WifiZoo v1.2 – Gather Wifi Information Passively

The New Acunetix V12 Engine


WifiZoo is a tool to gather wifi information passively. Similar to dsniff but for wireless work, the author wanted to do something wifi-related somewhat helpful in wifi pentesting. Something of an extension of Ferret from Errata.

It’s essentially a tool to get information from open wifi networks without joining any network, and covering all wifi channels. Most of the packet parsing is done by Scapy.

WifiZoo does the following:

  • Gathers bssid->ssid information from beacons and probe responses
  • Gathers list of unique SSIDS found on probe requests
  • Gathers the list and graphs which SSIDS are being probed from what sources
  • Gathers bssid->clients information and outputs it in a file
  • Gathers ‘useful’ information from unencrypted wifi traffic (like passwords/credentials etc)

Requirements

  • Python
  • Scapy
  • Kismet (if you want to do channel hopping)
  • Logs are stored in ./logs/ (so make the directory)

You can download WifiZoo here:

wifizoo_v1.2.tgz

Or you can read more here.

Posted in: Hacking Tools, Networking Hacking, Wireless Hacking

, , , , ,


Latest Posts:


Acunetix v12 - Pause & Resume Acunetix v12 – More Comprehensive More Accurate & 2x Faster
Acunetix, the pioneer in automated web application security software, has announced the release of Acunetix v12 - more comprehensive, accurate & 2x faster.
CloudFrunt - Identify Misconfigured CloudFront Domains CloudFrunt – Identify Misconfigured CloudFront Domains
CloudFrunt is a Python-based tool for identifying misconfigured CloudFront domains, it uses DNS and looks for CNAMEs which may be allowed to be associated with CloudFront distributions.
Airbash - Fully Automated WPA PSK Handshake Capture Script Airbash – Fully Automated WPA PSK Handshake Capture Script
Airbash is a POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing, it is compatible with Bash and Android Shell.
XXEinjector - Automatic XXE Injection Tool For Exploitation XXEinjector – Automatic XXE Injection Tool For Exploitation
XXEinjector is an XXE Injection Tool that automates retrieving files using direct and out of band methods. Directory listing only works in Java applications.
Yahoo! Fined 35 Million USD For Late Disclosure Of Hack Yahoo! Fined 35 Million USD For Late Disclosure Of Hack
Ah Yahoo! in trouble again, this time the news is Yahoo! fined for 35 million USD by the SEC for the 2 year delayed disclosure of the massive hack, we actually reported on the incident in 2016 when it became public.
Drupwn - Drupal Enumeration Tool & Security Scanner Drupwn – Drupal Enumeration Tool & Security Scanner
Drupwn is a Python-based Drupal Enumeration Tool that also includes an exploit mode, which can check for and exploit relevant CVEs.


6 Responses to WifiZoo v1.2 – Gather Wifi Information Passively

  1. Pantagruel November 12, 2007 at 12:16 pm #

    A very nice addition to the wireless tool set indeed.
    Works quite well in our secured environment, at home I honestly do not need to bother. A multitude of open access points simply because users where never told about the options to secure their wireless gear.

  2. Reticent November 12, 2007 at 10:12 pm #

    I was about to ask what this tool had over the aircrack-ng suite of applications until I saw the passwords/credential gathering feature. You really have to feel for people still running unencrypted wireless points!

  3. normalsecrecy November 13, 2007 at 7:24 am #

    this will be a nice complement to other tools. it’ll be interesting just to see how many passwords can be snooped.

  4. Goodpeople November 13, 2007 at 9:52 pm #

    It would be even nicer if it could automatically crack WEP and WPA, but I understand that that’s in the works.

    I particulary like the ability to make a graph of the network. That could prove to be a very usefull feature.

    Keep up te good work!

  5. dirty November 16, 2007 at 10:58 pm #

    The web interface is a nice feature.

    Darknet BTW – the download link provide is wrong you have v1.1
    http://community.corest.com/~hochoa/wifizoo/wifizoo_v1.2.tgz

  6. Sir Henry December 15, 2007 at 3:38 am #

    I have been looking at scapy for a little while now to assist me in developing a hacktool in Python. Scapy is brilliant in its construction and function. This tool, however, looks like it would be pretty useful while mapping APs.