Wispi (mini karma firmware) for various type TP-link router, ex: tl-wr703n, tl-mr3020, tl-mr3040, tl-mr3220V1/v2, tl-mr3240V1/V2

Visual description of the workings of Karma.
In Wispi files that are responsible for executing Karma is:
- mac80211.sh, a file that is responsible for generating a log karma. This file is located in /lib/wifi/mac80211.sh.
- Hostapd_cli, an executable binary file that holds temporary command to run karma. In addition, this file is not part of the standard package openwrt. This file is located in / usr / sbin / hostapd_cli.
- WPAD, an actual file executes karma. This file is located in the same directory as hostapd_cli in / usr / sbin / wpad.
How to use the web interface via Wispi quite easy, simply by clicking on the section start W_S Karma. Karma was active and ready to wait and reply to the probe request from the wireless client in the vicinity. Especially for mr3020 karma can also be activated by moving the switch from 3G to tombolWisp.

Proof of Concept image when a router running Karma.
2 Spoofhost Spoofhost an implementation spoof / misdirection all dns on port 80 that prompted the client to the index.php page. Files that men_trigger spoofing is a firewall configuration file and the files dhcp. This is a normal used as the setting on the captive portal.
But it would be quite dangerous if the landing page of the payload embedded directly pagesnya active when the client requests a page http mebuka in the browser.
The changes to the settings on the firewall configuration files in / etc / config / firewall is the addition redirect to pages /www/index.php lan connection.
The following amendments are marked with red. -------------------------------------------------------
/ etc / config / firewall --------------------------------------- -------------- config option defaults syn_flood 1

/r/hacking Thread Parent Link - semaraks.blogspot.com