Changes

From Security Weekly Wiki
Jump to navigationJump to search
1,484 bytes added ,  14:41, 4 October 2007
no edit summary
= Wifizoo - Wireless Auditing Made Easy (With Pictures!) =
 
== Introduction & Features ==
[http://community.corest.com/~hochoa/wifizoo/index.html Wifizoo] is a fun tool written by Hernan Ochoa from Core Security. It passively monitors the wireless network and collects the following information:
* "other" information - Ala Ferret, POP3, FTP, and SMTP data are collected.
 
== Installation ==
 
You must have the following:
 
* A wireless card (I'm using an Ubiquiti Atheros card)
* Linux drivers that support monitor mode (I'm using madwifi-ng on Debian Etch)
* Python & Scapy
* Graphviz to generate the graphs
 
The initial setup in Debain:
 
1) Install the kernel & madwifi sources and headers:
 
<pre> aptitude install linux-source-2.6.18 madwifi-source linux-headers-$(uname -r) </pre>
 
2) Setup kernel source directory and build madwifi:
 
ln -s /usr/src/linux-source-2.6.18 /usr/src/linux
cd /usr/src/modules/madwifi
make
make install
modprobe ath_pci
 
3) Setup your card for monitor mode:
 
wlanconfig ath create wlandev wifi0 wlanmode monitor
 
This gave me an ath1 interface in monitor mode.
 
4) Install kismet & tcpdump (Wifizoo complained when I did not have tcpdump):
 
aptitude install kismet
 
5) Get Wifizoo and "install":
 
wget http://community.corest.com/~hochoa/wifizoo/wifizoo_v1.2.tgz
tar zxvf wifizoo_v1.2.tgz
cd wifizoo_v1.2
 
6) You then need to modify the source to use the correct interface:
 
vi wifizoo.py
 
- conf.iface = 'rausb0'
+ conf.iface = 'ath1'
 
7) Configure Kismet and run it first!
 
vi /etc/kismet/kismet.conf
 
source=madwifi_ag,wifi0,ubiquiti
 
Note: Kismet is used to channel hop and I believe it talks directly to the chipset, so even though ath1 is a different interface, the physical card (chipset) is channel hopping so we can take advantage of it. Or, you could use a channel hopping script.
2,337

edits

Navigation menu