SKA - Simple Karma Attack

About

SKA allows you to implement a very simple and fast karma attack.

You can sniff probe requests to choice the fake AP name or, if you want, you could insert manually the name of AP (evil twin attack).

When target has connected to your WLAN you could active the HTTP redirection and perform a MITM attack.

Details

The script implements these steps:

  1. selection of NICs for the attack (one for LAN and one for WAN)
  2. capture of probe-requests to choice the fake AP name (tcpdump)
  3. activation of fake AP (hostapd and dnsmasq)

    • the new AP has a DHCP server which provides a valide IP to the target and prevents possible alerts on the victim devices
  4. activation of HTTP redirection (iptables)

    • only HTTP requests are redirect to fake site, while the HTTPS traffic continues to route normally
  5. activation of Apache server for hosting the phising site
  6. at the end of the attack the script cleans all changes and restores Apache configuration

Screenshots



Press CTRL-C to kill all processes and restore the configuration files.

FAQ

SKA alerts you if there are some problems with NetworkManager demon or Apache configuration file. Anyway you could find the answers to your problems in the links below:

  1. resolve Network Manager conflict 1

    section: “Resolve airmon-ng and Network Manager Conflict”

  2. resolve Network Manager conflict 2

  3. disable dnsmasq

In summary

  1. Disable DNS line in your NetworkManager configuration file (look into /etc/NetworkManager/):

    #dns=dnsmasq

  2. Insert the MAC of your wireless adapter between the unmanaged devices to allow hostapd works properly:

    unmanaged-devices=mac:XX:XX:XX:XX:XX:XX





Share this post




About

Welcome to Cyber-Security.tk my personal blog to share my knowledge
Cyber Security, Ethical Hacking, Web & Network Auditing, Reverse Engineering and Cryptography
This website don't use analytics tracking and is ads-free. JavaScript is enabled .


Contact

Contact Form : Connect with Us

    Ricochet : ricochet:3ka6l4q255cakeirgxupsl5i4lw3qpk5gmngtv5amax64hckuovgozyd


2023 © 0x1 | Cyber Security Consulting - Copyright All Rights Reserved