wuzz Posted October 5, 2010 Share Posted October 5, 2010 Hey everyone, this is my first post here at Hak5, I've been lurking for a bit without an account and now I need question answered that some might be familiar with around here. It's some what related to the WiFi pineapple in a sense, but I'm wondering if I can kinda of do the same what the FON 2100 with Jasager and blah blah with a Linksys WRT54G and DD-WRT or Open-WRT and either set it up so it does the same as seeing how many clients will connect to my AP or spoofing an AP or network as an AP to get clients to connect to me and pretty much go through me as their port to the internet whether it be my laptop tethered to my phone or me at a McDonalds or Starbucks with free WiFi. Here is my visual explanation, eh sorta, it's not exactly as I explained but one of the things I could do and possibly aim for..?: Quote Link to comment Share on other sites More sharing options...
Sparda Posted October 5, 2010 Share Posted October 5, 2010 The point of yaseger is to pretend to be all access points at once. Using a AP with the 'not right' adapter will allow you to easily do the MITM and sniffing and what not, but the victims have to come to you rather than you inviting them in. Quote Link to comment Share on other sites More sharing options...
wuzz Posted October 5, 2010 Author Share Posted October 5, 2010 Hm, what are my options with my WRT54G then, would I be able to anything remotely the same as Jasager? Or as I said before could I spoof network info with the help of kistmet and just wait for clients to use me as an AP, if that's possible? Quote Link to comment Share on other sites More sharing options...
Sparda Posted October 5, 2010 Share Posted October 5, 2010 you can pretty much do every thing that jasager can do except to pretend to be every AP that is looked for, which is what makes jasager so good. Quote Link to comment Share on other sites More sharing options...
wuzz Posted October 5, 2010 Author Share Posted October 5, 2010 Gah, so I just have to spoof as an AP and wait for clients to actually connect to me by using their windows wireless zero config or what ever wireless drivers they have and actually click on the spoofed network, and would possibly be a lot better if I had a ranger extender or increase the power in this thing. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted October 6, 2010 Share Posted October 6, 2010 (edited) Pretty much you have to go fishing/troll for users. Make your SSID something along the lines of "Free Secure WiFi" or "High Speed WiFi". SSID is your bait. My typical setup with the Fon/Jasager is... Client/Vic => Fon => Laptop => internet Wifi You could also do the same... Client/Vic => WRT => Laptop => Internet source Or you can do what you mentioned and use the laptop for the spoof AP Client/Vic => Laptop_AP => WRT => Internet source. Edited October 6, 2010 by Mr-Protocol Quote Link to comment Share on other sites More sharing options...
wuzz Posted October 6, 2010 Author Share Posted October 6, 2010 I'm really liking Client/Vic => Fon => Laptop => internet Wifi, but either method would mean just me baiting people and getting lucky, unless I did spoof AP I could just be on the edge of it with a range extender meaning other people in the area could pick it up. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted October 6, 2010 Share Posted October 6, 2010 Or if you don't want to wait until a user connects to your Fake AP, you could send some Deauth packets to kick them off the wireless, so making them come right at you. Not a nice approach, I know but it would theoretically work. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted October 6, 2010 Share Posted October 6, 2010 (edited) Or if you don't want to wait until a user connects to your Fake AP, you could send some Deauth packets to kick them off the wireless, so making them come right at you. Not a nice approach, I know but it would theoretically work. Depends on signal strength. If the client is further away from you than the other access point, you will not get the connection. Jasager is essentially Karma (The tool not whatever else you may be thinking), which was taken over by metasploit so hence we have Karmetasploit. http://www.wirelessdefence.org/Contents/KA...ue_Services%29: I'm sure you can just run Karmetasploit to do what you need. http://www.metasploit.com/redmine/projects...i/Karmetasploit Edited October 6, 2010 by Mr-Protocol Quote Link to comment Share on other sites More sharing options...
wuzz Posted October 6, 2010 Author Share Posted October 6, 2010 Pretty much you have to go fishing/troll for users. Make your SSID something along the lines of "Free Secure WiFi" or "High Speed WiFi". SSID is your bait. My typical setup with the Fon/Jasager is... Client/Vic => Fon => Laptop => internet Wifi You could also do the same... Client/Vic => WRT => Laptop => Internet source Or you can do what you mentioned and use the laptop for the spoof AP Client/Vic => Laptop_AP => WRT => Internet source. Depends on signal strength. If the client is further away from you than the other access point, you will not get the connection. Jasager is essentially Karma (The tool not whatever else you may be thinking), which was taken over by metasploit so hence we have Karmetasploit. http://www.wirelessdefence.org/Contents/KA...ue_Services%29: I'm sure you can just run Karmetasploit to do what you need. http://www.metasploit.com/redmine/projects...i/Karmetasploit Karmetasploit is exactly what I need, thank you Mr-Protocol. Now my only problem is, I'm probably going to end up doing this on an older system or laptop I have, I'm hoping not my IBM ThinkPad 765d, but if it is, I'm praying all of this works on Damn Small Linux and the PCMCIA card I'm getting is compatible with the OS aannd Karmetasploit. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted October 6, 2010 Share Posted October 6, 2010 You could look into BackTrack 4. www.backtrack-linux.org Quote Link to comment Share on other sites More sharing options...
wuzz Posted October 6, 2010 Author Share Posted October 6, 2010 You could look into BackTrack 4. www.backtrack-linux.org Yea I'm aware of BT4, it's actually in my pentest lab on my vmware server, but if I have to use that old laptop then I'll use DSL, my other laptop is down right now with a broken hard drive controller. :( Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted October 6, 2010 Share Posted October 6, 2010 Depends on signal strength. If the client is further away from you than the other access point, you will not get the connection. Yep I know signal strenght will be an issue, if client is far away from you. That's why a high gain anthena would be good to have. But again that may draw some attention. Anyway will look into the Karma thing. Quote Link to comment Share on other sites More sharing options...
wuzz Posted October 6, 2010 Author Share Posted October 6, 2010 Hm now I don't even think I'll need to flash the WRT54G if I can set it up as an AP through the Linksys Control Panel, I can just use the LAN port set it up with Karmetasploit and a battery pack (probably should test it a bit first plugged in) and technically I should be good to go after some config I believe, right? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.