|
KARMA Wireless Client Security Assessment Tools
hot!
|
|
Hits: 103 |
|
Date added: 11/27/2006 |
|
KARMA is a set of tools for assessing the security of wireless clients at multiple layers. Wireless sniffing tools discover clients and their preferred/trusted networks by passively listening for 802.11 Probe Request frames. From there, individual clients can be targetted by creating a Rogue AP for one of their probed networks (which they may join automatically) or using a custom driver that responds to probes and association requests for any SSID. Higher-level fake services can then capture credentials or exploit client-side vulnerabilities on the host.
KARMA includes patches for the Linux MADWifi driver to allow the creation of an 802.11 Access Point that responds to any probed SSID. So if a client looks for 'linksys', it is 'linksys' to them (even while it may be 'tmobile' to someone else). Operating in this fashion has revealed vulnerabilities in how Windows XP and MacOS X look for networks, so clients may join even if their preferred networks list is empty.
Currently, these releases are BYOX (Bring Your Own Exploits), although a number of client-side exploits have been written, tested and demonstrated within this framework. Some may be included in a future release. Automated agent deployment is also planned. |
|
|
|
|
|
IGiGLE
|
|
Hits: 37 |
|
Date added: 06/03/2007 |
|
Irongeek's WiGLE WiFi Database to Google Earth Client for Wardrive Mapping |
|
|
|
|
|
|
Hotspotter v0.4
hot!
|
|
Hits: 61 |
|
Date added: 09/29/2005 |
|
Hotspotter v0.4 - Automatic wireless client penetion:
Hotspotter passively monitors the network for probe request frames to identify the preferred networks of Windows XP clients, and will compare it to a supplied list of common hotspot network names. If the probed network name matches a common hotspot name, Hotspotter will act as an access point to allow the client to authenticate and associate. Once associated, Hotspotter can be configured to run a command, possibly a script to kick off a DHCP daemon and other scanning against the new victim. |
|
|
|
|
|
|
Hidattack
hot!
|
|
Hits: 72 |
|
Date added: 01/07/2007 |
|
Demonstrates serious security vulnerabilities in Bluetooth at the protocol level. Hidattack permits remote, external control of a wireless Bluetooth keyboard, so that it is possible to make keyboard entries on the connected computer. |
|
|
|
|
|
|
gWireless v0.8
|
|
Hits: 22 |
|
Date added: 09/08/2005 |
|
This project aims to create a GNOME-based panel applet and management tool to manage wireless network cards that support Linux wireless extensions. You can find a list of such cards at Jean Tourrilhes's Linux Wireless LANs page. Many IEEE 802.11 compatible cards fall into this category, including the Lucent Orinoco and Applet Airport.
The complete set of tools is called gWireless. Currently, gWireless consists of two basic tools which are in early development stages. The most visible tool (and one that works with basic functionality today) is a link quality monitor applet (called gwireless_applet). Quality is displayed by altering green and red values of the applet. The better the link quality, the more green the display. Red values are the complement (? ... max - green value) of the green values (for example, if green is 255 then red is 0, green 200 then red 55, etc.). So, red is bad, orange (or muddy brown) is moderate to poor, and green is good. The applet will display blue if there are no wireless adapters listed in /proc/net/wireless. |
|
|
|
