Skip to main content

WifiZoo v1.3 Working & Fixed Graph/Config. Issue

I found that wifizoo script is a wonderful VA/PT tool.here is how I am running wifizoo script on my laptop running wireless NIC Intel 3945a/b/g along with discovery/Injection support.here is step by step configuration along with problem solved with logs and graph rendering in BT3 Final.

Brief about wifizoo-WifiZoo is a tool to gather wifi information passively. Among many other things Wifizoo can do the following:

“-gathers useful information from unencrypted wifi traffic

(ala Ferret,and dsniff, etc); like pop3
credentials smtp traffic, http
cookies/authinfo, msn messages,ftp credentials, telnet
network traffic nbt, etc.”

download the following tools first

WifiZoo v1.3
http://community.corest.com/~hochoa/wifizoo/wifizoo_v1.3.tgz
scapy
http://hg.secdev.org/scapy/raw-file/tip/scapy.py
graphviz 2.18 update for BT3
http://slacky.uglyplace.org/reposito…8-i486-1sl.tgz

check your wireless NIC which supports both discovery & Injection & note it.
In intel 3945 it is wifi0(ipwraw driver)
e.g.
bt~#modprobe -r iwl3945
bt~#modprobe ipwraw
bt~#iwconfig

now lets start the installation

bt~#installpkg graphviz-2.18-i486-1sl.tgz
bt~#tar -zxvf wifizoo_v1.3.tgz

copy the scapy.py to wifizoo_v1.3 folder

bt~#cp scapy.py wifizoo_v1.2
bt~#cd wifizoo_v1.3

edit the wifizoo.py in kwrite and find line 48 put your wireless card name here.

conf.iface = ‘wifi0′
save and quit the editor

goto wifizoo_v1.3 folder & create a new folder by name log(its very

imp to create log folder otherwise the script wont be able to generate

graph files.

run the airodump-ng tool for discovering

bt~#airodump-ng wifi0

now run the wifizoo script in separate shell

bt~#python wifizoo.py -i wifi0

launch the internet browser
in URL bar type
http://127.0.0.1:8000

you will be presented with GUI along with many options like SSIDS(AP) List,stats,captured data etc.you can find both open & enc. protected AP’s however it can sniff only clear text credentials like POP3 FTP,SMTP,MSN Data and Cookies for session-replay.for more logs go to wifizoo log folder which we created and you can find following

log files

-clients.log
-ssids.log
-probereq.log
-http.log
-httpauth.log
-cookies.log
-pop3.log
-pop3_creds.log
-smtp.log
-msn.log
-nbtdgm.log
-nbtns.log
-ftp.log
-telnet.log

I have attached the images so it would be easy for most of users to configure it.

go & check the captured data in firefox there you will find

BSSID->Clients Graph

it will show the connectivity of each AP with its Clients in graph form.
for saving each graph format log file into an image.follow these steps:-

goto wifizoo log folder & convert the directed graph accordingly to an

viewable graph image.

bt~#dot -Tpng -oclients.png clients.log

(it will create a png image for viewing)

using captured data you can replay a session cookie untill its not expired or can sniff telnet/ftp passwords like dsniff tool.
via thewifihack.com

Comments

Popular posts from this blog

Test New ALFA-AWUS036H v.2 (1.000mW) VS ALFA-AWUS036H v.1 (500mW)

- Recently emerged the New ALFA-AWUS036H v.2 (1.000mW), and these are the tests. TEST WITH NETSTUMBLER 1) usb da 100mW chipset railink 2) usb da 200mW chipset railink rt73 3) intel 2200 b/g con connettore esterno rp-sma 4) Alfa-AWUS036H 500mW 5) New Alfa-AWUS036H V2 da 1.000mW

Creating A Cheap Bluetooth Sniffer

Many papers and posts on internet forums have commented on the success of turning normal everyday bluetooth USB dongles ($10), into their more powerful counterparts that allow the capturing of packets from the airwaves. These more powerful USB dongles are usually sold at a much higher price ($10,000) together with the software to drive and control these devices. The problems associated with BlueTooth sniffing You cant simply just purchase the dongle with the alternate firmware. There is next to no real opensource packet capture program for the bluetooth protocol. Hardware & Limitations Chipsets: Whats the difference? The chipset of the Bluetooth USB Dongles are very important. Broadcom chipsets are cheap hardware and are deemed unsuitable devices for this paper. But unfortunalty nowadays, every manufacturer seems to prefer putting these chips in their products compared to the more reliable Cambridge Silicon Radio (CSR) chipset. If your lucky enough to find a dongle with a CSR chips...

ALFA-­AWUS036H & ALFA-­AWUS050NH INSTALLING/UPDATING DRIVERS RTL8187, r8187, RT2800usb on UBUNTU

NOTE: For surfing Internet with ALFA-AWUS050NH on Ubuntu Jaunty with rt2870sta driver, you must use the Kernel "2.6.28-11-generic #42-Ubuntu", without change or updates the drivers modules. NOTE: The tutorial is not related to Ubuntu karmic. Driver RTL8187/Stacks-­mac80211 (ref. ALFA-­AWUS036h) ­- These drivers, for surfing Internet, are more stable than r8187, and fully compatible with Network-Manager 0.7 installed by default on Ubuntu 9.04. Network-Manager 0.7 installed by default on Ubuntu 9.04. ­- Supports all encryption without problems. (OPEN, WEP and WPA/WPA2) ­- With Compat-Wireless, the "injection" working, but for support “Fragmentation attack” (opt. -5) you need to install one patch. - The RX sensitivity and packets injection is less, related to drivers r8187. Driver r8187/Stacks-ieee80211 (ref. ALFA-AWUS036h) - This driver is recommended for use with the Suite of Aircrack-ng, but not particularly suitable for Internet connections, as less stable and disc...