WifiZoo does the following:
-gathers bssid->ssid information from beacons and probe responses *(now the graph contains the ssid of the bssid :), new in v1.1)*
-gathers list of unique SSIDS found on probe requests (you can keep track of all SSIDS machines around you are probing for, and use this information on further attacks)*new in v1.1*
-gathers the list and graphs which SSIDS are being probed from what sources *new in v1.1*
-gathers bssid->clients information and outputs it in a file that you can later use with graphviz and get a graph with “802.11 bssids->clients”. It gathers both src and dst addresses of packets to make the list of clients so sometimes you get weird graphs that are fun to analyze 🙂 (basically, because I still need to omit multicast dst addresses and things like that). Using the dst address means that sometimes you get mac addresses of wifi devices that are not near you, but I think gives you information about the wifi ‘infrastructure’, again, I think :).
-gathers ‘useful’ information from unencrypted wifi traffic (ala Ferret,and dsniff, etc); like pop3 credentials, smtp traffic, http cookies/authinfo, msn messages,ftp credentials, telnet network traffic, nbt, etc.
-and I think that’s it.
via WifiZoo.
This tool is frighteningly effective.
Big questions – is there anything keeping sites from passing cookies via ssl? If not, every major site should move to that immediately. I’m looking at you Youtube, MySpace, and Facebook.