Overview
mdk4 is a frame injection tool for 802.11 networks. In wireless pentesting it is primarily used to brute force hidden SSIDs by sending probe requests with each name from a wordlist until the AP responds.Install
Usage
Modes
| Mode | Description |
|---|---|
b | Beacon flooding: spam fake APs |
d | Deauthentication / disassociation flood |
p | SSID probing and brute force |
e | EAPOL start/logoff packet injection |
m | Michael Countermeasures exploitation (TKIP shutdown DoS) |
s | Attacks for IEEE 802.11s mesh networks |
a | Authentication DoS (floods APs with 802.11 auth frames) |
f | Packet fuzzer |
SSID Brute Force (Mode p)
Used to discover hidden SSIDs when no client is connected to reveal the name via probe responses.| Flag | Description |
|---|---|
-t <BSSID> | Target AP MAC address |
-f <wordlist> | Wordlist of SSIDs to probe |
-b <char> | Use character set for brute force |
-e <SSID> | Try exact SSID |
Deauthentication Flood (Mode d)
| Flag | Description |
|---|---|
-w <file> | Whitelist of MACs to skip |
-b <file> | Blacklist of MACs to target |
-s <speed> | Packets per second |
-c <channel> | Target channel |