Thursday, July 10, 2008

WifiZoo v1.3 Working & Fixed Graph/Config. Issue

I found that wifizoo script is a wonderful VA/PT tool.here is how I am running wifizoo script on my laptop running wireless NIC Intel 3945a/b/g along with discovery/Injection support.here is step by step configuration along with problem solved with logs and graph rendering in BT3 Final.

Brief about wifizoo-WifiZoo is a tool to gather wifi information passively. Among many other things Wifizoo can do the following:

“-gathers useful information from unencrypted wifi traffic

(ala Ferret,and dsniff, etc); like pop3
credentials smtp traffic, http
cookies/authinfo, msn messages,ftp credentials, telnet
network traffic nbt, etc.”

download the following tools first

WifiZoo v1.3
http://community.corest.com/~hochoa/wifizoo/wifizoo_v1.3.tgz
scapy
http://hg.secdev.org/scapy/raw-file/tip/scapy.py
graphviz 2.18 update for BT3
http://slacky.uglyplace.org/reposito…8-i486-1sl.tgz

check your wireless NIC which supports both discovery & Injection & note it.
In intel 3945 it is wifi0(ipwraw driver)
e.g.
bt~#modprobe -r iwl3945
bt~#modprobe ipwraw
bt~#iwconfig

now lets start the installation

bt~#installpkg graphviz-2.18-i486-1sl.tgz
bt~#tar -zxvf wifizoo_v1.3.tgz

copy the scapy.py to wifizoo_v1.3 folder

bt~#cp scapy.py wifizoo_v1.2
bt~#cd wifizoo_v1.3

edit the wifizoo.py in kwrite and find line 48 put your wireless card name here.

conf.iface = ‘wifi0′
save and quit the editor

goto wifizoo_v1.3 folder & create a new folder by name log(its very

imp to create log folder otherwise the script wont be able to generate

graph files.

run the airodump-ng tool for discovering

bt~#airodump-ng wifi0

now run the wifizoo script in separate shell

bt~#python wifizoo.py -i wifi0

launch the internet browser
in URL bar type
http://127.0.0.1:8000

you will be presented with GUI along with many options like SSIDS(AP) List,stats,captured data etc.you can find both open & enc. protected AP’s however it can sniff only clear text credentials like POP3 FTP,SMTP,MSN Data and Cookies for session-replay.for more logs go to wifizoo log folder which we created and you can find following

log files

-clients.log
-ssids.log
-probereq.log
-http.log
-httpauth.log
-cookies.log
-pop3.log
-pop3_creds.log
-smtp.log
-msn.log
-nbtdgm.log
-nbtns.log
-ftp.log
-telnet.log

I have attached the images so it would be easy for most of users to configure it.

go & check the captured data in firefox there you will find

BSSID->Clients Graph

it will show the connectivity of each AP with its Clients in graph form.
for saving each graph format log file into an image.follow these steps:-

goto wifizoo log folder & convert the directed graph accordingly to an

viewable graph image.

bt~#dot -Tpng -oclients.png clients.log

(it will create a png image for viewing)

using captured data you can replay a session cookie untill its not expired or can sniff telnet/ftp passwords like dsniff tool.
via thewifihack.com

No comments: