Wednesday, September 19, 2007
This 'fix' is going to be included in the next version, but if anyone wants the fix right now, please send me an email (hernan [at] gmail.com) and I'll send you the version that supports cards that do not output prism headers.
Tuesday, September 18, 2007
You can get it here:
The direct download link is the following:
(if you click the last link, you miss the graph samples :))
Friday, September 07, 2007
I also wanted a tool to leave unattended, hopping thru all 802.11 channels, go read a book, come back, and get some useful information from it. I also wanted to make graphs of stuff, because everybody loves graph, and I do too :). I really believe data representation is very important and changes everything.
So I basically reinvented the wheel, added some stuff to it, everything using python, and came up with WifiZoo.
You can check it out at http://community.corest.com/~hochoa/wifizoo/index.html. You can find a detailed description of the tool in the previous link.
Again, is nothing spectacular, but is a fun tool to use on wireless penetration tests, it works, still lots of functionality needs to be added, but again, it gets the job done. For now, I take the tool as a fun exercise to spend time on from time to time :).
Wednesday, September 05, 2007
It includes scenarios, workarounds, possible issues etc.
I'll be adding more info from time to time, so check it out periodically if you are interested in the tool.
Tuesday, September 04, 2007
I expect people to continue having issues on some platforms because the things the tool does are dependant on certain memory areas that vary from OS version to OS version, so, if you have issues, please let me know, most of the time is very easy to add support for your platform to the tool.
The source code is available here.
The binaries are available here
-Improved support for windows xpsp2 german/french, windows 2003 sp1/sp2, both for
IAM.EXE and WHOSTHERE.EXE
-Added to IAM.EXE and WHOSTHERE.EXE the -B switch. If IAM.EXE or WHOSTHERE.EXE is
not working in your configuration, please run the tools again specifying -B at the end.
The -B option will try to find, using 'heuristics', the addresses the tools need
to do what they do. If you are still having issues, please let me know, I expect people
to have issues because the addresses vary from OS version to OS version.
Note for Windows Server 2003 users:
-if you run IAM.EXE and it ends as expected, as If it had worked, but then you run
WHOSTHERE.EXE and the credentials did not change, do the following:
-start a cmd.exe using runas, for example:
runas /user:administrator cmd.exe
-and in the new console run IAM.EXE, and then WHOSTHERE.EXE to verify. And now
it should work.
It seems that sometimes you need a new session different than the interactive
session for LSASS.EXE to accept the modifications to the credentials in memory. If
you are logging to the machine remotely using psexec/Remote Desktop etc this does
not to occur (at least, this is what I observed), I had troubles like this when
logging interactively to the server. Also after you run 'runas', running IAM.EXE
in a regular CMD.EXE shell will start working. Don't take any of this as
a precise explanation of what's going on, this is just what I observed and a way
to work around it. I'll analyze what's really going on in the future..