MDK3 goes bruteforcing Wireless SSIDs

One good practice is to disable your SSID broadcast so you don’t show up on the victims list. Although this doesn’t make you completely invisible, it does aid reducing ease of location. (Networks can still be located by BSSIDs).

MDK3 was written by ASPj to bruteforce network SSIDs (even with wordlists).

Tape has done some testings around and described it all on his blog post. It has some videos too of the attack in progress on a 3-character-lenght SSID.

MDK3 version 6 is already available with the latest release of BackTrack 4 on /pentest/wireless/mdk3.

The Church of Wi-Fi has some SSID wordlists available at their website.

Good cracking!

comments powered by Disqus