.

tool to dissociate wireless clients?

<<

SephStorm

User avatar

Hero Member
Hero Member

Posts: 570

Joined: Sat Apr 17, 2010 12:12 pm

Post Sat Sep 15, 2012 12:14 pm

tool to dissociate wireless clients?

We have people connecting to a WAP that we are in charge of, but dont have admin access to, the service provider tells us that individuals are using the WiFi to download stuff, assuredly movies and other such stuff. Is there a tool that could dissociate wireless clients?
sectestanalysis.blogspot.com/‎
<<

jinwald12

User avatar

Jr. Member
Jr. Member

Posts: 77

Joined: Thu Nov 05, 2009 5:42 pm

Post Sat Sep 15, 2012 12:31 pm

Re: tool to dissociate wireless clients?

Mdk3 will suit your needs if scripted, or you can look into http://openwips-ng.org/index.html however it is immature at  this time.
where did all the fun go?
<<

m0wgli

User avatar

Sr. Member
Sr. Member

Posts: 308

Joined: Fri Jul 20, 2012 3:34 pm

Post Sat Sep 15, 2012 2:59 pm

Re: tool to dissociate wireless clients?

Why can't the AP be secured?

If it's someone whose supposed to be using the AP that is responsible for the questionable behaviour as identified by the ISP, then no wireless security measure is going to help anyhow. 

An acceptable use policy may be some cover from any comeback on yourselves from it's abuse (I'm not a lawyer, so don't take that advice as absolute).

If it's someone that's not supposed to be using it, the problem with any disassociation method is that it will be MAC based as far as I'm aware. Whats to stop them from changing their MAC address and regaining access?

Anyhow, in addition to the advice already given, Aireplay from the Aircrack suite can also achieve this.
Security + | OSWP | eCPPT (Silver & Gold) | CSTA
<<

S3curityM0nkey

User avatar

Jr. Member
Jr. Member

Posts: 89

Joined: Mon May 16, 2011 6:47 pm

Post Sat Sep 15, 2012 4:19 pm

Re: tool to dissociate wireless clients?

You could try using Aircrack-ng to send deauthentication packets to kick the device offline....

http://www.aircrack-ng.org/doku.php?id=deauthentication
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Sat Sep 15, 2012 5:27 pm

Re: tool to dissociate wireless clients?

The problem with aircrack, the device will try to re-connect.

How are you required to be in charge of it, if you don't have admin access to it. What do they expect you to do, to be in charge of it?

Is the ISP in charge of it?

Maybe overkill, but figure out where those people are connecting from, if possible. Deploy fake WAPs in those locations. Access points without internet access. Same name, stronger signal than the real WAP. Look into authentication options if you can.
OSWP, Sec+
<<

shadowzero

User avatar

Full Member
Full Member

Posts: 120

Joined: Sat Jun 02, 2012 10:03 pm

Post Sat Sep 15, 2012 5:35 pm

Re: tool to dissociate wireless clients?

Disassociating clients is just a temporary measure that the client can easily work around. Better to just secure the AP itself to prevent these people from connecting. If the ISP expects you to secure it, tell them to give you admin access, or have them send someone with admin access to deal with it.
<<

jjwinter

User avatar

Jr. Member
Jr. Member

Posts: 80

Joined: Mon Mar 05, 2012 10:33 pm

Post Sat Sep 15, 2012 9:29 pm

Re: tool to dissociate wireless clients?

Wireless issues aside, you could deploy Untangle behind the AP and filter any torrent-like activity, and block other undesirable stuff. You could also present an Acceptable Use policy users must click on.

I ran into a similar situation at a public library that offers free open wifi. The Untangle box made all the would-be torrent folks pick up and move on.
<<

SephStorm

User avatar

Hero Member
Hero Member

Posts: 570

Joined: Sat Apr 17, 2010 12:12 pm

Post Sun Sep 16, 2012 2:06 am

Re: tool to dissociate wireless clients?

This is a basic rundown, we are using  temporary site, and there is a contract here that provides for wireless access. When we originally came to the site, the wifi was decent. We noticed significant issues as time went on, from users only being able to load 1-2 pages, ect. Well, the bosses called the company who did a survey. They stated it was users downloading from the living area while they were at the work site. Now I suggested that they ask the company to block the commonly used torrent ports and such, ultimately I am not in contact with the company myself, but my understanding is that the contract puts them in charge of the wired and wireless AP's, but we as the customer have some sort of support.
sectestanalysis.blogspot.com/‎
<<

jjwinter

User avatar

Jr. Member
Jr. Member

Posts: 80

Joined: Mon Mar 05, 2012 10:33 pm

Post Sun Sep 16, 2012 11:44 am

Re: tool to dissociate wireless clients?

So you have responsibility for AP's you have no control over? What is your role there?

Trying to tackle this from "boot people off with deauth tools" seems like too much hassle.
<<

Jamie.R

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Mon Aug 06, 2012 9:57 am

Location: UK

Post Mon Sep 17, 2012 3:32 am

Re: tool to dissociate wireless clients?

I would try secure the wireless to be honest as its the best way the other alternative is to use air crack and write de auth script
| OSWP | eCPPT Silver and Gold | eWPT |

I'm an InterN0T'er
<<

SephStorm

User avatar

Hero Member
Hero Member

Posts: 570

Joined: Sat Apr 17, 2010 12:12 pm

Post Mon Sep 17, 2012 12:22 pm

Re: tool to dissociate wireless clients?

The closest example I could give would be if your company goes to a hotel for a conference, they provide wireless access for your use, but you dont control the APs.
sectestanalysis.blogspot.com/‎
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Mon Sep 17, 2012 3:58 pm

Re: tool to dissociate wireless clients?

At which point it shouldn't be your problem, it should be the providers. Is the app and cable / dsl / whatever modem built in, or can you put a device between them?

if you can put something between them, I'd say go with the Untagled solution that jjwinter suggested.

Also have the person in charge let them know that what they are doing isn't authorized and there will be penalties for being caught.
OSWP, Sec+
<<

DataDwarf

User avatar

Newbie
Newbie

Posts: 30

Joined: Wed Jul 25, 2012 4:43 pm

Post Mon Sep 17, 2012 6:28 pm

Re: tool to dissociate wireless clients?

There is NetCut, which is windows only:

http://www.arcai.com/netcut-faq/62-what-is-netcut.html

and recently released WiFiKiller for android:

http://thehackernews.com/2012/09/eject-any-wifi-device-from-network.html
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Mon Oct 01, 2012 7:16 pm

Re: tool to dissociate wireless clients?

I don't think I noticed anyone recommend this, but what's stopping you from unplugging the WAP in question and plugging your own in? Seems that'd solve all the problems.
<<

SephStorm

User avatar

Hero Member
Hero Member

Posts: 570

Joined: Sat Apr 17, 2010 12:12 pm

Post Tue Oct 02, 2012 1:15 pm

Re: tool to dissociate wireless clients?

quite right, thank you all for the suggestions. I'm not sure what they did, but the internet has worked much better recently.
sectestanalysis.blogspot.com/‎

Return to General Certification

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software