New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
A WPA 2 karma attack (saved network handshaker ) #1
Comments
Hi minanagehsalalma, The karma attack, generally, works correctly for all mobile devices; in fact, mobile devices connect automatically to open networks even they already have a saved password for them. The case that you reported, probably, refers to desktop devices; in these cases, as you say, the best approach could be aircrack-ng suite (to catch and decrypt handshake). However, my script was designed to work with mobile devices, to attack on the fly; so, I have written it following KISS philosophy, with the minimal number of functions (i.e. lines of code). You could make me a pull request with your code so I can evaluate the idea of a merge. Please, write me again if you find the solution to your problem or if you find other problems. |
Are you sure about this ?
Here is an similar repo although it suggested that we do the part that we are talking about in a manually way
I think this won't add match to at it would be a couple of commands The steps should be as simple as this 2- launch 2 version of the ssids one open and one secure if it connects to the open one put a red check mark on it (in the list of the probed networks ) and if connects to the secure one capture the handshake and put a green check mark on it (in the same list ) 3-after capturing a Good number of handshakes then start brute forcing 4- when it cracks a weak one.. broadcast it to get the victims connected |
Hi minanagehsalalma,
I read about it here: https://null-byte.wonderhowto.com/how-to/hack-wi-fi-creating-evil-twin-wireless-access-point-eavesdrop-data-0147919/ It is necessary to add the feature that you proposed, but I don't think that a couple of lines are sufficient.
I'd avoid to add external repository to this. The code must be entirely written in bash with the least amount of external (not native) software; this is an important requirement to simplify the installation. It also must be simple to read, so anyone could read it and trust it. Thank you so much for this issue. Please, write me again if you find other. |
Yup I knew it no problem..
So I am ... Maybe in the late months of this year or the next ..
You are welcome |
as karma attacks works on saved open networks only and not secured ones so we will need to have the password first to get it work although this seems a bit hard... the number of saved networks Guarantee that there is a one with a weak password... so will need to make the karma attack start two networks of the targeted prob one open and the second secured and the victim will auto connect to the one with the correct configuration with the saved obviously correct password and we save that handshake with the other handshakes captured form the same device to brute force and break the ones with the weak passwords.
The text was updated successfully, but these errors were encountered: