Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: WifiZoo v1.3 Working & Fixed Graph/Config. Issue

  1. #1
    Senior Member secure_it's Avatar
    Join Date
    Feb 2010
    Location
    在這兩者之間 BackTrack是4 FwdTrack4
    Posts
    854

    Thumbs up WifiZoo v1.3 Working & Fixed Graph/Config. Issue

    Hello to all the BT3 distro geeks,users.n00bs.thanks to respected moderators and developers of BT to make such a wonderful pen-testing & VA distro.this forum is base of all the security learning & I have learned a lot from this.I found that wifizoo scriptis a wonderful VA/PT tool.here is how I am running wifizoo script on my laptop running wireless NIC Intel 3945 a/b/g along with Discovery/Injection support.here is step by step configuration along with problem solved with logs and graph rendering in BT3 Final.

    Brief about wifizoo-WifiZoo is a tool to gather wifi information passively.Among many other things Wifizoo can do the following: "-gathers useful information from unencrypted wifi traffic (ala Ferret,and dsniff, etc); like pop3 credentials, smtp traffic, http cookies/authinfo, msn messages,ftp credentials, telnet network traffic, nbt, etc."


    download the following tools first

    WifiZoo v1.3
    http://community.corest.com/~hochoa/wifizoo/wifizoo_v1.3.tgz
    scapy
    http://hg.secdev.org/scapy/raw-file/tip/scapy.py
    graphviz 2.18 update for BT3
    http://slacky.uglyplace.org/reposito...8-i486-1sl.tgz

    check your wireless NIC which supports both discovery & Injection & note it.In intel 3945 it is wifi0(ipwraw driver)
    e.g.
    bt~#modprobe -r iwl3945
    bt~#modprobe ipwraw
    bt~#iwconfig

    now lets start the installation

    bt~#installpkg graphviz-2.18-i486-1sl.tgz
    bt~#tar -zxvf wifizoo_v1.3.tgz

    copy the scapy.py to wifizoo_v1.3 folder

    bt~#cp scapy.py wifizoo_v1.3
    bt~#cd wifizoo_v1.3


    edit the wifizoo.py in kwrite and find line 48 put your wireless card name here.

    conf.iface = 'wifi0'
    save and quit the editor

    goto wifizoo_v1.3 folder & create a new folder by name log(its very imp to create log folder otherwise the script wont be able to generate graph files.

    run the airodump-ng tool for discovering

    bt~#airodump-ng wifi0

    now run the wifizoo script in separate shell


    bt~#python wifizoo.py -i wifi0

    launch the internet browser
    in URL bar type
    http://127.0.0.1:8000

    you will be presented with GUI along with many options like SSIDS(AP) List,stats,captured data etc.you can find both open & enc. protected AP's however it can sniff only clear text credentials like POP3,FTP,SMTP,MSN Data and Cookies for session-replay.
    for more logs go to wifizoo log folder which we created and you can find following log files

    -clients.log
    -ssids.log
    -probereq.log
    -http.log
    -httpauth.log
    -cookies.log
    -pop3.log
    -pop3_creds.log
    -smtp.log
    -msn.log
    -nbtdgm.log
    -nbtns.log
    -ftp.log
    -telnet.log

    I have attached the images so it would be easy for most of users to configure it.


    go & check the captured data in firefox
    there you will find

    BSSID->Clients Graph


    it will show the connectivity of each AP with its Clients in graph form.
    for saving each graph format log file into an image.follow these steps:-

    goto wifizoo log folder & convert the directed graph accordingly to an viewable graph image.

    bt~#dot -Tpng -oclients.png clients.log

    (it will create a png image for viewing)

    using captured data you can replay a session cookie untill its not expired or can sniff telnet/ftp passwords like dsniff tool.

    hope this would help a lot who wants to work on wifizoo script for PT.


    Secure_it
    (Codename:ThUndErBolT)
    MS(IT),DOEACC A Level,MCSE:Security,Comptia Security+,EC CEH,Cisco CCNA,CCSP,CCIE-Security










































  2. #2
    Junior Member
    Join Date
    Nov 2007
    Posts
    79

    Default

    Great easy to follow tutorial. ;-)

    Thanks.

