Jump to content

Recommended Posts

Posted

Hey guys, I ran into Darren at Toorcon and mentioned to him that I was going to do my final paper on the Jasager project in my Network Security class.

My professor likes the idea, but wants me to add more stuff to the report (e.g. other tools) I can use once the victims connect to my pineapple.

I thought about adding a section on Metasploit/db_autopwn, but since we already touched on that in class I don't want to use that.

Any ideas would be helpful.

Thanks,

-EDP

Posted

If you want to contribute, look at the todo list. If you have any specific areas you are interested in mail me (details on site) and I'm happy to discuss them. As I've said a few times, I have loads of ideas for extensions and upgrades but not got much time to fit them in.

Posted
If you want to contribute, look at the todo list. If you have any specific areas you are interested in mail me (details on site) and I'm happy to discuss them. As I've said a few times, I have loads of ideas for extensions and upgrades but not got much time to fit them in.

Hi digininja, it doesn't necessarily have to be a plugin for Jasager/ It could just be a tool running on your laptop. I'll take a look at your todo list though. Thanks!

Posted

Well I maintain karma which is the laptop base for Jasager, if you need any help with that let me know too.

Posted

Update: I decided to write my paper on using Jasager in conjunction with Sidejacking using Ferret and Hamster. I will let you all know how I do grade wise.

If you are not familiar with Sidejacking, here is a cool Youtube video I found:

Posted
Update: I decided to write my paper on using Jasager in conjunction with Sidejacking using Ferret and Hamster. I will let you all know how I do grade wise.

If you are not familiar with Sidejacking, here is a cool Youtube video I found:

Thats Pretty Sick. Looks like a pretty neat trick. Now you just need to figure a way to provide actual internet access with one and be able to be on the same network with your laptop. Too bad you can't just TAP another WIFI signal and provide AP services over Karma at the same time. Maybe use your lappie to reshare another WIFI signal with ICS? Hmm...

Posted
Thats Pretty Sick. Looks like a pretty neat trick. Now you just need to figure a way to provide actual internet access with one and be able to be on the same network with your laptop. Too bad you can't just TAP another WIFI signal and provide AP services over Karma at the same time. Maybe use your lappie to reshare another WIFI signal with ICS? Hmm...

Yeah, that is basically the scenario I proposed in my paper. I would have a laptop with a Mobile wireless card, and I would bridge the internet connection between that and my connection with the Fon.

Now with all the packets flowing through me, I can capture browser session traffic with Ferret from all of the unsuspecting hot spot suckas...errr... users then funnel those packets through Hamster and start "Sidejacking" their browsing sessions. Pure pwnage!

I give my presentation tomorrow. I'll let you all know how I do.

Posted

Alright, report/presentation is complete. Got an A by the way. Teacher liked the idea of using Jasager over the classic MiTM because you could potentially pwn multiple users at once rather than the classic arp poisoning/MiTM with Cain or similar program where you can really only target one at a time.

There will be some new visitors to the forum looking to hack their Fons now as everyone in the class wants to try this.

Thanks for everyone's help!

  • 1 month later...
Posted

Bauer,

Awesome stuff dude and congrats on the A. Wish I had seen this thread before doing the sidejacking pineapple segment on 412 else I'd have given a shoutout. I'll have to bring it up on the next ep.

  • 2 weeks later...
Posted

Epic.

This really quick frankly terrifying... although i must try this out next time im bored @ wifi spot hehe thanks for bringing this to my attention :D!

....and so it begins....all your base are beloing to us lol

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...