mdk3
mdk3 is a proof-of-concept tool to exploit common IEEE 802.11 (Wi-Fi) protocol weaknesses. It performs various attacks including Authentication DoS, beacon flooding, deauthentication, and WPA TKIP denial-of-service.
Description
MDK3 is designed to test IEEE 802.11 networks by exploiting protocol vulnerabilities. It enables security professionals to demonstrate weaknesses in Wi-Fi access points and clients, such as freezing APs with excessive authentication requests or disconnecting clients via deauthentication packets. The tool is intended for authorized testing only, requiring permission from the network owner.
Use cases include assessing AP resilience to DoS attacks, bruteforcing MAC filters or hidden SSIDs, confusing WIDS/WIPS systems, and testing WPA downgrade scenarios. Features like intelligent Authentication-DoS with success checks and AMOK-MODE for mass disconnections make it valuable for wireless penetration testing.
The tool supports probing networks for range verification and includes small SSID wordlists for bruteforcing. It can crash network scanners or buggy drivers via beacon flooding and shuts down multi-AP WDS installations.
How It Works
mdk3 uses the osdep library from aircrack-ng to generate and transmit malicious 802.11 frames via a wireless interface. Test modes send specific frame types: authentication frames to overload APs (mode a), beacon frames for fake AP flooding (b), probe requests for SSID bruteforce and range checks (p), deauth/disassoc packets to disconnect clients (d), Michael MIC failure frames for TKIP DoS (m), and others to exploit protocol weaknesses like MAC filters (f), 802.1X (x), WIDS confusion (w), and WPA downgrade (g). It dynamically adjusts timeouts and includes success checks for intelligent DoS.
Installation
sudo apt install mdk3Flags
Examples
mdk3 wlan0 amdk3 wlan0 bmdk3 wlan0 pmdk3 wlan0 dmdk3 wlan0 mmdk3 wlan0 fmdk3 wlan0 xmdk3 --help