πŸ“•
Blog
  • 🐞Vulnerabilities & Techniques
    • Web Vulnerabilities
      • Open Redirect
      • HTTP Parameter Pollution (HPP)
      • Host Header Injection (HHI)
      • XSS
      • HTML-Injection
      • clickjacking
      • S3
      • EXternal Xml Entity (XXE)
      • XSS prevention | CSP
      • DOM-XSS
      • SQL Injection | SQLI
      • Response Manipulation Technique & How Burp Suite Works
    • API Vulnerabilities
      • Mass Assignment Vulnerability
  • 🚩CTF
    • ASCWG
  • ✍️Writeups
    • Read Writeups
      • REST API WriteUps
      • Web Vulnerabilities WriteUps
    • Technical Writeups
      • Reset Password Poisoning Via Host Header Injection Lead to (ATO)
      • OTP/2FA Bypasses
        • OTP bypasses
  • 😈TryHackMe
    • THM Advent of Cyber 3 (2021) NoSQL WriteUp
  • πŸ”±Web-CyberTalents
    • CyberTalents-Web-Easy
    • CyberTalents-Web-Medium
    • CyberTalents-Web-Hard
  • πŸ–‡οΈPentesting & Bug Hunting Tips
    • ATO Via Host Header Injection
    • OTP Bypass
    • OutLook Plugin Pentest Guide
  • πŸ’»Port-Swigger Labs
    • XML external entity (XXE) injection
    • DOM-XSS
      • DOM XSS in the document.write sink using source location.search
      • Lab: DOM XSS in document.write sink using source location.search inside a select element
      • Lab: DOM XSS in innerHTML sink using source location.search
      • Lab: DOM XSS in jQuery anchor href attribute sink using location.search source
      • Lab: Reflected DOM XSS
      • Lab: Stored DOM XSS
    • SQL injection
      • Lab: SQL injection vulnerability in WHERE clause allowing retrieval of hidden data
      • Lab: SQL injection vulnerability allowing login bypass
      • Lab: SQL injection UNION attack, determining the number of columns returned by the query
      • Lab: SQL injection UNION attack, finding a column containing text
      • Lab: SQL injection UNION attack, retrieving data from other tables
      • Lab: SQL injection UNION attack, retrieving multiple values in a single column
      • Lab: SQL injection attack, querying the database type and version on Oracle
      • Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft
      • Lab: SQL injection attack, listing the database contents on non-Oracle databases
  • πŸ›œWireless Networks Penetration Testing
  • βš”οΈWi-Fi Attacks
    • πŸ•ΈοΈNetwork Scanning attack
    • 🌊DOS / Flooding
      • 1️⃣DoS - Frame Flooding (Deauth, EAPOL, Beacons)
      • 2️⃣DoS- Exploiting Countermeasures (MIC failure)
    • Jamming Attacks (Ω‡Ψ¬Ω…Ψ§Ψͺ Ψ§Ω„Ψͺشويش)
    • Probe Requests Attack
    • Handshake Attacks
      • Dictionary Attack
      • Clientless Attack
      • KRACK Attack
      • Downgrad Attack
    • Rouge AP Attack
  • Lab Notes
  • RFID and NFC
  • Bluetooth
  • ZigBee
  • Google Map Test
Powered by GitBook
On this page
  1. Wi-Fi Attacks

DOS / Flooding

PreviousNetwork Scanning attackNextDoS - Frame Flooding (Deauth, EAPOL, Beacons)

Last updated 11 months ago

What is Frame Flooding?

A WiFi Frame Flooding Denial-of-Service (DoS) attack, also known simply as a WiFi Frame Flooding attack, is a type of cyber attack that aims to overwhelm a wireless network by flooding it with a large volume of WiFi frames. These frames are typically designed to exploit weaknesses in the WiFi protocol's handling of management frames, which are used for network management and control.

Here’s a breakdown of how a WiFi Frame Flooding DoS attack works:

  1. Types of Frames: WiFi networks use different types of frames for various purposes, such as management frames (e.g., beacon frames, probe request/response frames, authentication frames, de-authentication frames), control frames (e.g., RTS/CTS frames), and data frames.

  2. Attack Execution: In a WiFi Frame Flooding DoS attack, the attacker generates and transmits a massive number of specially crafted WiFi frames to the target network. These frames may include:

    • Beacon Frames: Used by access points to announce their presence and network parameters. Flooding with beacon frames can overload the network's handling capacity, causing instability or denial of service.

    • Deauthentication Frames: Used to disconnect a device from the network. Flooding with de-authentication frames can force legitimate devices to repeatedly disconnect and reconnect, disrupting their connectivity.

    • Probe Request/Response Frames: Used by devices to discover and connect to available networks. Flooding with these frames can overwhelm the network's ability to respond, leading to connectivity issues for legitimate devices.

  3. Objective: The primary goal of a WiFi Frame Flooding DoS attack is to exhaust the network's resources (such as bandwidth and processing power of network devices like access points and routers). By overwhelming the network with a high volume of frames, the attack can cause:

    • Slowness or complete loss of connectivity for legitimate users.

    • Instability or crashes of network devices.

    • Disruption of network services and operations.

  4. Detection and Mitigation: Detecting and mitigating WiFi Frame Flooding DoS attacks can be challenging due to the distributed nature of wireless networks and the complexity of distinguishing legitimate traffic from malicious flood traffic. Effective mitigation strategies may include:

    • Implementing rate limiting mechanisms to control the number of frames processed per second by network devices.

    • Using intrusion detection/prevention systems (IDS/IPS) to monitor for abnormal spikes in frame transmissions.

    • Applying filtering techniques to drop suspicious or excessive frames.

    • Keeping network equipment and firmware updated to mitigate known vulnerabilities.

Overall, a WiFi Frame Flooding DoS attack is a disruptive cyber attack that targets WiFi networks by flooding them with excessive management frames, leading to a denial of service or degradation of network performance for legitimate users.

βš”οΈ
🌊