Karmetasploit: Integrated Tools Lower Bar On Hacking Wireless Clients

facebooktwittergoogle_pluslinkedinmailfacebooktwittergoogle_pluslinkedinmail

Metasploit Framework integrated with KARMA! Metasploit is most potent security penetration and exploit development platform, while KARMA is a potent Evil Twin (Honeypot) tool with attracts unassuming wireless clients. With this integrated tool, it is all the more easier to establish wireless connectivity with probing wireless clients and “Metasploit” them.

http://trac.metasploit.com/wiki/Karmetasploit

http://blog.trailofbits.com/karma/

It has been consistently observed that wireless clients are at great risk of falling prey to Evil Twin because they keep probing for wireless networks in their preferred network list (PNL) all the time. Users often connect to wireless networks at various places and later forget to “clean up” the PNL. For example, the study performed by AirTight at airports worldwide showed large percentage of clients probing for undesirable SSIDs form their preferred network lists.
http://www.airtightnetworks.com/home/resources/knowledge-center/airport-scan.html
This finding was reinforced with the recent scan of financial districts.
http://www.airtightnetworks.com/home/resources/knowledge-center/financial-districts-scanning-report.html.

 

These realities and developments underscore need for protecting wireless enabled laptops from Evil Twin (Honeypot) and misassociations in general, i.e., wireless connections of clients to APs other than authorized APs.

 

Hemant Chaskar

Hemant Chaskar is Vice President for Technology and Innovation at AirTight. He oversees R&D, product strategy, and intellectual property.Hemant has more than 15 years of experience in the networking, wireless, and security industry and holds several patents in these areas.

Twitter 

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>