Browse Exploit & Auxiliary Modules

The Metasploit Project hosts the world's largest database of quality assured exploits, including hundreds of remote exploits, auxiliary modules, and payloads. You can even review the Metasploit Framework source code of any module - or write your own.

Search for modules

Open Source Vulnerability DataBase ID
Bugtraq ID
Full Text Search
Common Vulnerabilities Exposures ID
Microsoft Security Bulletin ID
 
Search Modules

Multiple Wireless Vendor NULL SSID Probe Response

This module exploits a firmware-level vulnerability in a variety of 802.11b devices. This attack works by sending a probe response frame containing a NULL SSID information element to an affected device. This flaw affects many cards based on the Choice MAC (Intersil, Lucent, Agere, Orinoco, and the first generation of Airport cards).


Rank

  • Normal

Authors

  • hdm < hdm [at] metasploit.com >

References


Development


Similar Modules


Usage Information

$ msfconsole

                ##                          ###           ##    ##
 ##  ##  #### ###### ####  #####   #####    ##    ####        ######
####### ##  ##  ##  ##         ## ##  ##    ##   ##  ##   ###   ##
####### ######  ##  #####   ####  ##  ##    ##   ##  ##   ##    ##
## # ##     ##  ##  ##  ## ##      #####    ##   ##  ##   ##    ##
##   ##  #### ###   #####   #####     ##   ####   ####   #### ###
                                      ##

msf > use auxiliary/dos/wifi/probe_resp_null_ssid
msf auxiliary(probe_resp_null_ssid) > set ADDR_DST [STRING]
msf auxiliary(probe_resp_null_ssid) > run


Module Options

ADDR_DST The MAC address of the target system
CHANNEL The initial channel (default: 11)
COUNT The number of frames to send (default: 2000)
DRIVER The name of the wireless driver for lorcon (default: autodetect)
INTERFACE The name of the wireless interface (default: wlan0)
VERBOSE Enable detailed status messages
WORKSPACE Specify the workspace for this module