I have been reading a lot about Beacon Frames on my vacation this week (stop laughing) and I came across a tool in Kali called MDK3 that will allow you to send fake beacon frames. I couldnt pass up a chance to test this so I pulled out my trusty TL-WN722N and made a list of the 5,0000 most common SSIDS from wiggle.net.
Here are the commands to run it assuming your wireless interface is WLAN0:
Grab the commonssids.txt from my gist:
wget https://gist.githubusercontent.com/jgamblin/da795e571fb5f91f9e86a27f2c2f626f/raw/0e5e53b97e372a21cb20513d5064fde11aed844c/commonssids.txt
Start airmon-ng:
airmon-ng start wlan0
Start MDK3 with the string:
mdk3 wlan0mon b -f commonssids.txt -g -t -m -s 1000
b - Beacon Flood Mode
f - Read SSIDs from file
g - Show station as 54 Mbit
t - Show station using WPA TKIP encryption
m - Use valid accesspoint MAC from OUI database
Here is what the output looks like:
Here is what the wireless list looks like on a host:
As always be careful using this anywhere that it could cause issues with other people’s internet access. No one likes a jerk.
Spoofing Beacon Frames From The 5000 Most Common SSIDS
