Jump to content

Blacklist/whitelist Question


DyFukA

Recommended Posts

Where is the client black/white list located on the file system? (for blacklisting under the Karma config page) I want to manually edit the list. Also where is the list located for the "Blacklister" module? I accidentally whitelisted a MAC address using the "Blacklister" module and it wont let me remove it from whitelist. I'm not sure if the module list and the config page's list are the same.

Thanks

Edited by DyFukA
Link to comment
Share on other sites

there is no file in the system with black and whitelisted macs, that is why I created the module, it should be in the module itself if you dig there.

if you restart the pineapple whatever was black or white listed gets reset to nothing unless you use the module to autostart with its own list

Link to comment
Share on other sites

  • 2 weeks later...

there is no file in the system with black and whitelisted macs, that is why I created the module, it should be in the module itself if you dig there.

if you restart the pineapple whatever was black or white listed gets reset to nothing unless you use the module to autostart with its own list

Petertfm,

Does your module do mac address whitelistings? I kinda "Pineappeld" myself trying to wirelessly access my consol pannel :rolleyes:

Link to comment
Share on other sites

That is built in. Go to the Config page -> Karma config -> blacklist MAC -> blacklist your MAC

Ah, very good :D

Since I am a no0b at this, to protect myself from my own pineapple, I want to whitelist my own hardware right? I think I've been doing everything backwards... :wacko:

Link to comment
Share on other sites

Ah, very good :D

Since I am a no0b at this, to protect myself from my own pineapple, I want to whitelist my own hardware right? I think I've been doing everything backwards... :wacko:

You want to blacklist YOUR laptops / phones MAC. This means that Karma will NOT act on your MAC. If you were to whitelist, then it will only work on clients INSIDE the whitelist.

Link to comment
Share on other sites

petertfm,

One thing I've not been clear on about the Black/White List moduel is whether or not it works at the Pineapple level or if it's at the Karma level. By that I mean if I use your moduel and put a mac address in the Black list, will I be prevented from accessing the Pineapple at all or just from Karma? I've been worried about "Pineappling" myself out of web access accidentally as well so I haven't really messed with it. I definately use the Karma Black list that comes standard but I get annoyed at having to reset that each time I cycle power.

Link to comment
Share on other sites

petertfm,

One thing I've not been clear on about the Black/White List moduel is whether or not it works at the Pineapple level or if it's at the Karma level. By that I mean if I use your moduel and put a mac address in the Black list, will I be prevented from accessing the Pineapple at all or just from Karma? I've been worried about "Pineappling" myself out of web access accidentally as well so I haven't really messed with it. I definately use the Karma Black list that comes standard but I get annoyed at having to reset that each time I cycle power.

that is not possable you would not be able to connect and would have to reboot and or stop the module from autostarting to be able to connect again.

Link to comment
Share on other sites

  • 1 year later...
  • 1 month later...
  • 1 month later...

Yes, I have to say it took me a little messing around to figure out that the blacklist/white-list functions are in fact reversed when you're dealing with wifi-jammer.

It seems to me the way Karma uses the features is the correct method being that "blacklisting" means DO NOT associate with and "white-list" means DO associate with.

My question is a little different.....

For Karma, I put the MAC address for the actual pineapple itself in the blacklist. Is this necessary? Most likely it isn't, but does anyone know if blacklisting the pineapples MAC address would work against you in anyway? Is there perhaps a built in code in the firmware to already prevent such a thing from happening? I just thought to myself, its like taking two mirrors and facing them head on to each other.

I haven't seen this question asked... but maybe it was.

Thanks!

PS: @ Hak5 Uber fan +++

I laughed quite hard at your ICON.... a laser sight on a tripod-yagi... brilliant! looks like a machine gun.

Edited by numericaldigitaldroned
Link to comment
Share on other sites

@ Hackling....

To my understanding If you're in white-list mode then yes.. Karma will try to "mimic" the SSID's in your white list, however in blacklist mode Karma will not mess with the listed SSID's you place in that. Keep in mind the list stays the same even after switching between the two modes.

But it's one mode or the other. Either you're using the whitelist mode or the blacklist mode. Then you also have the outright blacklist as well to add all the MAC address' to in which you'd like Karma to ignore the beacons from.

I will say that every time I use the wifi jammer remotely it seems to jam up the pineapple too. I know the Black/white list are reverse for that infusion.... but gosh, I've been staying away from the jammer a little as it causes me connection problems no matter the settings. Can others elaborate anything they have done to successfully use the jammer in conjunction with karma without causing the unit to throw itself into the jamming??

Link to comment
Share on other sites

After some more thinking, I realized that I do change the MAC address' for the pineapples wlan0 & wlan1 every so often. I'm going to test how the infusions react when I supply their lists (adding the pineapples MAC's to the blacklist for KARMA and to the whitelist for Wifi jammer) and see if all stays steady.

I DO think maybe the developer of the wifi jammer infusion should release an update which switches naming for the black/white list so that its set up the SAME as KARMA to help new users to avoid this confusion.... However it may cause mass confusion for those out there who already use them as is. Perhaps the infusion update for the wifi jammer can be pushed and very clear in the information about the update that the names are reversing. It's just a suggestion.

Thoughts?

Edited by numericaldigitaldroned
Link to comment
Share on other sites

  • 4 weeks later...

For what it's worth, jammer v1.6 does actually call out what the white and blacklists are doing.

Note: APs on the blacklist are DeAuth'ed.

and

Note: APs on the whitelist are not DeAuth'ed.

It would be nice to see a similar call-out on the Karma config page for the two appropriate sections.

Link to comment
Share on other sites

  • 1 month later...

To summarize:

In Karma,

Client Blacklisting
----------------------------------
- Karma will not respond to or exploit blacklisted MAC addresses (clients)
- Your own devices should be blacklisted
- Client blacklisting is your ability to tell Karma to leave certain client MAC addresses alone (no matter how much they beg)
SSID Blacklist
----------------------------------
- Blacklisted SSID’s will not be impersonated by Karma
- Blacklist SSID’s you want Karma to leave alone
SSID Whitelist
----------------------------------
- ONLY Whitelisted SSID’s will be impersonated by Karma
- Whitelisted SSID are the only SSID’s attacked by Karma
- Use a whitlist to attack specific SSID's, leaving all others alone
SSID Whitelist/Blacklist is an either/or option (Cannot use both simultaneously)
The whitelist/blacklist terminology may make more sense if you think of it as Karma. When something is blacklisted, Karma won't interact with it. Blacklisting bans MAC addresses and SSIDs from Karma, not from the network. When something is whitelisted, Karma can only do something to it. Whitelisting severely constrains Karma, allowing it to only interact with things specified on the whitelist.
Edited by cmw
Link to comment
Share on other sites

  • 7 months later...
  • 3 months later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...