h1

Jasager- Karma on the fon – used to sniff a network…etc…

December 4, 2010

Jasager is an implementation of Karma designed to run on OpenWrt on the Fon. It will probably run on most APs with Atheros wifi cards but it was designed with the Fon in mind as it is a nice small AP which gives it a lot of scope for use in penetration tests and other related fun.

A quick highlight of features:

  • Web interface showing currently connected clients with their MAC address, IP address (if assigned) and the SSID they associated with
  • The web interface allows control of all Karma features and can either run fully featured through AJAX enabled browsers or just as well through lynx
  • Auto-run scripts on both association and IP assignment
  • Full logging for later review
  • Pluggable module system for easy extensibility
  • Basic command line interface so you don’t have to remember the different iwpriv commands

Uses

As with any tools, this tool can be used for good or bad. Here are some of the good uses:

  • In your office – Set it up to capture laptops before the bad guys do. Use a website to remind them of the rules.
  • On penetration tests – Lure in target clients to find a back door into networks
  • At home – Have fun with neighbours who try to steal your wifi bandwidth

Firmware Users

Jasager is now available as a complete firmware, just flash and go. The firmware includes all dependencies and opkg recognises that the Jasager package is installed.

Usage – Web

The web interface.

The web interface can be found on port 1471, simply browse to it and log in with your root username and password.

The interface first checks whether ath0 is up, if not it will give you the option to create it.

Once it has an interface to work with, the main screen is broken into 4 sections, top left shows the current status and allows control of Karma features, top right shows information, help and messages, bottom left shows a list of currently connected clients and bottom right is a dump of the log file. Both the client list and the log file will automatically update at 20 second intervals if AJAX is available, if not just refresh the page to update.

For yor guys info , here is the hardware that is pre-installed with Jasager. It’s called a wifi pineapple. Users can connect it through a wifi access point ,  and you can see the network traffic going through it , sniff the network , or do whatever you want with the traffic. The user assume to connect through a legitimate or known network , but then it actually connect through your wifi pineapple network.

The WiFi Pineapple is a hot-spot honey-pot

You see most laptops have network software that automatically connects to access points they remember. This convenient feature is what gets you online without effort when you turn on your computer at home, the office, coffee shops or airports you frequent.

Simply put, when your computer turns on the wireless radio send out out beacons. These beacons say “Is such-and-such wireless network around?” Jasager, German for “The Yes Man”, replies to these beacons and says “Sure, I’m such-and-such wireless access point – let’s get you online!”

Of course all of the Internet traffic flowing through the pineapple such as e-mail, instant messages and browser sessions are easily viewed or even modified by the pineapple holder.

The WiFi Pineapple Version 2 is a specially crafted, battery powered wireless hacking device based on an Accton wireless access point running Robin Wood‘s Jasager suite.

Well , that’s all for this week post. I hope you guys gonna enjoy it. If you wanna buy the wifi pineapple , just visit

http://www.hak5.org/store/wifi-pineapple-version-2

the wifi pineapple is come pre-installed with the Jasager. Great for penetration testing and network sniffing. If you do buy it , please sent me some feedbacks and comments about it.

Till then..have a nice weekend….

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: