How to Perform a WiFi jamming Attack from Linux by using mdk4?

One of the best and most powerful tools for Ethical hackers in WiFi penetration testing is mdk4 because of it various options not make only it feature-rich, it makes it way more dangerous too. I become speechless when I explore the switch and the ability of the mdk4 tool. mdk3 and aireplay-ng are very popular tools for WiFi jamming. And mdk4 is an advanced and feature-rich version of mdk3 which is developed by ASPj of k2wrlz and E7mer of 360PegasusTeam.

Note: Great power comes with great responsibilities. So Don't do anything stupid by using this tool which makes you in a trouble. Before performing any kind of attack, make sure you have permission from the network owner.

💻Table of contents

How to install mdk4 in Linux?

• in Debian distro based Linux
• in Arch distro based Linux

How to enable monitor mode in Linux?

How to capture wireless packets of wireless networks for a wireless attack?

• capture all networks packets/frames 
• capture target network packets/frames
• caputre network packets/frames by channel
• save all the captured information

How to perform a DOS attack on a Wireless network (WiFi) from  Linux?

• in all wireless network
• by targeting wireless network
• from valid MAC addresses
• by packets per second (custom speed)

How to perform a DeAuth attack on a Wireless network (WiFi) from  Linux?

• in all wireless network
• by targeting wireless network
• as whitelist mode
• as blacklist mode
• by targeting multiple wireless networks 
• as whitelist mode
• as blacklist mode
• by targeting wireless network channel
• by packets per second (custom speed) 

⚪How to install mdk4 in Linux?

if you have knowledge of Linux package manager, Then It's easy to install any software/package/tool in any Linux distro. But here we are going to perform a WiFi jamming attack. So, we won't focus about the Linux package manager, I am leaving the command to install the mdk4, aircrack-ng and wireless tools package in linux according to Linux distribution.

①. Install mdk4 in Debian based distro (Ubuntu, Kali, Parrot, PoP!_OS, Mx Linux, Zorin OS, Sparky Linux etc...)

sudo apt install -y wireless-tools mdk4 aircrack-ng

②. Install mdk4 in Arch based distro (Manjaro, ArcoLinux, EndeavourOS, Artix, Archlabs, Archman, etc...)

sudo pacman --noconfirm -S aircrack-ng mdk4 wireless_tools 

⚪How to enable monitor mode in Linux?

There are many methods to turn on monitor mode in our WiFi Network adapter. And I am going to add one monitor mode interface to my WiFi adapter.

For more information visit this blog which help you to know the various method to turn on monitor mode in your Wireless network adapter.👉📜

sudo iw wlan0 interface add mon type monitor

where,

wlan0 is the name of my WiFi adapter interface, And mon is the name which I want to add as a monitor mode in my WiFi adapter.

⚪How to capture wireless packets of wireless networks for a wireless attack?

There are many tools which allow us to dump wireless network packets/frames which are travelling around us. We are going to use one of the most popular tools named airodumo-ng. Airodump-ng have many options and switch which make it unique from others tools. Here we are going to perform the wireless jamming attack. So, we are not going into depth about it.

①. capture all networks packets/frames 

sudo airodump-ng [MON-INTERFACE]

i.e,

sudo airodump-ng mon

When we run this command our system will capture all of the data packets which are transmitted around us. And We have to identify our target from this attack. After identifying the target, we must have to note our target BSSID,  STATION, CHANNEL NUMBER, etc.. for our further attack.

Note: I am going to select NoobGajen as my target network for this tutorial. 

②. capture target network packets/frames

From our first attack, we know our target wireless network BSSID, CHANNEL NUMBER and much

more information which we need in our attack. So, we are going to put it according to our needs. By using --bssid switch the tool will only captured packets of specified wireless AP with the help of given BSSID.  This is very helpful to analyzing the activity of the target network. 

sudo airodump-ng [MON-INTERFACE] --bssid  [BSSID] 

Note: BSSID is the MAC address of the Wireless Network access point or WiFi Network or any kind of wireless interface where the client/victim device is currently connected. The full form of BSSID is  Basic Service Set Identifier.

i.e,

As we already know the BSSID of the network from the first scanning. And I select NoobGajen as a target a network whose BSSID is 04:95:E6:98:6D:49

 
sudo airodump-ng mon --bssid 04:95:E6:98:6D:49

③. capture network packets/frames by channel

This tool also allows us to dump/capture/monitor wireless packets by its channel. 

sudo airodump-ng  [INTERFACE]  -c [channel_number]

i.e,

As we already our target wireless network is running on channel number 5. So am going to put the channel number in place of [channel-number] in our main command.

sudo airodump-ng mon -c 5 

④. save all the captured information

We can simply save our dumped/captured wireless packets by using switch " -w <file name>" in airodump-ng. Only you have to replace <file name> with your file name which you want to set.

sudo airodump-ng  [MON-INTERFACE] -w <file name>

i.e,

 sudo airodump-ng mon  -w myfilename

where, mon is my [MON-INTERFACE] and myfilename is my <file name>

⚪How to perform a DOS attack on a Wireless network (WiFi) from Linux?

Denial-Of-Service(DOS) attack is a malicious attack where the attacker sends massive amount of traffic to the network or server access point that the server can't able to handle that traffic and that particular network or service goes down temporarily. In some cases, the service also gets shut down for a long period of time because of a huge number of traffic which cross the capacity to handle the traffic of that service. Here we are going to perform a DOS attack on a wireless router network.

①. How to perform a DOS attack on all Wireless networks?

