Hello Everybody And Welcome To This Tutorial. Today, I Will Be Talking About Dos Attacks And How You Can Actually Deny Wireless Access To Pretty Much Anybody Within The Range Of Your Wireless Card. Now Your Current Range Of Your Wireless Card Is Not Your Permanent Range, Or Probably It'S Not Your Maximum Range, Because You Can Boost The Signal As Well, But Of That I Shall Speak A Bit Later On. For The Time Being, I Wish To Focus Only On The Actual Dos Attack As That Can, Well, Not Only Can You Deny The Service, But As I Stated In The Previous Tutorial, You Are Actually Able To Trick A User Into Resetting The Router. Primarily, Because If You Can'T Connect Your Wireless What Are The First Things That You Do? You Basically Just Reset The Router. Even If You Call The Isp Provider, One Of The First Things That They Will Tell You Is Reset The Router. And These Sort Of Attacks They Don'T, Unless They Are Going Over An Extended Period Of Time, Or Something Like That, They Don'T Raise A Lot Of Suspicion.
I Mean Most People When They Can'T Connect To Wireless In Their Houses, Or Something Like That, Oh, Well, Reset The Router. If It Works Out, Great. If It Doesn'T, Oh, Well, Call The Isp Then They Try To Fix It, But You'Re Not Gonna Be Running The Dos Attack Probably For That Long. Your Idea Is To Force A Reset, However You Can Run Actually Permanent Dos Attacks, And In Such A Way Deny Service To A Certain User, Or Company, Or Something Of A Kind.
There Is No Known Way To Actually Stop This. There Are, As I'Ve Stated In The Previous Tutorials As Well, You Can Use Some Paint That Doesn'T Allow Signals To Pass Through, Or You Can Use Some Tinfoil, Or Something Like That On The Walls, But You Are Effectively Limiting What You Can Do With Your Own Wireless In Such A Way, And That'S Not Really The Best Of Solutions. Anyway, There Are Certain Things That A User Can Do On The Other Side To Mediate This Sort Of An Attack, Such As Change The Channel Of Their Wireless Access Point, Change The Mac Address, But None Of Those Things Are Actually Stopping The Dos Attacks.
All Of Those Things, All That They Are Doing, Is Simply Hiding And Buying Time. All You Need To Do Is Simply Follow Up On The Changes, For Example Do A Scan. Again, If You See That There Is Something Wrong, And That'S It, You Will Find A New Mac Address, You Will Find A New Channel, And You Will See The New Essid As Well. So, Anyway, Without Further Ado, Let'S Just Go Ahead And Perform This Sort Of Attack. See What Happens And How Can We Actually Confirm It. Anyway, The First Thing That We Need To Do Is Set Our Wireless Network Card Into Monitor Mode. I Have A Small Script That I Have Written For Myself Here.
I Have Explained It In The Previous Tutorials. If You'Re Just Wondering Why Am I Not Doing This Via Airmon-Ng, So Airmon-Ng, And You Can Also Do It Like This, Wlp2s0, Well I'Ve Discovered That On Fedora, The Distribution That I'M Using At The Moment, And The One That I'M Using For The Demonstration Of This Tutorial, Well It Just Presents Problems. I Mean, It Creates Virtual Interfaces, And, I Don'T Know, You Get An Error Like Name Not Unique On The Network And There'S A Way To Fix That, Or A Workaround, Something Like That, But I'Ve Just Written My Own Script That I'M Going To Use. You Can Use It As Well, I'Ve Shown It In The Previous Tutorial. All It Does Is Bring The Wireless Interface Down, Changes Its State, Changes The Mode To Monitor Mode, And Then Changes The State Back To Up Again. Here You Can Just See It One More Time, Quickly, Excellent! Perhaps I Should Have Added A Mac Change Here As Well. That Would Actually Be A Good Idea, But For The Time Being I'M Not Gonna Do That.
Primarily, Because There Is No Need To Hide As I'M Doing This To My Own Wireless System. However, If You'Re Doing This Outside, Definitely Use Macchanger -R Wlp2s0. You Can Only Change The Mac Address When The Interface Is Down, You Cannot Change The Mac Address Of The Interface That Is Up. How To Do This? I Have Shown In The Previous Tutorials As Well. Anyway, Let'S Just Go Ahead And Clear The Screen. I Usually Run This Command Airmon-Ng Check Wlp2s0. I Use This Not To Set In Monitor Mode, But Rather Instead To Perform A Check-Up To See If There Are Any Programs, Any Processes Out There Within My Computer That Might Cause Problems Or Interference. Apparently, There Are None. If There Were, Once You Run This Command, It Would Give You The Pids Of The Processes And You Could Kill Them Easily.
