WifiZoo v1.2 – Gather Wifi Information Passively


WifiZoo is a tool to gather wifi information passively. Similar to dsniff but for wireless work, the author wanted to do something wifi-related somewhat helpful in wifi pentesting. Something of an extension of Ferret from Errata.

It’s essentially a tool to get information from open wifi networks without joining any network, and covering all wifi channels. Most of the packet parsing is done by Scapy.

WifiZoo does the following:

  • Gathers bssid->ssid information from beacons and probe responses
  • Gathers list of unique SSIDS found on probe requests
  • Gathers the list and graphs which SSIDS are being probed from what sources
  • Gathers bssid->clients information and outputs it in a file
  • Gathers ‘useful’ information from unencrypted wifi traffic (like passwords/credentials etc)

Requirements

  • Python
  • Scapy
  • Kismet (if you want to do channel hopping)
  • Logs are stored in ./logs/ (so make the directory)

You can download WifiZoo here:

wifizoo_v1.2.tgz

Or you can read more here.

Posted in: Hacking Tools, Networking Hacking Tools, Wireless Hacking

, , , , ,


Latest Posts:


Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.
LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.
APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.
GitLab Watchman - Audit Gitlab For Sensitive Data & Credentials GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials
GitLab Watchman is an app that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally, this includes code, commits, wikis etc


6 Responses to WifiZoo v1.2 – Gather Wifi Information Passively

  1. Pantagruel November 12, 2007 at 12:16 pm #

    A very nice addition to the wireless tool set indeed.
    Works quite well in our secured environment, at home I honestly do not need to bother. A multitude of open access points simply because users where never told about the options to secure their wireless gear.

  2. Reticent November 12, 2007 at 10:12 pm #

    I was about to ask what this tool had over the aircrack-ng suite of applications until I saw the passwords/credential gathering feature. You really have to feel for people still running unencrypted wireless points!

  3. normalsecrecy November 13, 2007 at 7:24 am #

    this will be a nice complement to other tools. it’ll be interesting just to see how many passwords can be snooped.

  4. Goodpeople November 13, 2007 at 9:52 pm #

    It would be even nicer if it could automatically crack WEP and WPA, but I understand that that’s in the works.

    I particulary like the ability to make a graph of the network. That could prove to be a very usefull feature.

    Keep up te good work!

  5. dirty November 16, 2007 at 10:58 pm #

    The web interface is a nice feature.

    Darknet BTW – the download link provide is wrong you have v1.1
    http://community.corest.com/~hochoa/wifizoo/wifizoo_v1.2.tgz

  6. Sir Henry December 15, 2007 at 3:38 am #

    I have been looking at scapy for a little while now to assist me in developing a hacktool in Python. Scapy is brilliant in its construction and function. This tool, however, looks like it would be pretty useful while mapping APs.