    I've played around with wifizoo and ferret before, but I just thought I would follow this guide to see if anything new would be discovered.

    It was well written and the direct download links just make things easier, also the screenshots will help as a picture tells a thousand words as they say.

  3. #3
    Junior Member
    Join Date
    Jan 2008
    Posts
    25

    Default

    great walkthrough u got here. i was able to sniff some packets floating around. but i only have some question regarding "cookies" do i need another network interface to use since my ath0/wifi0 is busy and being used by wifizoo... do i need eth0 enabled or something??

  4. #4
    Junior Member
    Join Date
    Jan 2008
    Posts
    25

    Default

    and also is it possible to route the wifi url (ht tp://127.0.0.1:8000) to other?? like i.e. 192.168.1.101:8000 .. so in effect it could be used by my other laptop as well??

  5. #5
    Junior Member
    Join Date
    Feb 2010
    Posts
    25

    Default

    great tutorial

    Thanks for you time to make it

  6. #6
    Senior Member secure_it's Avatar
    Join Date
    Feb 2010
    Location
    在這兩者之間 BackTrack是4 FwdTrack4
    Posts
    854

    Cool

    Quote Originally Posted by chivar.of.makati.ph View Post
    great walkthrough u got here. i was able to sniff some packets floating around. but i only have some question regarding "cookies" do i need another network interface to use since my ath0/wifi0 is busy and being used by wifizoo... do i need eth0 enabled or something??
    There is no need for another wireless interface and there is no relation with ethernet interface here because wifizoo script deals with wireless sniffing and cookie stealing or sessioon reply(WIRELSS Only)

    Quote Originally Posted by chivar.of.makati.ph View Post
    and also is it possible to route the wifi url (ht tp://127.0.0.1:8000) to other?? like i.e. 192.168.1.101:8000 .. so in effect it could be used by my other laptop as well??
    umm not tested it yet but you may go ahead and try edit the python scripts.whenever I find solution I will update the post.thanks for comments

    Quote Originally Posted by ReckaH View Post
    great tutorial

    Thanks for you time to make it
    Thanks dude.

  7. #7
    Junior Member
    Join Date
    Dec 2007
    Posts
    55

    Default

    [QUOTE=secure_it;90428]Hello to all the BT3 distro geeks,users.n00bs.thanks to respected moderators and developers of BT to make such a wonderful pen-testing & VA distro.this forum is base of all the security learning & I have learned a lot from this.I found that wifizoo scriptis a wonderful VA/PT tool.here is how I am running wifizoo script on my laptop running wireless NIC Intel 3945 a/b/g along with Discovery/Injection support.here is step by step configuration along with problem solved with logs and graph rendering in BT3 Final.

    Thanks for the great tut. Worked straight off for a noob like me. had to change:


    bt~#cp scapy.py wifizoo_v1.2 to bt~#cp scapy.py wifizoo_v1.3

    Thanks again.

  8. #8

    Default

    Quote Originally Posted by chivar.of.makati.ph View Post
    and also is it possible to route the wifi url (ht tp://127.0.0.1:8000) to other?? like i.e. 192.168.1.101:8000 .. so in effect it could be used by my other laptop as well??
    It will automatically be listening on both the localhost address (127.0.0.1) and it's network address (say 10.1.1.4). So you could connect to it from another computer via http://10.1.1.4:8000

    ~phoenix910

  9. #9
    Junior Member
    Join Date
    Jan 2008
    Posts
    25

    Default

    hey i havent viewed this thread in a while thanks sir phoenix910



    edit:
    nope it didnt work... though im thinking there's something i did wrong.. i stopped my wifi0 interface to set it to monitor mode from managed mode so it disconnects from my ap and didn't have a valid ip
    XP.sp3 | BT3F | 8GB SDHC 2GB RAM
    Asus EEE PC 701B
    bagito | manila pride :D

  10. #10

    Default

    Yeah, you'll need a valid IP on that network So get a second NIC, or connect via Ethernet.

    ~phoenix910

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •