I decided to write a small script to help me with running Karmetasploit during authorized pentest. The script has two options one where it runs as a greedy access point answering all request and a second option that uses a file with a MAC addresses as filters so as to limit the attack to those clients that one is authorized, the MAC addresses have to be one by line. I hope you find it useful.

Karmetasploit Script Download

You must have the latest version of Aircrack-ng 1.0 from svn and the latest patched versions of the drivers of the wireless cards, the cards must support injection. I have only been able to test it with atheros and ralink cards. It will generate the following files:

• Capture file of all traffic /root/kms.cap
• Log file /msf3/karma.log
• Sqlite3 Database with all information from Metasploit /root/karma.db