carcar1
-
Posts
8 -
Joined
-
Last visited
Content Type
Profiles
Forums
Gallery
Events
Posts posted by carcar1
-
-
-
Okay I know what CAN do it. But I need to know HOW to do it. Right now I have a client hooked up to a karmetasploit acces point. When the client goes to a website it comes up "Loading....." I want it to go to the site and then I want the password if it had ssl. I have done it before with arp poising but I want to do it with karma now.
-
@c0r- I found a guide that works for karmetasploit :) Paired with airdrop-ng my client won't ever see light of day now. BUT karma is running and its logging some goodies but I dont see any passwords? Would ssl strip work?
*The guide shows how to allow people to passively connect I know airdrop-ng can nullify that. However I want it so they are forced upon being de-authed to automatically hop onto my karma ap.
-
-
I've been messing with transparent rouge ap's but I have tried 3-4 guides. 2 being scripts and some manual. One was uncompleted where it involved iptables but I didnt want to pick and choose guides. Can anyone point me to a guide that works 100%? This is to test on my own home. I have 2 wireless cards both are atheros packet-injecting ready. I am not a noob to cracking wifi and such but when it comes to ap's I've never had any support. Also can Jasaga work on bt4f? I want a fon but I dont want to spend money when I'm sure there are ways to do it on my laptop.
Thanks Carcar1 -
Dude even if we told you still would have liek a 30 percent chance of getting the password wpa and wpa2 are very secure which makes them harder to break so people like you dont mess with them.
-
I dont know about the acer aspire one but on the acer aspire 5100 the atheros ar5007eg chipset does not support monitoring mode. So if your looking to do this not gonna work.
Mitm Help
in Security
Posted
I figured it out. I simply used arpspoof to mix up some arp replies and then I use wireshark to see none encrypted stuff and use ssl strip to get the goodies.