Jump to content

Karma usage for Security Assessment (suggestion if not avaliable already)


Recommended Posts

Ok here is the thing.

We know how to use karma for Penetration testing and why not.

Suddenly I got the idea of using Karma to check on the MAC addresses that were trying to reach my Home internet connection, such as cellphones, laptops, tablets and why not. I don't know about you guys, but I know what MAC addresses are mine and which ones are not.

So I though It would be a pretty good Idea a Karma module to verify that there's nobody out there trying to do some Wireless hacking on your internet connection or already connected to your wireless connection, or something like that (being the last one kind of pointless since you can go manually to check on your internet gateway who is connected or not.)

After that I continued dreaming, and I though it could be possible to actually make Karma an actual Wireless Honeypot. Were white-listed MAC addresses are allowed into your SSID, and unrecognized MAC addresses trying to reach your SSID are automatically added directly to Karma in the Pineapple. Allowing you to do some type of warning "Stay out of my wireless"

What you guys think? is it possible to do so with the current Karma? or Does it needs to be written from 0 a module like that?

Cheers and beers

Link to comment
Share on other sites

I'm not understanding what you want. You want to monitor everyone trying to connect to your home AP? Use kismet (on another computer) and don't channel hop. I don't see where karma comes into play here at all. Karma just broadcasts APs that clients are looking for. It has nothing really to do with logging, although all connections attempted to the Pineapple should show up on the homepage of the interface.

The best solution I've found to track attempted connections to any AP is kismet and it's nice and passive. Perhaps you should rephrase your questions because I'm having trouble understanding exactly what you are trying to accomplish.

Link to comment
Share on other sites

Ok, I'll take your advice

Just like you said, Karma tracks clients that want to connect. I'm stating that there should be a module (or infusion) for the pineapple that tracks clients trying to connect to the Home AP and whitelist the ones that are ok or "accepted" and the ones that are trying to connect that are not in the whitelist, should go connected to Karma for protection of your home AP.

Better?

I will definitely will look into Kismet, but the idea was to be implemented in the Pineapple

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...