I want to carry out resource exhaustion attacks on access points which would lead to DOS condition of the access point.
I would like to exhaust the client association table,by imitating a large number of wireless clients with spoofed MAC addresses. Each one of these imitated clients attempts association and authentication with the target access point. The 802.11 authentication typically completes because most deployments use 802.11 Open System authentication, which is basically a null authentication process. Association with these imitated clients follows the authentication process. These imitated clients do not, however, follow up with higher level authentication such as 802.1x or VPN, which would leave the protocol transaction half-finished. At this point, the attacked access point maintains a state in the client association table for each imitated client. Once the access point's resources and client association table is filled with these imitated clients and their state information, legitimate clients can no longer be serviced by the attacked access point. This creates a DoS (denial of service) attack.
Could someone please tell me how to carry out this association table flooding attack with detailed steps including the tool which is to be used for both open authentication and authentication using WEP, WPA/WPA2-PSK.
Aucun commentaire:
Enregistrer un commentaire