Archive for the 'Wireless Hacking' Category

OSWA Assistant - Wireless Hacking & Auditing LiveCD Toolkit

Published at June 10, 2008 in Network Hacking, Hacking Tools, Wireless Hacking and Applications. Comments

The OSWA-Assistant is a no-Operating-System-required standalone toolkit which is solely focused on wireless auditing. As a result, in addition to the usual WiFi (802.11) auditing tools, it also covers Bluetooth and RFID auditing. Using the toolkit is as easy as popping it into your computer’s CDROM and making your computer boot from it!

This toolkit is a contribution to the wireless security/auditing community and, as the “Assistant” moniker implies, and is designed for the following groups of people:

  • IT-security auditors and professionals who need to execute technical wireless security testing against wireless infrastructure and clients;
  • IT professionals who have responsibility for ensuring the secure operation and administration of their organization’s wireless networks;
  •  SME (Small & Medium Enterprise) and SOHO (SmallOffice-HomeOffice) businesses who do not have either the technical expertise or the resources to employ such expertise to audit their wireless networks;
  • Non-technical-users who run wireless networks at home and who would like to audit the security of their wireless home networks and laptops but don’t know how.

You can download OSWA Assistant here:

oswa-assistant.iso

Or read more here.

Technorati Tags: , , , , , , , , , , , , , , ,

WifiZoo v1.3 Released - Passive Info Gathering for Wifi

Published at April 22, 2008 in Penetration Testing, Hacking Tools, Wireless Hacking, Applications and Articles. Comments

WifiZoo is a tool to gather wifi information passively. It is created to be helpful in wifi pentesting and was inspired by ‘Ferret‘ from Errata Security.

The tool is intended to get all possible info from open wifi networks (and possibly encrypted also in the future, at least with WEP) without joining any network, and covering all wifi channels.

WifiZoo does the following:

  • gathers bssid->ssid information from beacons and probe responses
  • gathers list of unique SSIDS found on probe requests
  • gathers the list and graphs which SSIDS are being probed from what sources
  • gathers bssid->clients information and outputs it in a file that you can later use with graphviz and get a graph with “802.11 bssids->clients”.
  • gathers ‘useful’ information from unencrypted wifi traffic (ala Ferret,and dsniff, etc); like pop3 credentials, smtp traffic, http cookies/authinfo, msn messages,ftp credentials, telnet network traffic, nbt, etc.

You can download WifiZoo v1.3 here:

wifizoo_v1.3.tgz

Or read more here.

Technorati Tags: , , , , , ,

Russix - LiveCD Linux Distro for Wireless Penetration Testing & WEP Cracking

Published at February 20, 2008 in Penetration Testing, Linux Hacking, Wireless Hacking, Linux, Applications and Security. Comments

It looks like it might be time to update our very well received list of the 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) since we have Russix now and Backtrack new version is on the way out.

Russix is a Slax based Wireless Live Linux. It has been designed to be light (circa 230Mb) and dedicated purely to wireless auditing.

It is not a script kiddy phishing tool and as such, while it will allow you to break a WEP key in 6 key strokes and conduct an “Evil Tiny Twin” attack in less than 5, it will not let you become the latest version of Barclays Bank.

Russix evolved from an internal UK Military Wireless auditing tool (debian based) which russ had developed while working for them as a penetration tester.

Russix is a free download for auditing. It scripts together several WLAN attacks and will allow the user to break a WEP key in about 6 keystrokes! It will not be modified by us to make it into a phishing tool as that would be evil.

It comprises a number of tools including aircrack-ng, cowpatty, asleap, nmap, wireshark, hydra, as well as scripted attacks to aid cracking WEP and WPA networks. Currently, it only supports Atheros based chipsets and those of you lucky enough to own 2 atheros cards will be able to use the scripted Evil Twin attack.

Interested in hearing any feedback you may have or improvements you can make.

You can download it here:

Built on 9th Dec 2007: Download latest version

Or read more here.

Technorati Tags: , , , , , , , , , ,

KisMAC - Free WiFi Stumbler/Scanner for Mac OS X

Published at December 13, 2007 in Hacking Tools, Wireless Hacking, Applications and Articles. Comments

KisMAC is an opensource and free stumbler/scanner application for Mac OS X. It has an advantage over MacStumbler/iStumbler/NetStumbler in that it uses monitor mode and passive scanning.

KisMAC supports several third party PCMCIA cards - Orinoco, PrismII, Cisco Aironet, Atheros and PrismGT. USB Prism2 is supported as well, and USB Ralink support is in development. All of the internal AirPort hardware is supported as well.

System Requirements
Mac OS 10.4
A Mac with a supported PCMCIA, USB or internal AirPort

Features
Reveals hidden/cloaked/closed SSIDs
Shows logged in Clients (with MAC Addresses, IP addresses and signal strengths)
Mapping and GPS support
Can draw area maps of network coverage
PCAP import and export
Support for 802.11b,g,n
Different attacks against encrypted networks
Deauthentication attacks
AppleScript-able
Kismet drone support (capture from a Kismet drone)

Active mode, also referred to as managed mode, sends probe requests and is pretty boring.
Passive mode is more commonly known as monitor mode, and passively monitors what’s already in the air without interfering in it.
Active attacks like deauth and reinjection (where supported) require your device to be in monitor or passive mode.

You can download KisMAC here:

KisMAC

Or read more here.

Technorati Tags: , , , , , , , , , , ,

WifiZoo v1.2 - Gather Wifi Information Passively

Published at November 13, 2007 in Hacking Tools, Web Hacking, Wireless Hacking, Applications and Articles. Comments

WifiZoo is a tool to gather wifi information passively. Similar to dsniff but for wireless work, the author wanted to do something wifi-related somewhat helpful in wifi pentesting. Something of an extension of Ferret from Errata.

It’s essentially a tool to get information from open wifi networks without joining any network, and covering all wifi channels. Most of the packet parsing is done by Scapy.

WifiZoo does the following:

Gathers bssid->ssid information from beacons and probe responses
Gathers list of unique SSIDS found on probe requests
Gathers the list and graphs which SSIDS are being probed from what sources
Gathers bssid->clients information and outputs it in a file
Gathers ‘useful’ information from unencrypted wifi traffic (like passwords/credentials etc)

Requirements

Python
Scapy
Kismet (if you want to do channel hopping)
Logs are stored in ./logs/ (so make the directory)
You can download WifiZoo here:

wifizoo_v1.1.tgz

Or you can read more here.

Technorati Tags: , , , ,