Tataboutlamin Posted October 24, 2012 Share Posted October 24, 2012 Ok so... how Karma works? I ran the script (from backtrack5) after being connected to an AP I wanted to "spy".... to be honest, It's my own router at home. So my equipments are : my PC, my laptop and my smartphone (android samsung nexus S) So Pineapple Wifi is plugged with my laptop.... my laptop is connectedon on my router (my router is connected to my PC). I launch the script on my laptop with backtrack 5, everything is going fine and my laptop has access on internet through my router AND access through my pineapple wifi.... I enable the karma option on my laptop.... My smartphone is not connected on my home router..... then I enable my wifi connection on my smartphone so it will connect on my router..... on my laptop I see : Karma : probe request from {MAC address of my smartphone} for SSID {SSID of my router} BUT IT'S OVER !!!!!! On websites or forums we can see that it's making "connection" or whatever..... What should I do to have "that" connection between my Pineapple Wifi Mark IV and people around me? I'm talking about myself as a victim... my own smartphone is trying to reach my router, and pineapple gets that probe request, but it doesn't established the connection I wanted! Thanks Quote Link to comment Share on other sites More sharing options...
iamk3 Posted October 24, 2012 Share Posted October 24, 2012 Is your home router secured? Karma only "spoofs" open networks. If you have never connected to an open network on your phone, it won't connect to the pineapple. Also, more and more I am seeing OS/ROM makers changing settings where a device won't connect automagically to open networks... Quote Link to comment Share on other sites More sharing options...
Tataboutlamin Posted October 24, 2012 Author Share Posted October 24, 2012 the only thing that i can see is this : ------- IP address HW type Flags HW address Mask Device 172.16.42.206 0x1 0x2 14:da:e9:19:7f:f6 * br-lan 172.16.42.42 0x1 0x0 14:da:e9:19:7f:f6 * br-lan KARMA: ENABLED KARMA: Probe Request from 74:f0:6d:93:a3:a2 for SSID 'ulaval-wpa' KARMA: Probe Request from 5c:95:ae:cf:6b:0c for SSID 'Hotel*Universel' KARMA: Probe Request from 5c:95:ae:cf:6b:0c for SSID 'Cage-Ste-Foy' KARMA: Probe Request from 88:c6:63:89:35:87 for SSID 'reseau-maison' KARMA: Probe Request from 88:c6:63:89:35:87 for SSID 'VIA_Train' KARMA: Probe Request from 00:21:5d:62:59:56 for SSID 'ulaval-wpa' KARMA: Probe Request from 70:1a:04:97:f0:94 for SSID 'ulaval-wpa' KARMA: Probe Request from 58:55:ca:64:79:d2 for SSID 'NETGEAR' KARMA: Probe Request from 58:55:ca:64:79:d2 for SSID 'Not Yours!' KARMA: Probe Request from 58:55:ca:64:79:d2 for SSID 'AERO WI-FI' KARMA: Probe Request from 58:55:ca:64:79:d2 for SSID 'A&O Lobby FREE' KARMA: Probe Request from 58:55:ca:64:79:d2 for SSID 'AO Lobby FREE' KARMA: Probe Request from 58:55:ca:64:79:d2 for SSID 'tomato-kn' KARMA: Probe Request from 58:55:ca:64:79:d2 for SSID 'BTOpenzone' KARMA: Probe Request from 58:55:ca:64:79:d2 for SSID 'Wifi-CIARUS' ------- and it goes on and on.... what can i do after that? nothing is connecting? Quote Link to comment Share on other sites More sharing options...
Razzlerock Posted October 24, 2012 Share Posted October 24, 2012 I'm seeing something similar on v2.7. I see lots and lots of probe requests (maybe 50) but only 1 client actually connected. I would say at least 20 of the SSIDs probed are open. Is Karma broke, or is it a client thing? I'd be interested to hear other thoughts, as Karma is 'THE' single most important tool for the pineapple and should be bullet proof. Razzlerock Quote Link to comment Share on other sites More sharing options...
Tataboutlamin Posted October 24, 2012 Author Share Posted October 24, 2012 My question is : how to broadcast? Is it just in the configuration tab changing my pineapple SSID for an open SSID prob and voila? Or there is more to do that i don't understand? How to fake an SSID and hide it so that we don't see 2 same SSIDs??? Quote Link to comment Share on other sites More sharing options...
01000010 Posted October 25, 2012 Share Posted October 25, 2012 well I will say try quick karma test. setup every thing, then on victim connect to hidden network and punch something in using no encryption If you connect then your karma/pineapple is working. As to faking an SSID, You just set the karma config file to not broadcast its ssid, then it will only display ones that are created from victims probes not one you set. Quote Link to comment Share on other sites More sharing options...
PineDominator Posted October 26, 2012 Share Posted October 26, 2012 yesterday I had same issue not one person connected but me in about an hour??? it was a heavy trafic area where all of us were pen testing:-) Quote Link to comment Share on other sites More sharing options...
Razzlerock Posted October 31, 2012 Share Posted October 31, 2012 So, I worked out what I was doing wrong..... *sigh* I thought that the SSID you configured in 'Configuration' (Karma SSID) or using the Network Manager module was for management-only. Therefore, I set this to an SSID I knew, lets say 'my-wireless' with a PSK. I could now manage the pineapple wirelessly and securely with the PSK. This obviously breaks Karma (relies on open authentication). I set my wireless SSID 'my-wireless' back to open authentication, and now clients can connect when they probe for an SSID (Karma kicks in and says 'yes, im here'). Is there a way to configure no SSID? In other words, there is no need to configure an SSID because I do not want to use wireless for management. I want to use the wireless ONLY for karma so that clients that probe for an SSID will auto-connect to me. Any thoughts? Razzlerock Quote Link to comment Share on other sites More sharing options...
creatox Posted October 31, 2012 Share Posted October 31, 2012 either get the network manager module, there is "dont broadcast ssid" option or i think you can: iwconfig wlan0 essid off Quote Link to comment Share on other sites More sharing options...
Razzlerock Posted November 1, 2012 Share Posted November 1, 2012 The 'don't broadcast ssid' doesnt stop the SSID from functioning, it just means that you must 'know' the SSID before hand or wait for someone to connect to it and then you can see the SSID in the probes. The second command seems interesting. So you think this will effectively disable the use of an SSID but still allow Karma to work? That would be beautiful. Razzlerock Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.