1.3 USEGTK=1 USECONSOLE=1 all install

 

ldconfig

 

typing void11_penetration will confirm whether the install was successful

 

 

 

Void11 Attacks:

Void11 offers three attack mechanisms:

Deauthenticate Clients (default mode):

  • Floods the WLAN with deauthentication packets - authenticated clients will drop their network connections.

Authentication Flood:

  • Floods access points with authentication packets (random client MACs), results depend on equipment manufacturer.

Association Flood:

  • Floods access points with association packets (random client MACs), results depend on equipment manufacturer.

 

Using Void11:

ensure your prism card is inserted

cd /tools/wifi/void11-0.2.0/console

iwconfig wlan0 mode master (set card to master mode)

iwpriv wlan0 hostapd 1 (set card to hostapd mode)

./void11_hopper (set the card to hop between all 14 channels)

Or as an alternative to using void_hopper mode - set the card to the desired channel manually:

  • iwconfig wlan0 channel 6 (set card to channel 6)

Now the card is configured for the actual attacks:

Usage: void11_penetration  [interface] -D -s [type of attack] -s [station MAC] -S [SSID] -B [BSSID]

e.g. void11_penetration  wlan0 -D  -t 1 -s 00:06:25:2D:09:68 -B 00:06:02:35:AB:06

 

 

void11_penetration switches:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

void11_penetration in use:

 

 

Disassociation mode (-t 1) seems by far the most effective actually dropping the network connection between servers and clients.

Authentication flood mode (-t 2) also proves very effective whilst not physically dropping the client connection all data transfer across the network ground to a halt.

Association flood mode (-t 3) also proves very effective whilst not physically dropping the client connection all data transfer across the network ground to a halt.

 

 

Whitelists and Blacklists:

Void11 also offers the -l and -p switches for use with the whitelists and blacklists.  A whitelist is simply a list of SSIDs/BSSIDs that you do not want to attack (i.e. your home network), while a blacklist is a set of SSIDs/BSSIDs that would want to attack (i.e. a wardriver).

Usage: void11 -l [list name] -p [0=whitelist (default), 1=blacklist]

There is a default matchlist in the void11/console directory.  A typical matchlist may contain:

B 00:06:BF:64:AB:35 (B=BSSID)

S MYSSID (S=SSID)

 

 

Using a Whitelist:

 

Now if we use void11 with the syntax:

void11 -D -l matchlist wlan0

void11 treats the matchlist as a whitelist and will not attack any BSSIDs listed.

 

 

Using a Blacklist:

 

However if we use void11 with the syntax

void11 -D -l matchlist -p 1 wlan0

void11 treats the matchlist as a blacklist and will only attack any BSSID listed.

 

Be aware that if you are using the S (SSID) option with a whitelist and the SSID is not broadcast by the access point then that access point will be treated as blacklisted as void11 cannot see its SSID (unless there is a blank S entry in the matchlist)

 

 

gvoid11:

Void11 also provides a GTK+ GUI front-end called gvoid11 which looks very good and offers many features of the command line tool.  Type 'gvoid11' to start the GUI tool: 


 

 
 
   Copyright 2010 Wirelessdefence.org. All Rights Reserved.