Home page logo
/

pen-test logo Penetration Testing mailing list archives

Requesting comments for a new wireless software project
From: "Moser Max" <MMoser () 3gmobile ch>
Date: Tue, 6 Aug 2002 10:32:08 +0200

Hi there once again :-)

After we did develop the Wireless-scanner "Wellenreiter"
(http://www.remote-exploit.org, 
the team remote-exploit.org found some difficulties in Implementing all
the desired features 
and did think about a more modular way to do it. We also found out that
a good Engine could be 
used for much more than simply for scanning.

Please give us your ideas an feedback or advices if you have any. Below
is the first idea 
text i did for the airwrecker.
P.S. We also search some perl developers that can do networkporgramming
for that projet. 
I allready start to write the Basic probe module.

Greetings

Max Moser
-------------------------------------------------------------
Airwrecker -- A multi purpose wireless tool 
--------------------------------------------------------------
The idea:
The airwrecker is a flexible and extensible wireless tool. It is
something between 
Wellenreiter/Kismet, Snort, Airsnort and Ethereal. Airwrecker is
designed as a client 
server architecture. Each functionality consists of its own server,
which does its own job well.
Modules of which Airwrecker should consist of: 

Airprobe:
This is a simple sniffer, modelled on the lines of tcpdump. It must have
the following features:
- Packet verifier (validate the checksum of the packet) 
- A bpf filter (or other type of filtering support).
- A packet redirector (send to file/other NIC/reporting GUI) 
Desirable features:
- Support for all wireless rfmon able cards.
- Multicast support.
- Report to multiple clients

GUI/viewer:
-This is a reporting module independent of the packet capturing module.
It should be possible for 
 the viewer to be supporting multiple reporting probes, and for it to be
a console app, or a X app.
 
WEP module:
- This module will be designed specifically to crack WEP packets. 

String matcher:
- This is a simple pattern matcher. It is designed to be used like
dsniff or ngrep, looking for 
  specific patterns in the cleartext sent to it. It is not required to
support binary data, but 
  only plain text.

IDS module:
- This is an advanced version of the string matcher, and should be able
to handle complex regular 
  expressions, and binary data. So it should act like an intrusion
detection system. 

Alerting:
- This module generates alerts for the user. Both the string watcher and
IDS modules report to 
  this module, which should be configurable to report via syslog, mail,
viewer. This module is 
  separate because it is complex.

Others:
- Possible other modules are ones for locating a transmitter via
triangulation for MAC addresses. 
  The base architecture is designed to be easily extensible and other
developers should not have 
  a problem with extending airwrecker. 

Please let me know what you think about that and ideas for other
modules.
Greetings Max 

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/


  By Date           By Thread  

Current thread:
  • Requesting comments for a new wireless software project Moser Max (Aug 06)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault