Shulou(Shulou.com)06/01 Report--

The reason why WiFiPineApple stands out from countless honeypots can not be separated from the Karma technology, then what is Karma? By the way, what is Jasager? Let's get to know this article together:

Here is a quote from the official website: http://wirelessdefence.org/Contents/KARMAMain.htm

KARMA is a tool set for evaluating the security of wireless clients at multiple levels. The wireless sniffer tool passively discovers customers and their preferred / trusted networks through the 802.11 probe request frame. Then, malicious people can detect the network for them by creating an illegal AP, and then they may join and use it automatically, or use custom drivers to respond to requests associated with any SSID probe. And a higher level of * can capture credentials issued by the client or exploit client vulnerabilities on the host.

To understand this, you first need to understand how wireless clients scan wireless networks.

In the process of working, the wireless client will regularly search the surrounding wireless network, that is, actively scan the surrounding wireless network. According to whether the Probe Request frame (probe request frame) carries SSID, active scanning can be divided into two types:

The client sends Probe Request frames (SSID is empty, that is, the length of the SSID IE is 0): the client periodically sends a probe request frame (Probe Request) to scan the wireless network in the list of channels it supports. When the AP receives the probe request frame, it responds to the probe response frame (Probe Response) to advertise the wireless network information that can be provided. Through active scanning, the wireless client can actively learn the available wireless services, and then the wireless client can choose the appropriate wireless network access according to the needs.

Client sends Probe Request (Probe Request carries the specified SSID): when the wireless client configures the wireless network to which it wants to connect or has successfully connected to a wireless network, the client will also send a probe request frame (Probe Request) periodically (this message carries the SSID of the configured or connected wireless network), and reply the probe response when the AP that can provide the specified SSID wireless service receives the probe request. In this way, the wireless client can actively scan the specified wireless network.

Karma is to capture the Probe Qequest with ESSID of the wireless client, and then simulate the relevant ESSID, so as to make the wireless client connect to the fake AP, and then carry on the subsequent *.

-

Jasager is based on a Linux firmware of KARMA. It can run on wireless cards of most access points and Atheros, and provides a set of Linux tools to discover security vulnerabilities in wireless clients, similar to WiFish Finder, but the biggest difference is that it can be used for wireless honeypots. Jasager can run on FON or WiFi Pineapple routers. It can configure soft AP, generate SSID searched by nearby wireless clients, and provide DHCP, DNS and HTTP services to wireless clients. The HTTP server can direct network access requests to specific websites. Jasager can also capture and display plaintext POP, FTP, or HTTP login information for any victim. Jasager has a web-based command line interface

At the beginning, the software part of WiFiPineApple uses Robin Wood to transform Jasager based on OpenWrt. At first, Jasager is only based on Fon. After generations of WiFiPineApple evolution, the shadow of Jasager fades slowly, in exchange for a brand-new version of MK IV.

At this point, there should be a rough outline.

Karma--Jasager--WiFiPineApple is such a process of development: from a single tool to the formation of wireless honeypot ideas to the integration of rich plug-ins can deploy a variety of WiFiPineApple.

To figure out these relationships, we understand that the core technology of the wireless honeypot is still Karma. By grabbing the probe to generate the corresponding SSID to attract the wireless terminal to automatically connect to the routing device, other data reading, script injection, and DNS spoofing can be completed with tools. In this way, we can create a wireless honeypot by ourselves.

Reference:

Http://wirelessdefence.org/Contents/KARMAMain.htm

Http://www.anywlan.com/forum.php?mod=viewthread&tid=171020

Http://radiowar.org/hardware/what-is-wifipineapple-2.html

Http://www.digininja.org/jasager/

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.