Archive Pages Design$type=blogging$count=7



Jumaat, 6 Mei 2011


A Multi-Pronged Network Penetration Tester

Wi-fEye can be considered as a GUI to almost all tools that we use daily. It is designed to be the ultimate point-and-shoot tool. Wi-fEye will allow you to perform a number of powerful attacks automatically. All you have to do is to launch Wi-fEye, choose which attack to perform, select your target and let Wi-fEye do the magic! So, you see it is designed to help with network penetration testing, reconnaissance, etc.

Wi-fEye is divided to four main menus:

  1. Cracking menu: This menu will allow you to:
    Enable monitor mode
    View available Wireless Networks.
    Launch Airodump-ng on a specific AP
    WEP cracking: This will allow you to perform the following attacks automatically:
    • Interactive packet replay.
    • Fake Authentication Attack.
    • Korek Chopchop Attack.
    • Fragmentation Attack.
    • Hirte Attack (cfrag attack).
    • Wesside-ng.

    WPA Cracking: This contains the following attacks:

    • Wordlist Attack
    • Rouge AP Attack
  2. Mapping: This menu will allow you to do the following:
    Scan the network and view the connected hosts
    Use Nmap automatically
  3. MITM: This menu will allow you to do the following Automatically:
    Enable IP forwarding
    ARP Spoof
    Launch ettercap (Text mode).
    Sniff SSL/HTTPS traffic.
    Sniff URLs and send them to browser.
    Sniff messengers from instant messengers.
    Sniff images.
    DNS Spoof.
    HTTP Session Hijacking (using Hamster).
  4. Others: This menu will allow you to do the following automatically:
    Change MAC Address.
    Hijack software updates (using Evilgrade).
By now, you must have already seen why we said that it is a GUI for different tools. It can be considered as a simple Python wrapper for different tools. The file will help you to integrate the following list of the tools needed for each module:
  • Aircrack-ng is needed for all the attacks in the cracking menu
  • Nmap is used in Nmap menu.
  • Ettercap is very important as it is used in the following attacks:
  1. ARP Spoofing.
  2. SSL/HTTPS sniffing.
  3. URL sniffing.
  4. Dns Spoofing.
  5. Image sniffing.
  • Msgsnarf to sniff instant messenger’s messages.
  • Hamster for HTTP session Hijacking
  • Expect and Evilgrade for software hijacking.

For example, if you want to hijack software updates in the network, all you have to do is select the software you want to hijack its update, select a payload, select the target and that’s it! Wif-Eye will use Metasploit to create and encrypt the agent, start multi/handler, stop the Apache if it is already running, start the evilgrade webserver and DNS spoof the updates to evilgrade! It’s that simple!

Download Wi-fEye v0.5.3 (Wi-fEye-v0.5.3.tar.gz) here.

WiPhire: A Wireless Penetration Testing Tool

If you are active in the wireless penetration testing field, you must have seen a few scripts that either help you crack Wired Equivalent Privacy (WEP). You also must have seen a few scripts that help you perform MITM attacks. But, not scripts that help you crack WEP and help you with MITM at the same time. WiPhire might not be there yet, but it aims to be there and by the looks of it, it might just get there.
WiPhire is a Bash script aimed at making the Wireless Hacking process a lot easier. This script was written on Backtrack 4 and designed to be used with Backtrack 4. This script was also designed to be used with the Alfa AWUS036H Wireless adapter with the RTL8187 chipset. If you do not have this chipset but another adapter that is compatible with the aircrack-ng suite you will need to put it into monitor mode prior to running the script if you wish to use an option that needs monitor mode enabled. This script needs to be ran as root.

These are the functions of the script:

  • autoMACtic MAC spoofer
  • Ability to crack WEP networks
  • Ability to crack WPA networks
  • Perform simple MITM attacks
  • DNSspoof a network
  • Use airdrop-ng to create a jammer

Programs that WiPhire Uses:

  • airmon-ng
  • airodump-ng
  • aireplay-ng
  • aircrack-ng
  • airdrop-ng
  • xterm
  • crunch
  • pyrit
  • sslstrip
  • arpspoof
  • macchanger
  • kate
  • apache2
  • ettercap
  • Firefox

The idea for this tool is that the author wants to make WiPhire the wireless equivalent of SET (Social Engineers Toolkit).

Download WiPhire (WiPhire.tar.gz) here.