SSID Probing and Bruteforcing

Intro

This is used in case we don't know the ssid of an AP.

Concept

  • Probes APs and checks for answer, useful for checking if SSID has been correctly decloaked and if AP is in your sending range.

  • Bruteforcing of hidden SSIDs with or without a wordlist is also available.

  • However, hiding is not always the best option to prevent attacks from happening because even while hidden an attacker can capture encrypted frames in monitor mode and know the SSID.

# Here, we’d use the bruteforce technique against the target AP using mdk3.
mdk3 wlan0mon p -b l -c 6 -t '<BSSID>'
PreviousAuthentication Denial-Of-ServiceNextEAPOL Start and Logoff Packet Injection

Last updated