HackYourMind Posted December 20, 2013 Share Posted December 20, 2013 This is a noob question, but I am still trying to figure out. How do I go about spoofing an open network in the area? Let's say I am at Starbucks, and the Wifi name is "Starbucks Wifi" - In Karma configuration do I just change my SSID to "Starbucks Wifi"? Wouldn't that cause some sort of conflict. Also, how would I get those people who have had their preferred network as "Starbucks Wifi" to connect to my pineapple instead of the real deal? Quote Link to comment Share on other sites More sharing options...
Ingsoc Posted December 20, 2013 Share Posted December 20, 2013 If you set your SSID to the spoofing target, clients intending to connect to "Starbucks Wifi" will connect to you, provided your signal and quality is better then the actual network. This is generally a matter of proximity being the main factor. A client currently connected to the target network will not leave to connect to you automatically, this is where you would want to run a deauth attack. Wifi devices are relatively trusting in the greater scheme of technology, two networks broadcasting the same SSID won't cause a conflict. When a client whose preferred network is "Starbucks Wifi" prepares to connect, it will connect to your network, conditional on the factors mentioned above, just like a client who is manually connecting. Quote Link to comment Share on other sites More sharing options...
Boosted240 Posted December 20, 2013 Share Posted December 20, 2013 Check this thread out: https://forums.hak5.org/index.php?/topic/31289-rogue-ap/ There is some information in there you will probably find useful. Quote Link to comment Share on other sites More sharing options...
kerpap Posted December 23, 2013 Share Posted December 23, 2013 (edited) in the GUI under the Karma sub-page 3rd tab over Karma config you will see SSID. the default is Pineapple_<last 4 of the MAC> change that to "Starbucks" if you are using the CLI the config file is /var/run/hostapd-phy0.conf scroll to the bottom you will see wpa=0 ssid=pineapple_123 <--edit this bridge=br-lan NOTE: dont go messing with the settings unless you know what you are doing. otherwise you'll have to flash the FW. Edited December 23, 2013 by kerpap Quote Link to comment Share on other sites More sharing options...
Lockon Posted December 23, 2013 Share Posted December 23, 2013 (edited) This is a noob question, but I am still trying to figure out. How do I go about spoofing an open network in the area? Let's say I am at Starbucks, and the Wifi name is "Starbucks Wifi" - In Karma configuration do I just change my SSID to "Starbucks Wifi"? Wouldn't that cause some sort of conflict. Also, how would I get those people who have had their preferred network as "Starbucks Wifi" to connect to my pineapple instead of the real deal? Ingsoc explained it well. When dealing with WiFi access points, you need to know 3 things. BSSID, ESSID and encryption method. 1. The ESSID is the name of the access point, which can be "My Home Network" or "Laundromat WiFi". 2. The BSSID is the MAC address of that access point. 3. The encryption method is whether it's Open, WPA, etc. The SSID you refer to is the ESSID and the mobile device associates the ESSID along with the BSSID together. So it would be like you showing up at John's house and asking for John (ESSID) but to make sure you're at the right place, you check the mailing address of the home to make sure (as there's a lot of "John's" in the world). To fool the person, it's easy to spoof the ESSID because you can name it whatever you want, it's mainly there to make it easier for mobile device users to distinguish each access point within range. So to use a laundromat scenario, if the access point for WiFi is 200 feet away and John is outside waiting for his clothes to finish drying surfing the net, you need to disconnect him by deauthing him first. Then you have your spoofed access point running Karma having it closer to him (mostly for a stronger signal) so that his mobile device chooses to connect to you instead. When he checks his device to see if he's still connected, he'll see the spoofed ESSID and as long as he has internet, will continue to surf the web. Your pineapple could be located in a parked car very near John but out of sight. Edited December 23, 2013 by Lockon Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.