What is WifiZoo?WifiZoo is a tool to gather wifi information passively. I wanted to do something wifi-related somewhat helpful in wifi pentesting and I did this just to have fun after I discovered 'Ferret' from Errata Security. I know neither Ferret or WifiZoo do anything spectacular, but I thought that the idea was fun/useful anyways.
I basically wanted something that I could run and tried by itself to get info from open wifi networks (and possibly encrypted also in the future, at least with WEP :)) without joining any network, and covering all wifi channels, and this is what I came up with so far. Its written in python, I can modify it easily, and it fulfills its not-very-ambitious purpose. Kudos to scapy for doing pretty much all the packet parsing for me (scapy is great). WifiZoo does the following:-gathers bssid->ssid information from beacons and probe responses *(now the graph contains the ssid of the bssid :), new in v1.1)*
-gathers list of unique SSIDS found on probe requests (you can keep track of all SSIDS machines around you are probing for, and use this information on further attacks)*new in v1.1*
-gathers the list and graphs which SSIDS are being probed from what sources *new in v1.1*
-gathers bssid->clients information and outputs it in a file that you can later use with graphviz and get a graph with "802.11 bssids->clients". It gathers both src and dst addresses of packets to make the list of clients so sometimes you get weird graphs that are fun to analyze :) (basically, because I still need to omit multicast dst addresses and things like that). Using the dst address means that sometimes you get mac addresses of wifi devices that are not near you, but I think gives you information about the wifi 'infrastructure', again, I think :).
-gathers 'useful' information from unencrypted wifi traffic (ala Ferret,and dsniff, etc); like pop3 credentials, smtp traffic, http cookies/authinfo, msn messages,ftp credentials, telnet network traffic, nbt, etc.
-and I think that's it.
and remember.. WifiZoo is work in progress...Read more: WifiZoo
I basically wanted something that I could run and tried by itself to get info from open wifi networks (and possibly encrypted also in the future, at least with WEP :)) without joining any network, and covering all wifi channels, and this is what I came up with so far. Its written in python, I can modify it easily, and it fulfills its not-very-ambitious purpose. Kudos to scapy for doing pretty much all the packet parsing for me (scapy is great). WifiZoo does the following:-gathers bssid->ssid information from beacons and probe responses *(now the graph contains the ssid of the bssid :), new in v1.1)*
-gathers list of unique SSIDS found on probe requests (you can keep track of all SSIDS machines around you are probing for, and use this information on further attacks)*new in v1.1*
-gathers the list and graphs which SSIDS are being probed from what sources *new in v1.1*
-gathers bssid->clients information and outputs it in a file that you can later use with graphviz and get a graph with "802.11 bssids->clients". It gathers both src and dst addresses of packets to make the list of clients so sometimes you get weird graphs that are fun to analyze :) (basically, because I still need to omit multicast dst addresses and things like that). Using the dst address means that sometimes you get mac addresses of wifi devices that are not near you, but I think gives you information about the wifi 'infrastructure', again, I think :).
-gathers 'useful' information from unencrypted wifi traffic (ala Ferret,and dsniff, etc); like pop3 credentials, smtp traffic, http cookies/authinfo, msn messages,ftp credentials, telnet network traffic, nbt, etc.
-and I think that's it.
and remember.. WifiZoo is work in progress...Read more: WifiZoo
Posts
0 comments:
Post a Comment