lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Tue, 18 Sep 2007 13:01:59 -0300
From: "Hernan Ochoa" <hernan@...il.com>
To: bugtraq@...urityfocus.com
Subject: WifiZoo v1.1

Hi All!,

So I was looking for something cool to do, didn't find anything, and
wrote WifiZoo because I kind of needed it at the moment :).

WifiZoo is a tool to gather 'wifi' information passively.

Is like dsniff, but dsniff didn't work well (probably my fault) in the
scenario I wanted to use it (wifi card, monitor mode, listening for
everything, not associated to any AP, hopping channels all the time)
and also lacked some wifi specific stuff I needed.

is like Ferret, but WifiZoo is written in python and not in C, this
for me makes it so much easier to maintain and modify, and WifiZoo
also does  some stuff Ferret does not do (and viceversa :)).

Of course, kudos to the previous tools because they are the
predecessors of this 'tool', 'group of python scripts' or whatever you
want to call it :).

WifiZoo does the following:

-gathers bssid->ssid information from beacons and probe responses
*(now the graph contains the ssid of the bssid :), new in v1.1)*
-gathers list of unique SSIDS found on probe requests (you can keep
track of all SSIDS machines around you are probing for, and use this
information on further attacks)*new in v1.1*
-gathers the list and graphs which SSIDS are being probed from what
sources *new in v1.1*
-gathers bssid->clients information and outputs it in a file that you
can later use with graphviz and get a graph with "802.11
bssids->clients". It gathers both src and dst addresses of packets to
make the list of clients so sometimes you get weird graphs that are
fun to analyze :) (basically, because I still need to omit multicast
dst addresses and things like that). Using the dst address means that
sometimes you get mac addresses of wifi devices that are not near you,
but I think gives you information about the wifi 'infrastructure',
again, I think :).
-gathers 'useful' information from unencrypted wifi traffic (ala
Ferret,and dsniff, etc); like pop3 credentials, smtp traffic, http
cookies/authinfo, msn messages,ftp credentials, telnet network
traffic, nbt, etc.
-and I think that's it.

Requirements:
-Linux
-scapy
-wifi card :)

you can get it here, and take a look at some of the graphs it produces
(very basic but
functional :)):

http://community.corest.com/~hochoa/wifizoo/index.html

direct link:

http://community.corest.com/~hochoa/wifizoo/wifizoo_v1.1.tgz



Thanks!,
Hernan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