Karma + MSF 3 = I’m never using Wireless again!

Posted by Eric | General | Thursday 27 March 2008 9:48 am

<meta name="GENERATOR" content="OpenOffice.org 2.0 (Linux)" /><meta name="CREATED" content="20080327;8323700" /><meta name="CHANGED" content="16010101;0" /><br /> <style> <!-- @page { size: 8.5in 11in; margin: 0.79in } P { margin-bottom: 0.08in } --> </style> <p style="margin-bottom: 0in">Last night I went up to Austin for the AHA! Meeting that is held the last Wednesday of every month. There were only three talks, but it was good stuff none the less. HDM Went first and gave a little demo of what he’s been working on lately. Recently he picked up one of the new<a href="http://www.newegg.com/Product/Product.aspx?Item=N82E16834220266"> eeepc’s</a> from new egg for his wireless en devours and has been playing with it. It’s pretty small and light weight so I’m actually considering purchasing one and using it solely for wireless pen testing.</p> <p style="margin-bottom: 0in"> <p style="margin-bottom: 0in">Lately HD has been working with the creator of <a href="http://www.theta44.org/karma/index.html">KARMA</a> the wireless tool. The Creator wanted to integrate it with an exploit framework and MSF came to mind. HD Did a few demo’s of Karma’s integration with MSF. As clients probe for a wireless access point Karma will respond saying I’m here. At that point, MSF will set up a ruby based SMB server, POP3, IMAP, HTTP, HTTPS, all your essential protocols. The client will get an ip address, and once they start trying to browse the web, or goto a share, or open up email MSF and Karma will start handling every request. He said it was still going to be about a month or two before it’s released. Future plans include auto discovery of what Client side vulns apply to a client, as well as the automatic exploitation of discovered client sides. All in all that was a pretty cool demo.</p> <p> <!-- Begin Google Adsense code --> <script type="text/javascript"><!-- google_ad_client = "pub-9774791470740882"; google_ad_width = 468; google_ad_height = 60; google_ad_format = "468x60_as"; google_ad_type = "text_image"; google_ad_channel =""; //--></script> <script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script> <!-- End Google Adsense code --> </p> </div> <div class="feedback"> <a href="http://hamsterswheel.com/techblog/?p=55#comments" title="Comment on Karma + MSF 3 = I’m never using Wireless again!">Comments (2)</a> </div> <h2 id="comments">2 Comments <a href="#postcomment" title="Leave a comment">»</a> </h2> <ol id="commentlist"> <li id="comment-1327"><cite>Comment by <a href='http://carnal0wnage.blogspot.com' rel='external nofollow' class='url'>CG</a> — March 27, 2008 @ <a href="#comment-1327">9:19 pm</a></cite> <p>snap!</p> </li> <li id="comment-1536"><cite>Comment by <a href='http://synjunkie.blogspot.com' rel='external nofollow' class='url'>SynJunkie</a> — April 16, 2008 @ <a href="#comment-1536">5:47 pm</a></cite> <p>Oh my……….</p> <p>(seriously nice theme by the way!)</p> </li> </ol> <p><a href='http://hamsterswheel.com/techblog/?feed=rss2&p=55'><abbr title="Really Simple Syndication">RSS</abbr> feed for comments on this post.</a> <a href="http://hamsterswheel.com/techblog/wp-trackback.php?p=55" rel="trackback">TrackBack <abbr title="Uniform Resource Identifier">URI</abbr></a> </p> <h2 id="postcomment">Leave a comment</h2> <form action="http://hamsterswheel.com/techblog/wp-comments-post.php" method="post" id="commentform"> <div id="authorinfo" style=""> <p><input type="text" name="author" id="author" value="" size="22" tabindex="1" onfocus="this.style.background='#ffffff'" onblur="this.style.background='#ffffff'" /> <label for="author"><small>Name (required)</small></label></p> <p><input type="text" name="email" id="email" value="" size="22" tabindex="2" onfocus="this.style.background='#ffffff'" onblur="this.style.background='#ffffff'" /> <label for="email"><small>Mail (will not be published) (required)</small></label></p> <p><input type="text" name="url" id="url" value="" size="22" tabindex="3" onfocus="this.style.background='#ffffff'" onblur="this.style.background='#ffffff'" /> <label for="url"><small>Website</small></label></p> <!--<p><small><strong>XHTML:</strong> You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre lang="" line=""> </small></p>--> </div> <p><textarea name="comment" id="comment" cols="100%" rows="10" tabindex="4" onfocus="this.style.background='#ffffff'" onblur="this.style.background='#ffffff'" ></textarea></p> <p><input name="submit" type="image" id="submit" tabindex="5" src="http://hamsterswheel.com/techblog/wp-content/themes/blue-zen/images/submit.jpg" onmouseover="this.src='http://hamsterswheel.com/techblog/wp-content/themes/blue-zen/images/submit_over.jpg'" onmouseout="this.src='http://hamsterswheel.com/techblog/wp-content/themes/blue-zen/images/submit.jpg'" /> <input type="hidden" name="comment_post_ID" value="55" /> </p> </form> </div> </div> <div id="footer"> © Copyright 2009 | <a href="http://hamsterswheel.com/techblog">Phn1x – Hamsterswheel</a> | Theme by <a href="http://clubparexcellancetech.com/">Club Par Excellance</a> | All Rights Reserved | Sponsored by <a href="http://www.voipkit.ca/">VoIP</a> </div> </body> </html>