Those that listen to my podcast know i’ve been messing around with Jasager for a while now. I finally got some time to play this past week so i took the chance and while tweaking my new netbook decided to have some fun. So here’s a list of things I did and what can be accomplished.
Step 1 – Build a Jasager AP
If you don’t know what the heck i’m talking about. Jasager is a hacked up FON AP/router running Karma. You can get all the info you ever wanted at the following places:
- Hak5 – Episodes 403 and 405 and Forum
-
DigiNinja’s Page – Main contributors page
Step 2 – Configure Jasager to work with a laptop running Internet Connection Sharing
Once again the guys at Hak5 make setting up the AP and your laptop pretty Idiot Proof – Wiki Link
Step 3 – Configure Laptop for Packet Sniffing Hackery and Enjoyment
Since I’m letting Jasager assign DHCP to the "clients" of the AP – all i have to due at this point is figure out what i want to do to them. Here’s a list of what I’ve been running so far.
Note – This configuration makes the assumption that you are providing Internet access to your clients via a second interface (could be Ether / Wifi / or EVDO or 3G card).
- Cain and Able – Window’s primary swiss army knife application when it comes to password grabbing and sniffing.
- Hamster and Ferret – Errata’s fun little SideJacking tool set for grabbing packets and session cookies.
- Etherwatch – Windows version of Driftnet – draws all the image files coming off the wire to the screen – nice screensave.
Since all of these applications use WinPCAP, you can safely run them all at once and monitor the same NIC card (in my case the etherport that connects the Jasager AP to my laptop).
Step 4 – Hack away
Once you’ve gotten everything setup you can hack away at that point. I’ve even tested the Windows configuration running the latest Hak5/DigiNinja configuration (Interceptor) and it works great in that scenario as well.