FAQ: Wireless Tools & Sniffers

Compile a List of Wireless Tools

Postby tomjones » Mon Sep 09, 2002 6:17 am

Hello,

It seems like there are always new tools coming out. Just wondering if you all wouldn't mind adding to the list. I'd like to make sure I'm up to date on the latest wlan (or related e.g. sniffers supporting wireless) utilities.

All platforms (commercial and free)....
I'll start:

netstumbler (ministumbler)
airsnort
kismet
airopeek
@stake wap toolkit
aptools
iss wireless scanner
sniffer pro
ethereal
wellenreiter
nsspyglass
airsnare
airjack


I know there are apps I'm missing. Not too familiar with handheld apps yet.

Thanks for any additions.
tomjones
Mini Stumbler
 
Posts: 61
Joined: Fri May 10, 2002 9:05 am

Postby Chris_Schear » Mon Sep 09, 2002 6:21 am

I would also have to recommend AirMagnet. An excellent commercial grade package. With regards to Airopeek, I would ensure you include the "NX" version, as it contains some significant enhancements.
User avatar
Chris_Schear
 
Posts: 243
Joined: Mon Aug 05, 2002 12:54 pm
Location: WDM, Iowa

Postby Chris » Mon Sep 09, 2002 7:04 am

This came across one of the mailing lists the other day:

The list is at http://www.networkintrusion.co.uk/wireless.htm
The products (in no particular order (yet))

BSD - Airtools -- http://www.dachb0den.com/projects/bsd-airtools.html
NetStumbler -- http://www.netstumbler.com/
Kismet -- http://www.kismetwireless.net/
Fake AP -- http://www.blackalchemy.to/Projects/fakeap/fake-ap.html
Wellenreiter -- http://www.remote-exploit.org
AirSnort -- http://airsnort.shmoo.com/
WaveStumbler -- http://www.cqure.net/tools08.html
Wireless Scanner --
http://www.iss.net/products_services/enterprise_protection/vulnerability_assessment/scanner_wireless.php
Airosniff -- http://www.wildpackets.com/products/airopeek
AiroPeek -- http://www.wildpackets.com/products/airopeek
StumbVerter -- http://www.sonar-security.com
AP Scanner -- http://homepage.mac.com/typexi/Personal1.html
Sniffer Wireless -- http://www.sniffer.com/products/wireless/default.asp?A=5
WEPcrack -- http://wepcrack.sourceforge.net/
Prism2 -- http://hostap.epitest.fi/
Mini Stumbler -- http://www.netstumbler.org/download.php?op=getit&lid=21
SSIDsniff -- http://www.bastard.net/~kos/wifi/
MacStumbler -- http://homepage.mac.com/macstumbler/
WaveMon -- http://www.jm-music.de/projects.html
PrismStumbler -- http://prismstumbler.sourceforge.net/
AirTraf -- http://airtraf.sourceforge.net/
MogNet -- http://chocobospore.org/mognet/
AirMagnet -- http://www.airmagnet.com/products.htm
Isomair -- http://www.isomair.com/products.html
Air-Jack -- http://802.11ninja.net/
AirDefense -- http://www.airdefense.net/products/index.shtm
WiFiScanner -- http://sourceforge.net/projects/wifiscanner/
perl -e 'print pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'
User avatar
Chris
 
Posts: 1141
Joined: Mon Jul 15, 2002 4:00 am

Postby Chris_Schear » Mon Sep 09, 2002 7:14 am

Airosniff used to be here - http://gravitino.net/~bind/code/airosniff/

However, it's been unavailable for some time. Airosniff is not a Wildpackets product.
User avatar
Chris_Schear
 
Posts: 243
Joined: Mon Aug 05, 2002 12:54 pm
Location: WDM, Iowa

Postby The Others » Mon Sep 09, 2002 7:23 am

Ettercap is pretty cool.
all good ends all

?u=273
User avatar
The Others
 
Posts: 2910
Joined: Mon Apr 22, 2002 7:27 am
Location: Dos Palabras, Mandoras

Postby Chris » Mon Sep 09, 2002 7:29 am

perl -e 'print pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'
User avatar
Chris
 
Posts: 1141
Joined: Mon Jul 15, 2002 4:00 am

Sniffer FAQ

Postby g0tr00t » Wed Sep 25, 2002 9:28 am

This is pretty good. Enjoy.


Sniff this bad boy
g0tr00t

"Its all fun and games until someone gets killed."
User avatar
g0tr00t
 
Posts: 352
Joined: Thu May 02, 2002 5:01 pm
Location: r00ting y0ur b0x.

Postby blackwave » Wed Sep 25, 2002 10:14 am

-=BW=-
User avatar
blackwave
 
Posts: 4507
Joined: Mon Apr 15, 2002 3:00 am
Location: SoCal, OC

Postby g0tr00t » Thu Sep 26, 2002 3:38 am

Originally posted by Eyecannon
Q: Is there a sniffer for windows that decodes HTTP packets to an actual webpage so you can surf as the other person surfed?


I think it is IRIS
Attachments
iris.jpg
iris.jpg (42.65 KiB) Viewed 7844 times
g0tr00t

"Its all fun and games until someone gets killed."
User avatar
g0tr00t
 
Posts: 352
Joined: Thu May 02, 2002 5:01 pm
Location: r00ting y0ur b0x.

Various Sniffers

Postby nashr » Thu Sep 26, 2002 3:54 am

Originally posted by Eyecannon
Q: Is there a sniffer for windows that decodes HTTP packets to an actual webpage so you can surf as the other person surfed?


There's a package called dsniff that was ported to windows. It includes:

<B>dsniff</B>
simple password sniffer. handles FTP, Telnet, HTTP, POP, NNTP, IMAP, SNMP, LDAP, Rlogin, NFS, SOCKS, X11, IRC, AIM, CVS, ICQ, Napster, Citrix ICA, Symantec pcAnywhere, NAI Sniffer, Microsoft SMB, and Oracle SQL*Net auth info. goes beyond most sniffers in that it minimally parses each application protocol, only saving the "interesting" bits. uses Berkeley DB as its output file format, logging only unique auth info. supports full TCP/IP reassembly, courtesy of libnids (all of the following tools do, as well).

<B>mailsnarf</B>
a fast and easy way to violate the Electronic Communications Privacy Act of 1986 (18 USC 2701-2711), be careful. outputs all messages sniffed from SMTP traffic in Berkeley mbox format, suitable for offline browsing with your favorite mail reader (mail -f, pine, etc.).

<B>urlsnarf</B>
output all requested URLs sniffed from HTTP traffic in CLF (Common Log Format, used by almost all web servers), suitable for offline post-processing with your favorite web log analysis tool (analog, wwwstat, etc.).

<B>webspy</B>
sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time (as the target surfs, your browser surfs along with them, automagically). a fun party trick. :-)

Nice little package of tools that I use in pen testing, vulnerabilitiy assessments, etc. This package can be found at:

http://www.datanerds.net/~mike/dsniff.html


ENJOY!!! :D
Help! I've been Simpsonized!
User avatar
nashr
 
Posts: 1585
Joined: Fri Aug 09, 2002 6:12 am
Location: Virginia

This?

Postby g0tr00t » Fri Sep 27, 2002 1:17 am

Originally posted by TheSovereign
has anyone had any luck sniffing remote hosts?
on the same subnet like in cable modems?
i dont want to do it im just asking if it was possibe because they seem to be on a sort of lan


You like sniffing my box?

:D
g0tr00t

"Its all fun and games until someone gets killed."
User avatar
g0tr00t
 
Posts: 352
Joined: Thu May 02, 2002 5:01 pm
Location: r00ting y0ur b0x.

Postby Eyecannon » Fri Sep 27, 2002 10:04 am

I found a more compact (and cheaper) version of Iris made by Effetech called HTTP Sniffer... reconstructs HTML perfectly (unless it's been SSL'd!)

Thanks for more toys to play with though ;)

EDIT: hey for dsniff for win32, it wants it compiled... is there a lean C++ compilier I can get with out getting an entire suite?
No, officer, YOU are under arrest!

http://eyecannon.com/wardrive.html
User avatar
Eyecannon
 
Posts: 679
Joined: Mon Aug 05, 2002 3:28 pm
Location: Santa Monix

Postby Eyecannon » Sun Sep 29, 2002 9:17 pm

No, officer, YOU are under arrest!

http://eyecannon.com/wardrive.html
User avatar
Eyecannon
 
Posts: 679
Joined: Mon Aug 05, 2002 3:28 pm
Location: Santa Monix

tcp content sniffer (jpeg, gif & mp3)

Postby uzurpatorul » Sat Apr 02, 2005 7:34 pm

uzurpatorul
Mini Stumbler
 
Posts: 3
Joined: Sat Apr 02, 2005 7:29 pm


Return to WiFi

Who is online

Users browsing this forum: No registered users and 1 guest