In this attack, we are going to use one of the most popular WiFi jamming attack tools named mdk4. And we are going to use switch "a" which generates randoms/fakes MAC addresses and sends authentication frames to all APs found in a range of your WiFi adapter which freezes the entire WiFi network temporarily.

sudo mdk4 [MON-INTERFACE] a

Note: This attack doesn't disconnect clients from the network But it turns off the internet of the victim network by sending massive amounts of traffic to the network.

i.e, 

sudo mdk4 mon a

②. How to perform a DOS attack by targeting a wireless network?

For this attack, we have to specify the target wireless network BSSID or SSID. And you must be in the range of your target network to successes this attack. Otherwise, the target network is still able to use the internet. this method is the best method to turn off the internet connection of the target network. Only the target network is unable to use the internet 

Note: BSSID is simply the Wireless network name. The full form of SSID is Service Set Identifier.

sudo mdk4 [MON-INTERFACE] a -a [BSSID]

i.e,

 
sudo mdk4 mon a -a 04:95:E6:98:6D:49

 

③. How to perform a DOS attack from valid MAC addresses in a wireless network?

Some routers have a feature to differentiate between random/fake and original mac addresses. And when they notice some fake mac addresses clients want to connect with them. then they declined that addresses. if any chance your attack got declined, Then you can bypass it by adding -m option.

Note: -m Send packets from valid client MAC addresses from the built-in OUI database.

sudo mdk4 [INTERFACE] a -m

i.e,

sudo mdk4 mon a -m

④. How to perform a DOS attack by packets per second (custom speed) in a wireless network?

Sometimes router is able to prevent our attack because they denied huge number of packets in wireless AP but after applying -m option too (which sends packets from valid client MAC addresses). Then, We can still bypass by managing our packets speed from -s option.

Note: We must have to specify packets speed per second (PPS) while using -s option. (Default: unlimited)

sudo mdk4 [INTERFACE] a -m -s [PPS]

i.e,

sudo mdk4 mon a -m -s 30

⚪How to perform a DeAuth attack on a Wireless / WiFi network?

DeAuth attack is one type of Denial Of Service (DOS) attack which kicked out the client/victim from the wireless network or WiFi access point. it is also known as a Deauthentication attack on a wireless network. Now, it turns to perform these attacks in the wireless network.

sudo mdk4 [INTERFACE] d

i.e,

sudo mdk4 mon d

②. How to perform a DeAuth attack by targeting a wireless network?

mdk4 and mdk3 tools also provide features to DeAuth clients from wireless APs by targeting wireless networks. You can also target that AP in whitelist and blacklist mode which is really amazing. You can easily. If you feel hard to copy and paste BSSID of your target network, then you can also make this attack by using SSID of your network.

sudo mdk4 [INTERFACE] d -E [SSID]

i.e,

sudo mdk4 mon d -E "RADMI NOTE 10 PRO MAX" 

②.i) How to perform a DeAuth attack by targeting a wireless network as a Whitelist mode?

If we preform DeAuth attack on a wireless network AP as a whitelist mode. Then, only our target network clinets won't get declined and rest of the network's clients will get declined.

sudo mdk4 [MON-INTERFACE] d -W [BSSID]

i.e,

sudo mdk4 mon d -W 04:95:E6:98:6D:49

②.ii) How to perform a DeAuth attack by targeting a wireless network as a Blacklist mode?

If we preform DeAuth attack on a wireless network AP as a blacklist mode. Then,only our target network clinets will get declined and rest of the network's clients won't get declined.

sudo mdk4 [MON-INTERFACE] d -B [BSSID]

i.e,

sudo mdk4 mon d -B 04:95:E6:98:6D:49

③. How to perform a DeAuth attack by targeting multiple wireless networks?

mdk4 and mdk3 tools are also allow their users to preform DeAuth attack on a multiple networks as a whitelist and blacklist mode at a same time. To preform this attack we have to create one file and add our target network's BSSID in that file. So, I am going to create my file from nano text editor. and i will add my target BSSID in that file.

The name of my file will be wifi.txt and i am going to add 04:95:E6:98:6D:49 and 88:B3:62:03:2A:F9

③.i) How to perform a DeAuth attack by targeting multiple wireless networks as a Whitelist mode?

If we preform DeAuth attack on a wireless network APs as a whitelist mode. Then, only our target networks clinets won't get declined and rest of the network's clients will get declined.

(05:45) To Jam all network by Whitelist mode which detect in your system

sudo mdk4 [MON-INTERFACE] d -w [file path]

i.e,

sudo mdk4 mon d -w wifi.txt

③.ii) How to perform a DeAuth attack by targeting multiple wireless networks as a Blacklist mode?

If we preform DeAuth attack on a wireless network APs as a blacklist mode. Then,only our target networks clinets will get declined and rest of the network's clients won't get declined.

sudo mdk4 [MON-INTERFACE] d -b [file path]

i.e,

sudo mdk4 mon d -b wifi.txt

④. How to perform a DeAuth attack by targeting a wireless network channel?

we can easliy get our target channel number from airodump-ng from above command. After knowing our target network channel number. We can easily preform attack on channel number. and the respective wireless network which are running in that specific channel number only get affected by this attack.

sudo mdk4 [MON-INTERFACE] d -c [channel_number]

i.e, 

sudo mdk4 mon d -c 5

 ⑤. How to perform a DeAuth attack by packets per second (custom speed) in a wireless network?

Some of the routers denied our attack because we are sending them huge number of DeAuth packets to the wireless AP. So, by customizing our packets speed. We can bypass this protection. 

Note: The full form of PPS is Packets per second. Adjust PPS accordingly to needs.

sudo mdk4 [MON-INTERFACE] d -s <PPS>

i.e,

sudo mdk4 mon d -s 20