No Problems There. Let'S Just Go Ahead And Clear The Screen, And The Tool That We Need To Use In This Part Of The Aircrack Package Here Is Ai Replay. So Before We Actually Start Doing That We Will Of Course Need To Perform A Scan With A Tool That We Have Used Previously. So Airdump-Ng, I Have No Idea Why They Call It This, So Airdump-Ng Wlp2s0. Oops, Airodump-Ng. It'S Airodump, Sorry. I Always Make A Mistake There, But You Can Just Use Tab As I'Ve Shown And It'S Gonna Work Out Well For You. So, Apparently, I Have Some Open Access Points Here As Well, And I Have Noticed A Very Strange Thing. When I Performed These Scans During Different Times Of Day, The Signal Strength Varies, And The Amount Of Wireless Access Points Also Changes. I'M Just Gonna Stop This Because There Are Too Many Of Them Now.
The Amount Of Wireless Access Point Changes And The Signal Strength Changes. What I'Ve Noticed That People Are Doing Is That They Actually Turn Their Wifi Off During Certain Times Of The Day, When They Are Not There, Or When They Are Not Using It, Or Something Of A Kind, And That Is A Very Wise Precaution. I Mean, That'S A Very Intelligent Thing To Do. Because If There'S Nobody In Your House, If There Is Nobody Using Your Wi-Fi, There Is Literally No Reason For You To Leave It Online. Just Pull The Plug, Simple As That. You Increase The Safety Of Your Wireless, Of Your Home Network, Exponentially.
Primarily, Because Not Only Are You Invisible, Permanently Invisible, During Certain Periods Of Time, But You Are Also Effectively Limiting Windows Of Opportunity For Anybody To Attack You, And That Can Cause A Ridiculous Amount Of Problems To An Attacker. Anyway, So Over Here I Have My Wireless Interface, It'S Called Something, It'S On Channel 6, And It'S Power, It'S Relatively Good. But, Look At My Neighbors. I Conducted The Scan Last Night, And My Own Wireless Was About 50 Something, And My Neighbors Was 59 Which Was Ridiculous. I'M Guessing This Guy'S Right Next To Me, Or Right Below Me, With An Antenna Attached To The Ceiling, Or Something Of A Kind.
I Have No Idea, But He'S Getting A Really Strong Wireless Signal. I'M Gonna Have To Ask Around To See Who This Is Just To See What The Signal Strength Is On This Router. But, Anyway, It Doesn'T Really Matter. Let'S Just Use Let'S Just Use The Aireplay. However, I Didn'T Find A Way To Actually Specify A Channel In Aireplay, And Perhaps There Is An Option There, Or Something Of A Kind, But It Doesn'T It Doesn'T Really Matter, I Didn'T Try Too Hard. What I Wanted To Show You Is That You Can Actually Change The Channel Of Your Wireless Network Card Manually. So Just Type In...Wait, Before We Actually Do That, Lets Just Try A Random Scan And See What Happens. So Aireplay-Ng, And Here We'Re Gonna Need To Specify -0. So -0 Is From The List Of Arguments That I Do Believe That I'Ve Showed Previously, But It Doesn'T Really Matter.
So You See In The Help Menu You Have The Authentication, You Can Use -0 Instead Of That. Fake Authentication, You Can Use -1 Instead Of That, And So On, And So Forth. You Don'T Actually Need To Type In The Whole Command, Rather Instead They'Ve Numerated Them, So It'S A Lot Easier To Actually Use. Anyway, We'Re Gonna Say -0, And Space. It Says Count, So How Many The Authentication Requests Do You Want To Send. You Can Specify A Number, It Can Be A Very Large Number Here, Or You Can Just Say One For Single Authentication, For Capturing The Wpa2 Handshakes. Well, You'Re Probably Gonna Need More Than One, But It Doesn'T Really Matter.
