KARMA: A MITM Attack
What is KARMA ?KARMA stands for Karma Attacks Radio Machines Automatically. A radio machine could simply be a smart-phone, tablet, laptop or any wi-fi enabled device. It is a man-in-the-middle attack that it creates a rough AP and attacker could intercept all the traffic passing from the AP.First, we'll talk about the working of the wi-fi. Every time you on your wi-fi, your device start sending probe requests.Let's suppose you were connected to pawnshop wi-fi network so your device remembered it. Now here the KARMA attack takes place. Suppose your wi-fi is on, so your device is sending probe requests continuously (you are 1000 km away from the pawnshop wi-fi network). When a KARMA enabled device (attacker device) listens for the probe request, it intercepts the probe request packet and generates the same AP for which the device is sending probes. When the device gets a probe response and it is being remembered then device tries to connect to roughAP and when the connection is being established your data traffic is passing from the roughAP (attacker) which can be intercepted. It doesn't matter how far the pawnshop wi-fi is from your device.All the other wi-fi devices, like routers, KARMA device doesn't emit beacon frames. But when it listens to a probe request for a specific SSID then it generates the wi-fi for the SSID to deliver the client. A client sees the SSID is available there and tries to connect. You can write your own script for making your own KARMA enabled device or there is hardware available, named WiFi pineapple for performing these types of attacks.I hope you understand. There is another post written by me https://www.cybrary.it/0p3n/fluxion-tool-hacking-wi-fi-without-dictionary-bruteforce/Thanks! If you like what I do, please support me on my youtube channel by subscribing.