Problem: Connecting Fon+Jaseger to Metasploit+Karma

[psilo]

Hi, just wanted to say I really enjoy the show.

I've been following the guide here: http://www.h-i-r.net/2009/07/evil-wifi-par...-framework.html

and am now stuck. I've flashed and installed jaseger on the fon, and I can ping it from my linux laptop. (FON is 192.168.1.1 laptop is 192.168.1.2).

However when I run Karma.rc using Metasploit, Metasploit never tracks anything from the network, although I can see the activity in Jaseger.

The laptop is connected to the Fon via crossover cable like recommended but still I'm having issues. I can boot into the Fon and access it from http://192.168.1.1:1427 but I'm not sure what else I can do.

I've followed the first and second steps in this guide: http://www.h-i-r.net/2009/07/evil-wifi-par...nera-setup.html but still can't seem to get Jaseger to cooperate with Metasploit.

Only once did I ever see it tracking details in Metasploit, and it was tracking my own details.. (localhost) :s

Also, I cannot seem to get shared internet working either, (I am using a eeepc version of Ubuntu called Kuki linux). I figured one step at a time first though.

Please, any suggestions at this point would be fantastic, and greatly appreciated.

[easycheese]

my site talks you though setting up Backtrack4 and Fon for this very perpous. www.dc425.org/dhcp . though i know on that site it states that you need a crossover cable i am not using on and it works fine for me.

This setup will get internet sharing working so those connected to the Fon will be able to browse, and all traffic will come over the wire though your laptop and out your wireless. DHCP is shown on the leeses list. and in my tutorial it shows you how to see when a new lease is added.

Also once connected you just point Metasploit on eth0 and you will be able to target those that connect. i hope it helps let me know if you have any other questions.

I can also make a quick tutorial on using metasploit with this setup if you want.

[psilo]

Thank you! Your tutorial looks very helpful. Sure, if you want to write a tutorial on how to use metasploit for this purpose I would love to read it as well.

I think I may have just realized where I went wrong, with the IPTABLES, I will have to reflash my fon and try again. I'll let you know how it turns out.