NullNull Posted February 20, 2014 Posted February 20, 2014 (edited) Description Wireless IDS is an open source tool written in Python and work on Linux environment. This tool may be useful to those penetration testers, trainers and for those who interest and want to know more about wireless hacking..WIDs will sniff your surrounding air traffic for suspicious activities such as WEP/WPA/WPS attacking packets. It do the following Detect mass deauthentication sent to client / access point which unreasonable amount indicate possible WPA attack for handshakes. Continual sending data to access point using broadcast MAC address which indicate a possibility of WEP attacks Unreasonable amount of communication between wireless client and access point using EAP authentication which indicate the possibility of WPS bruteforce attack by Reaver / WPSCrack Detection of changes in connection to anther access point which may have the possibility of connection to Rogue AP (User needs to assess the situation whether similar AP name) Newly Added Features !!! Display similar Access Point's name (SSID) which could have the possibility of WiFi 'Evil Twins'. Display of probing SSID by wireless devices Detection of Korek Chopchop packets sent by Aircrack-NG (WEP attacks) Detection of Fragmentation PRGA packets sent by Aircrack-NG (WEP attacks) Detection of possible WPA Downgrade attack by MDK3 Detection of possible Michael Shutdown exploitation (TKIP) by MDK3 Detection of Beacon flooding by MDK3 Detection of possible Authentication DoS by MDK3 Detection of possible association flooding Detection of WPA Migration Attack by Aircrack-NG (WPA Attack) Allow logging of events to file. Allow disabling of displaying of probing devices Wireless devices / Access point's manufacturer Identification basing on the MAC OUI database. Pictures Links http://syworks.blogspot.gr/ https://github.com/SYWorks/wireless-ids https://www.facebook.com/syworks Edited February 21, 2014 by KiatoGS Quote
Guest spazi Posted February 20, 2014 Posted February 20, 2014 damn, thanks for sharing. Really interesting read :) Quote
Bobbers Posted April 7, 2014 Posted April 7, 2014 can we get TShark installed on the Pinapple's? is that possible? Quote
Sebkinne Posted April 7, 2014 Posted April 7, 2014 can we get TShark installed on the Pinapple's? is that possible? Sadly not. We just don't have enough ram for it. Best regards, Sebkinne Quote
wifi-stuff Posted April 7, 2014 Posted April 7, 2014 (edited) I really wanted tshark until I found that tcpdump could give me what I wanted, too. It doesn't do full header decoding, but it gives some basics. tcpdump -y ieee802_11_radio -i wlan0 Also, maybe remote capture over ssh would work for you: http://ask.wireshark.org/questions/23609/remote-capture-via-ssh-and-pipe Edited April 7, 2014 by wifi-stuff Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.