Karma fixed yet?

[ZaraByte]

I've been holding off buying the pineapple cause back when they were introducing it they said it wasn't working just curious to know if karma is working now cause its kinda useless if devices won't auto connect to the pineapple.

[Sebkinne]

Karma is NOT broken. It works just like it used to.

The issue is that some newer devices have stopped probing for networks, something that is required for karma to function on those devices.

[ZaraByte]

So has anything been done to correct that yet? It's been months since i looked into the pineapple last time i heard anything was back when it was introduced last year.

[Lockon]

It's not an issue with Karma, so there's nothing to fix. Karma exploits a weakness in how some WiFi-enabled devices probe for networks to connect to. It appears that some manufacturers have since improved their probe implementation and that's what we want, a continuous improvement over current technologies.

[mw3demo]

Darren post back in October sums it up well:

Posted by Darren Kitchen on 24 October 2013 - 10:38 AM

Karma is one piece of the puzzle, and it's true some vendors have adapted. Taking a step back and looking at the greater picture however, Karma is only a single component of a much larger concept: Hot-Spot Honey-Pot. Since the introduction of the WiFi Pineapple this has been a primary goal - to capture clients for man-in-the-middle attacks, as well as more recently as a pen-test pivot box.

Karma in its current form is highly effective against a majority of devices. Right now this is done by taking advantage of a trust relationship in only one of the thirteen 802.11 management frames - probes.

Now while 802.11 is a standard, the way in which it's implemented is not - it varies by vendor. Most recently two high profile vendors have changed the way they implement the spec: Google relying less heavily on probes while Apple relying more so. In the case of the former also keep in mind Android is its own hot mess with various vendors implementing the OS in different forms (I'm looking at you Sammy).

What does this mean for the WiFi Pineapple and the wireless hot-spot honey-pot? Quite simply, we adapt. In the game of cat-and-mouse that is hacking, tools and techniques evolve as the ever changing landscape shifts. Build a better mouse, build a better mousetrap.

The core concept of Karma in its current form relies on a rather limited approach to client harvesting. With the next version, or the next tool in our honey-pot arsenal, we'll implement additional approaches as appropriate and as the bare metal as our disposal allows.

We already have some interesting new attacks in testing that have proven quite successful as well as more on the drawing board for later, when it's time to respond again. Once everything is stable and to our liking we'll roll out an update that improves the overall effectiveness of the platform.

It appears they have been experimenting with new attacks back in October. Hopefully some turned out to work well and we will see them rolled into future updates.

[ZaraByte]

So i missunderstood the whole problem i guess i didn't realize it had to do with the the other devices.

Should be interesting to see what the next step does now days not many people have out dated devices most of the people get their phones replaced just about ever couple months.

I mainly see people down here using Mac Book Pro computers just it just means for now it will require a little more to get victims to connect to the honey pot then rather then having them auto connect to it.

[yabasoya]

Name your ssid 'attwifi' and you pretty much don't even need karma running.

[thesugarat]

ZaraByte,

Darren said "Google relying less heavily on probes while Apple relying more so." That part about Apple is important... it means that Apple devices are now more vulnerable to Karma than ever! And Karma is not the only reason to own a pineapple. yabasoya is correct. You can simply go "fishing" by naming your Pineapple's AP to something like Free WiFi. Or Starbucks WiFi or whatever and let people choose to connect. With the right captive portal (nodog splash) and dnsspoof with some phishing pages it is well worth your time. Even just using sslstrip would be useful. Or have fun and RandomRoll people. Personally I like the Pineapple Surprise page as I'm more about educating folks than "hacking" them.