From Security Weekly Wiki
Jump to navigationJump to search
1,484 bytes added ,  14:41, 4 October 2007
no edit summary
= Wifizoo - Wireless Auditing Made Easy (With Pictures!) =
== Introduction & Features ==
[ Wifizoo] is a fun tool written by Hernan Ochoa from Core Security. It passively monitors the wireless network and collects the following information:
* "other" information - Ala Ferret, POP3, FTP, and SMTP data are collected.
== Installation ==
You must have the following:
* A wireless card (I'm using an Ubiquiti Atheros card)
* Linux drivers that support monitor mode (I'm using madwifi-ng on Debian Etch)
* Python & Scapy
* Graphviz to generate the graphs
The initial setup in Debain:
1) Install the kernel & madwifi sources and headers:
<pre> aptitude install linux-source-2.6.18 madwifi-source linux-headers-$(uname -r) </pre>
2) Setup kernel source directory and build madwifi:
ln -s /usr/src/linux-source-2.6.18 /usr/src/linux
cd /usr/src/modules/madwifi
make install
modprobe ath_pci
3) Setup your card for monitor mode:
wlanconfig ath create wlandev wifi0 wlanmode monitor
This gave me an ath1 interface in monitor mode.
4) Install kismet & tcpdump (Wifizoo complained when I did not have tcpdump):
aptitude install kismet
5) Get Wifizoo and "install":
tar zxvf wifizoo_v1.2.tgz
cd wifizoo_v1.2
6) You then need to modify the source to use the correct interface:
- conf.iface = 'rausb0'
+ conf.iface = 'ath1'
7) Configure Kismet and run it first!
vi /etc/kismet/kismet.conf
Note: Kismet is used to channel hop and I believe it talks directly to the chipset, so even though ath1 is a different interface, the physical card (chipset) is channel hopping so we can take advantage of it. Or, you could use a channel hopping script.


Navigation menu