Karmetasploit: Another feather in Metasploit Hat

Metasploit is rocking again and this time with Wireless hacking. After getting Best of open source software in security field, Metasploit has come up with a wireless masterpiece – Karmetasploit.
Metasploit developers in collaboration with Aircrack-Ng developer hirte developed a super Access Point Impersonator (Rouge Access Point) based on KARMA Wireless Client Security Assessment Tool that can respond to all wireless probe requests from wireless clients.
Wireless sniffing tools from KARMA suite discover clients and their preferred/trusted networks by passively listening for 802.11 Probe Request frames.
From there, individual clients can be targeted by creating a Rogue AP for one of their probed networks (which they may join automatically) or using a custom driver that responds to probes and association requests for any SSID.
Higher-level fake services can then capture credentials or exploit client-side vulnerabilities on the host.

Karmetasploit is linked with SQLite3 and is used to store collected information from the connected clients to launch further exploitation attacks.
This tool is the best platform to launch all client side attacks against the connected clinets.

The Karmerasploit is still in a proof of concept mode but supports following extended features.

– Capture POP3 and IMAP4 passwords (clear-text and SSL)
– Accept outbound email sent over SMTP
– Parse out FTP and HTTP login information
– Steal cookies from large lists of popular web sites
– Steal saved form fields from the same web sites
– Use SMB relay attacks to load the Meterpreter payload
– Automatically exploit a wide range of browser flaws

For complete information on how to setup and use Karmetasploit, visit Metasploit blog.


About this entry