Mitm Help

[carcar1]

I've been messing with transparent rouge ap's but I have tried 3-4 guides. 2 being scripts and some manual. One was uncompleted where it involved iptables but I didnt want to pick and choose guides. Can anyone point me to a guide that works 100%? This is to test on my own home. I have 2 wireless cards both are atheros packet-injecting ready. I am not a noob to cracking wifi and such but when it comes to ap's I've never had any support. Also can Jasaga work on bt4f? I want a fon but I dont want to spend money when I'm sure there are ways to do it on my laptop.

Thanks Carcar1

[digip]

If you are trying to make your machine an access point then I suggest bridging your wireless adapter to a wired conenction and then just run wireshark to sniff the adapters traffic as people connect through you to the wired internet connection. I gues syou coudl to it with two wireless adapters as well, but if you already have a wirelss router, just let people connect to it, then do a normal mitm via arp poisoning and you can see everything there as well.

[c0r]

Maybe some of these video's will help you!

c

[carcar1]

@c0r that was some good stuff, I'll check more out later. Also his rouge ap script doesn't work for me for some reason :(

@digip- I was going for more of a Jasaga based approach. Is it possible to get something similar to Jasaga on a Laptop?

Edited April 2, 2010 by carcar1

[c0r]

you should take a look at karmasploit then.

c

[carcar1]

@c0r- I found a guide that works for karmetasploit :) Paired with airdrop-ng my client won't ever see light of day now. BUT karma is running and its logging some goodies but I dont see any passwords? Would ssl strip work?

*The guide shows how to allow people to passively connect I know airdrop-ng can nullify that. However I want it so they are forced upon being de-authed to automatically hop onto my karma ap.

Edited April 2, 2010 by carcar1

[c0r]

ssl strip,ettercap and configuration of iptables should do it yeah.

c

[digip]

@c0r that was some good stuff, I'll check more out later. Also his rouge ap script doesn't work for me for some reason :(

@digip- I was going for more of a Jasaga based approach. Is it possible to get something similar to Jasaga on a Laptop?

I think jasegar is based on doing just what you ask. I think(dont quote me on that) its called Karma or karmetasploit in Back Track, where it uses one nic as an access point (SSID) and then mitm's all the traffic when people connect through it, but I have no experience with it.

[carcar1]

Okay I know what CAN do it. But I need to know HOW to do it. Right now I have a client hooked up to a karmetasploit acces point. When the client goes to a website it comes up "Loading....." I want it to go to the site and then I want the password if it had ssl. I have done it before with arp poising but I want to do it with karma now.

[digip]

Okay I know what CAN do it. But I need to know HOW to do it. Right now I have a client hooked up to a karmetasploit acces point. When the client goes to a website it comes up "Loading....." I want it to go to the site and then I want the password if it had ssl. I have done it before with arp poising but I want to do it with karma now.

To get the pass onan SSL site you need something like SSL strip as well. Not sure if Karmetasploit can do that too though.

[carcar1]

So I'm guessing arpspoofing and ssl strip as displayed in one of the episodes is my only bet?

[digip]

So I'm guessing arpspoofing and ssl strip as displayed in one of the episodes is my only bet?

Unless you know some other way to bypass SSL, then I would try Arp Spoofing + SSL Strip.

[carcar1]

I figured it out. I simply used arpspoof to mix up some arp replies and then I use wireshark to see none encrypted stuff and use ssl strip to get the goodies.

[Infiltrator]

I figured it out. I simply used arpspoof to mix up some arp replies and then I use wireshark to see none encrypted stuff and use ssl strip to get the goodies.

Sounds good to me!