Wireless Security

Delivering Judicious Karma with Ubuntu 6.06 LTS and Madwifi-old

Share

or How I Stopped Worrying and Learned to Hate linux-modules-restricted.

Paul and I spent some time a few weeks back trying to get Karma working on my new Ubuntu 6.06 LTS installation. Needless to say we ran into a few problems with the MadWifi-old kernel modules.

For those not in the know, Karma is a great piece of software for demonstrating how insecure open wireless networks are, as well as illustrating problems that can be had by auto probing for insecure wireless networks. Karma uses a patch for the Madwifi-old drivers to answer for ANY open SSID request, and can perform a number of actions – DNS, DHCP as well as HTTP content redirection. The usefulness of such a tool is quite apparent, especially when delivering a demo to those management-types who like pretty pictures. We’ll be releasing a video segment of Security Weekly of Karma in the next few weeks.

Paul and I spent a few hours trying to figure out why my installation didn’t work, and I proceeded to spend several weeks scouring the internet looking for help to little avail.

I was able to put some of my research to good use, and certainly provided me the right direction. After all of this research I figured that I was not the only one in this predicament. As a result I’ve documented the steps that I have completed to make Karma work for me under Ubuntu with Madwifi-old. I’d like to release said documentation, so that you can learn from my experiences:

http://secweekly2.wpengine.com/KarmaUbuntu.pdf

I would certainly consider this a living document. Please, any and all comments and suggestions are greatly appreciated and should be directed to [email protected]

Enjoy, and may Karma be good to you!

– Larry

Larry Pesce

Larry’s core specialties include hardware and wireless hacking, architectural review, and traditional pentesting. He also regularly gives talks at DEF CON, ShmooCon, DerbyCon, and various BSides. Larry holds the GAWN, GCISP, GCIH, GCFA, and ITIL certifications, and has been a certified instructor with SANS for 5 years, where he trains the industry in advanced wireless and Industrial Control Systems (ICS) hacking. Larry’s independent research for the show has led to interviews with the New York Times with MythBusters’ Adam Savage, hacking internet-connected marital aids on stage at DEFCON, and having his RFID implant cloned on stage at Shmoocon. Larry is also a Principal Instructor and Course Author for the SANS Institute for SEC617: Wireless Penetration Testing and Ethical Hacking and SEC556: IoT Penetration Testing. When not hard at work, Larry enjoys long walks on the beach weighed down by his ham radio, (DE KB1TNF), and thinking of ways to survive the impending zombie apocalypse.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.