I Usually Have A Tendency To Place A Zero Here. Zero Tells It Simply To Do It Continuously. So, You Can Just Do It Until You Feel Satisfied, Or Until You'Ve Achieved Your Purpose, And Then Ctrl C To Actually Cancel It. No Big Deal There. Anyway, After That We Need To Specify A -A Option, Which Is The Bssid, And Then In Addition To That We Need To Specify The Interface That We'Re Going To Be Using, Press Enter, And There We Go. So It Says Here On Channel 3, But I Know For A Fact, And You Can Scroll Up And You Can See Here'S Something, It Says Channel, It'S Channel 6.
So, This Is Not Gonna Work. It Says No Such Bssid Available. Please Specify Essid So The Name, Perhaps The Name Of The Network. Yeah, That Is Due To This Channel Problem. So This Is Channel 3, And My Wireless Interface Card Is Functioning On, My Wireless Access Point Is Actually Functioning On Channel 6, While My Wireless Network Card Is Functioning On Channel 3 In My Laptop. What We Need To Do Is Manually Configure The Channel Of Our Network Card. So, Iwconfig Wlp2s0, Which Is The Name Of Our Interface, And Then Channel, And Then Just Say 6. So It'S Very Simple, It'S Like The English Language. You Have A Command, So Iwconfig, The Name Of Your Wireless Interface, Just Type In The Argument That You Want To Change, Which Is Channel. Same Thing With Mode, So Just Type In Mod Here And Change It To Whatever You Want. But In This Case We'Re Changing The Channel, So Just Type In Channel, Space, And Then Just Type In The Number Of The Channel You Wish To Tune It, You Wish To Change It To.
Anyway, Now Our Wireless Network Card Is Running, Is Operating On Channel 6, And If We Repeat The Command That I Have Previously Shown, You Will See Immediately, Immediately It Actually Passes. This Attack Is More Effective When Targeting A Connected Wireless Client, Yep, Okay. So, There Is This Message That We'Re Being Displayed Here. This Is Not An Error Message, This Is Just A Note Of A Sort. We Can Also Deauthenticate Individual Clients On The Network, So We Don'T Need To...See This Attack That I Am Performing Now, This Will Be Authenticate Everyone On That Wireless Card, On That Wireless Access Point. Everybody Will Be Deauthenticated. I Mean, You Can Confirm This By Using Your Smartphone, Or Tablet, Or Another Pc That Is Connected To Your Home Wireless Network, And It Might Show The Status That It Is Still Connected, But Try Browsing The Net, Try Opening Up A Website, Or Something Of A Kind.
You Will Not Be Able To Do It, Like Not In A Million Years. Also, There Are Some Mac Filtering Options That Routers Attempt To Impose, But It Doesn'T Matter. I'Ve Shown You How You Can Change A Mac Address, And You Can Also Set A Script Which Will Rotate Your Mac Addresses Periodically. So, That That Can Be A Nightmare. Also, The Routers Have The Option To Adjust The Mac Address, To Adjust To A Certain Range Of Mac Addresses Which Can Access It, But, Again, You Will Be Able To See The Authenticated Clients On That Network, And Just Use Their Mac Addresses Instead And Pass Through. As I Said, This Is Ridiculously Difficult To Stop, And It'S Really Painful When You'Re Being Dosed In Terms Of Wireless.
There Is Very Little That You Can Do. I Honestly Don'T Know Of Any Known Method To Actually Completely Stop This, But We'Ll See. There Are Some Enterprise Type Routers That Are Actually Able To Fight This Off To An Extent, But We'Ll See What The Future Brings. Anyway, I Will Be Doing More Of This In The Follow Up Tutorial, And I Will Show You How You Can Deauthenticate Single Client. Plus, We'Ll Be Writing Down Some Bash Scripts And See How That Works Out To Improve Our Attack. In Any Case, I Bid You Farewell, And I Hope To See You In The Next Tutorial.
Discription:-
Learn Kali Linux Episode #36: Signal Jamming and Denial of Service Demonstration (Part 1)
In this tutorial we we cover signal jamming and denial of service (DoS) using Kali Linux. I will show you how to conduct a scan of surrounding networks, how to troubleshoot any issues you may be having with your network card, and the measures you can take to protect yourself.
joseph,delgadillo,jtdigital,ermin kreponic,dos,denial of service,signal jamming,the complete kali linux course beginner to adavanced,free udemy course,network security tutorials,netsec,linux administration,bash scripts,ceh,training
Reviewed by Free Apps And Softwares
on
September 12, 2023
Rating:
No comments: