Posts Tagged ‘Scapy’

Hello I don’t know how many of you are familiar with scapy (see http://www.secdev.org/projects/scapy/) There is a windows port which Zack Payton Dirk Loss and others had done

Today I am bringing WifiZoo to Windows using the Scapy Windows Port.

What is Wifizoo you ask? Taken from their website here is a description.

WifiZoo is a tool to gather wifi information passively. I wanted to do something wifi-related somewhat helpful in wifi pentesting and I did this to have fun after I discovered ‘Ferret’ from Errata Security. I know neither Ferret or WifiZoo do anything spectacular, but I thought that the idea was fun/useful anyways.

I basically wanted something that I could run, by itself, to get info from open wifi networks (and possibly encrypted ones in the future, at least with WEP ) without joining any network, and covering all wifi channels, and this is what I came up with so far. Its written in python, I can modify it easily, and it fulfills a not-very-ambitious purpose. Kudos to scapy for doing pretty much all the packet parsing for me (scapy is great).

Ok now onto the source Imagery and links

The source was pretty straight forward to change I won’t explain my secrets

but here it is running on eth0

import thing here is to “cd” to the directory where wifizoo.py is located this is important for viewing the wifizoo web interface as I found out ( at least on my system it would not dipslay unless running from the same directory )

Like I said this is still beta and working out the bugs so I won’t post the source today

here is the web interface

Ok I will explain what I have changed in the source so far to make this work

appHandlers.py
- import curses.ascii
+ #import curses.ascii

wifiglobals.py
- import curses.ascii
+ #import curses.ascii

- if curses.ascii.isctrl(c):
+ #if curses.ascii.isctrl(c):

+ if ord(c) >= 0 and ord(c) <=31:

wifizoo.py
- import curses.ascii
+ #import curses.ascii

also changing conf.eth = “auth0s” # or whatever to your intreface

anyway thats not to exciting and its not 100 % yet we will see if it succeeds

Cheers

Maboroshi

Here is a simple guide to building a network sniffing tool. This tutorial assumes knowledge of Python and that you Have Scapy installed on your system

First we do our imports


import time, random from Tkinter import *
from threading import *
from scapy import *
import tkFileDialog
conf.verb = 1

Now we set up our GUI I made a very simple GUI for this Project

class ThreadedClient:
def __init__(self, master=None):
self.ok =1
self.master = master

self.thread = Thread(target=self.sniffit)
self.frame = frame = Frame(master)

self.labelip = Label(frame, text=”Count”)
self.labelip.pack(side=LEFT)

self.entrycount = Entry(frame)
self.entrycount.pack(side=LEFT, fill=X, expand=True)
self.entrycount.insert(END, “10″)

self.labelip = Label(frame, text=”Filter”)
self.labelip.pack(side=LEFT)

self.entryfilter = Entry(frame)
self.entryfilter.pack(side=LEFT, fill=X, expand=True)

self.labeli = Label(frame, text=”Iface”)
self.labeli.pack(side=LEFT)

self.entryiface = Entry(frame)
self.entryiface.pack(side=LEFT, fill=X, expand=True)
self.entryiface.insert(END, “eth0″)

self.start = Button(frame, text=”Sniff It”, command=self.run)
self.start.pack(side=LEFT)
##
self.save = Button(frame, text=”Save It”, command=self.windowit)
self.save.pack(side=LEFT)

self.btn = Button(frame, text=’Exit’, command=self.shutdown)
self.btn.pack(side=LEFT)

frame.pack(fill=X)

self.frame2 = frame2 = Frame(master)
self.scrollbar = Scrollbar(frame2)
self.scrollbar.pack(side=RIGHT, fill=Y)

self.textbox = Text(frame2)
self.textbox.pack(side=LEFT, fill=BOTH, expand=True)
self.textbox.config(yscrollcommand=self.scrollbar.set)
self.scrollbar.config(command=self.textbox.yview)
self.frame2.pack(fill=BOTH, expand=True)

Read the rest of this entry »

This is a simple guide to building a TCP/IP Network Fuzzer with a GUI using Scapy. Ok First we need to set up our Import statements


from Tkinter import *
import random
from scapy import *
conf.verb = 1


You can build your GUI how you like I chose to use a simple interface with input for various scapy TCP Options here is the GUI Code

root = Tk()
root.option_readfile("optionDB")
root.title("Tech Shinobi TCP/UDP Fuzzer")
root.wm_iconbitmap("shinobi.ico")
root.wm_resizable(0, 0)

frame = frame = Frame(root)
label = Label(frame, text=”Destination”).pack(side=LEFT)
dst = Entry(frame)
dst.pack(side=LEFT, fill=X, expand=True)
frame.pack(fill=X, expand=True)

frame = frame = Frame(root)
label = Label(frame, text=”Port”).pack(side=LEFT)
dport = Entry(frame)
dport.pack(side=LEFT, fill=X, expand=True)
dport.insert(END, 80)
frame.pack(fill=X, expand=True)

frame = frame = Frame(root)
label = Label(frame, text=”Seq”).pack(side=LEFT)
seq = Entry(frame)
seq.pack(side=LEFT, fill=X, expand=True)
seq.insert(END, “0″)
label = Label(frame, text=”Ack”).pack(side=LEFT)
ack = Entry(frame)
ack.pack(side=LEFT, fill=X, expand=True)
ack.insert(END, “0″)
frame.pack(fill=X, expand=True)

frame = frame = Frame(root)
label = Label(frame, text=”Flags”).pack(side=LEFT)
flags = Entry(frame)
flags.pack(side=LEFT, fill=X, expand=True)
flags.insert(END, “SA”)
frame.pack(fill=X, expand=True)

frame = frame = Frame(root)
button = Button(frame, text=”Fuzz TCP”, command=FuzzTCP)
button.pack()
frame.pack()
root.mainloop()

Now the Simple Code for the Fuzzer

def FuzzTCP():
dstit = str(dst.get())
seqit = int(seq.get())
ackit = int(ack.get())
dportit = int(dport.get())
flagsit = str(flags.get())
sendit = send(IP(dst=dstit)/fuzz(TCP(dport=dportit, seq=seqit, ack=ackit, flags=flagsit)), loop=1)

The sendit variable does the big job of the Fuzzer it basically sends packets in a loop with the various TCP options.

So Start up your network sniffer and give it a shot

This was coded by me maboroshi some improvements could be using threads for the GUI or a UDP option

here is the complete src www.techshinobi.com/software/fuzz.zip