Jumaat, 6 Mei 2011

Wi-fEye

A Multi-Pronged Network Penetration Tester



Wi-fEye can be considered as a GUI to almost all tools that we use daily. It is designed to be the ultimate point-and-shoot tool. Wi-fEye will allow you to perform a number of powerful attacks automatically. All you have to do is to launch Wi-fEye, choose which attack to perform, select your target and let Wi-fEye do the magic! So, you see it is designed to help with network penetration testing, reconnaissance, etc.

Wi-fEye is divided to four main menus:

  1. Cracking menu: This menu will allow you to:
    Enable monitor mode
    View available Wireless Networks.
    Launch Airodump-ng on a specific AP
    WEP cracking: This will allow you to perform the following attacks automatically:
    • Interactive packet replay.
    • Fake Authentication Attack.
    • Korek Chopchop Attack.
    • Fragmentation Attack.
    • Hirte Attack (cfrag attack).
    • Wesside-ng.

    WPA Cracking: This contains the following attacks:

    • Wordlist Attack
    • Rouge AP Attack
  2. Mapping: This menu will allow you to do the following:
    Scan the network and view the connected hosts
    Use Nmap automatically
  3. MITM: This menu will allow you to do the following Automatically:
    Enable IP forwarding
    ARP Spoof
    Launch ettercap (Text mode).
    Sniff SSL/HTTPS traffic.
    Sniff URLs and send them to browser.
    Sniff messengers from instant messengers.
    Sniff images.
    DNS Spoof.
    HTTP Session Hijacking (using Hamster).
  4. Others: This menu will allow you to do the following automatically:
    Change MAC Address.
    Hijack software updates (using Evilgrade).
By now, you must have already seen why we said that it is a GUI for different tools. It can be considered as a simple Python wrapper for different tools. The Wi-fEye.py file will help you to integrate the following list of the tools needed for each module:
  • Aircrack-ng is needed for all the attacks in the cracking menu
  • Nmap is used in Nmap menu.
  • Ettercap is very important as it is used in the following attacks:
  1. ARP Spoofing.
  2. SSL/HTTPS sniffing.
  3. URL sniffing.
  4. Dns Spoofing.
  5. Image sniffing.
  • Msgsnarf to sniff instant messenger’s messages.
  • Hamster for HTTP session Hijacking
  • Expect and Evilgrade for software hijacking.

For example, if you want to hijack software updates in the network, all you have to do is select the software you want to hijack its update, select a payload, select the target and that’s it! Wif-Eye will use Metasploit to create and encrypt the agent, start multi/handler, stop the Apache if it is already running, start the evilgrade webserver and DNS spoof the updates to evilgrade! It’s that simple!

Download Wi-fEye v0.5.3 (Wi-fEye-v0.5.3.tar.gz) here.

http://www.youtube.com/watch?v=Oxxko9WWI2s

Tiada ulasan: