I found that wifizoo script is a wonderful VA/PT tool.here is how I am
running wifizoo script on my laptop running wireless NIC Intel 3945a/b/g
along with discovery/Injection support.here is step by step configuration
along with problem solved with logs and graph rendering in BT3 Final.
Brief about wifizoo-WifiZoo is a tool to gather wifi
information
passively.Among many other things Wifizoo can do the following:
“-gathers useful information from unencrypted wifi traffic
(ala Ferret,and dsniff, etc); like pop3
credentials smtp traffic, http
cookies/authinfo, msn messages,ftp credentials, telnet
network traffic nbt, etc.”
download the following tools first
WifiZoo v1.3
http://community.corest.com/~hochoa/wifizoo/wifizoo_v1.3.tgz
scapy
http://hg.secdev.org/scapy/raw-file/tip/scapy.py
graphviz 2.18 update for BT3
http://slacky.uglyplace.org/reposito…8-i486-1sl.tgz
check your wireless NIC which supports both discovery & Injection
& note it.
In intel 3945 it is wifi0(ipwraw driver)
e.g.
bt~#modprobe -r iwl3945
bt~#modprobe ipwraw
bt~#iwconfig
now lets start the installation
bt~#installpkg graphviz-2.18-i486-1sl.tgz
bt~#tar -zxvf wifizoo_v1.3.tgz
copy the scapy.py to wifizoo_v1.3 folder
bt~#cp scapy.py wifizoo_v1.2
bt~#cd wifizoo_v1.3
edit the wifizoo.py in kwrite and find line 48 put your wireless card name here.
conf.iface = ‘wifi0′
save and quit the editor
goto wifizoo_v1.3 folder & create a new folder by name log(its very
imp to create log folder otherwise the script wont be able to generate
graph files.
run the airodump-ng tool for discovering
bt~#airodump-ng wifi0
now run the wifizoo script in separate shell
bt~#python wifizoo.py -i wifi0
launch the internet browser
in URL bar type
http://127.0.0.1:8000
you will be presented with GUI along with many options like
SSIDS(AP) List,stats,captured data etc.you can find both open &
enc. protected AP’s however it can sniff only clear text credentials like
POP3
FTP,SMTP,MSN Data and Cookies for session-replay.for more
logs go to wifizoo log folder which we created and you can find following
log files
-clients.log
-ssids.log
-probereq.log
-http.log
-httpauth.log
-cookies.log
-pop3.log
-pop3_creds.log
-smtp.log
-msn.log
-nbtdgm.log
-nbtns.log
-ftp.log
-telnet.log
I have attached the images so it would be easy for most of users to configure it.
go & check the captured data in firefox
there you will find
BSSID->Clients Graph
it will show the connectivity of each AP with its Clients in graph form.
for saving each graph format log file into an image.follow these steps:-
goto wifizoo log folder & convert the directed graph accordingly to an
viewable graph image.
bt~#dot -Tpng -oclients.png clients.log
(it will create a png image for viewing)
using captured data you can replay a session cookie
untill its not expired or can sniff telnet/ftp passwords like dsniff tool.
hope this would help a lot who wants to work on wifizoo script for PT.
Secure_it
(Codename:ThUndErBolT)
MS(IT),DOEACC A Level,MCSE:Security,Comptia Security+,EC CEH,Cisco CCNA,CCSP,CCIE-Security
My orignal post at BackTrack 3 Remote-exploit forum.
http://forums.remote-exploit.org/showthread.php?t=15205
Wifizoo is a great tool!!!
And just in case your interest. I’ve further extended Wifizoo by redesigning the gui front end. Can download at my site if you like.
http://www.killthepage.com/
where i must put the folder which contain wifizoo.tgz
also i cann’t install graphviz-2.18-i486-1sl.tgz