Re: R: WifiZoo v1.1

It should also be noted that this will only work if the access points
you are capturing on are unencrpted (ie no WEP or WPA). Athough I
dont know anything about WifiZoo I expect you could you decrypt the
traffic with aircrack-ng suite (airdecap), after the psk has been
recovered and then parse the unencrypted traffic. Just wanted to
through this out there since you were comparing Kismet with this tool
and Kismet is not used for cracking and more of an enumeration tool.

Hope this helps,
Kevin

On 9/20/07, Hernan Ochoa <hernan@xxxxxxxxx> wrote:

Hi Rissone!

I don't promote using the term 'versus' between Kismet and wifizoo :)

Really, WifiZoo is not trying to be kismet AT ALL, it can't, Kismet is
a much more evolved
tool with lots of great features :).
In fact, if you go to WifiZoo's web page, you'll see that I propose
using Kismet to
do channel hopping :).

Kismet is one of the best if not the best tool to do wardriving, wifi
networks reconnaissance, etc.
It has GPS support, and much much more advanced features.

WifiZoo is more oriented at parsing captured data from open wifi
networks, like it is said in the documentation, ala 'dsniff' and
'Ferret'. It will save information from MSN,POP3,FTP,HTTP, HTTP
COOKIES etc, so you can try to obtain pop3 acconts, ftp accounts, etc
etc. You can run kismet and wifizoo, and be hopping around channels
capturing data from open wifi networks, or just select a channel and
capture data on that channel alone, etc

And I'm now adding a 'proxy' server so once you captured HTTP cookies,
you can point
your browser to wifizoo's proxy, and access the proper site with the
captured cookies and
access accounts, etc., exactly ala 'Ferret' / 'hamster' from Errata
Security, they are the ones that did it first.

WifiZoo also does this very basic graphs at the moment of networks
founds, probe requests,
that I find useful. You can have a picture of the bssids and clients
around you looking
at one single graph, a graph of what ssids are being probed by what
sources, etc. Is nothing spectacular, but I find it interesting and it
works for me. I'm a fan of graphical representations of data :).

In Summary, keep using Kismet, I know I would :), and use WifiZoo if
you are interesting in
capturing application data to compromise pop3 accounts, web
applications by reusing
captured cookies, etc. And while you are at it, you can also check out 'Ferret'.

And you can also not use WifiZoo at all if you don't find it useful,
that's perfectly fine too of course! :), WifiZoo is not trying to
replace any other tool, it just tries (TRIES :)) to bring something
more to the table, that's all!. WifiZoo is work in progress,if you'd
like something to be changed/added to it, let me know :)

I guess the only way to figure out if you find it useful is using it
:), I'm still in that process :), so far it has worked for me on
certain situations.

Hope this helps!.

Thanks!,
Hernan


On 9/20/07, Rissone Ruggero <ruggero.rissone@xxxxxxxxxxxxxxxx> wrote:
Could you explain me the pros vs Kismet, considered a must in WiFi pen
testing ?


--------------------------------------------------------------------

CONFIDENTIALITY NOTICE

This message and its attachments are addressed solely to the persons above and may contain confidential information. If you have received the message in error, be informed that any use of the content hereof is prohibited. Please return it immediately to the sender and delete the message. Should you have any questions, please contact us by replying to webmaster@xxxxxxxxxxxxxxxxx

Thank you

www.telecomitalia.it

--------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------