Difference between pages "Category:Network Forensics" and "Webloc"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
(kisMAC wireless sniffer/scanner)
 
m (forgot the main reason why I created this page, DeRez)
 
Line 1: Line 1:
{{Infobox_Software |
+
This is Mac OS X's internet shortcut file, similar to the Microsoft Windows [[.URL]] file.  However, due to the heavy usage of [[AppleDouble_header_file|AppleDouble]] resources, the expected data is actually stored as metadata and not in the the expected data file location.
  name = KisMAC |
+
  maintainer = KisMAC Team |
+
  os = {{MAC OS X}} |
+
  genre = Wireless forensics |
+
  license = {{Unknown}} |
+
  website = [http://www.http://kismac-ng.org] |
+
}}
+
  
""KisMAC"" is a free and open-source sniffer/scanner for MAC OS X that uses third party usb devices including, Intersil Prism2, Ralink rt2570, rt73, and Realtek rtl8187 chipsets. All of the internal AirPort hardware is supported for scanning.
+
On the file system itself, the shortcut file named <code>News.webloc</code> pointing to <code>http://news.google.com</code> is actually a zero byte file. The URL is instead stored in the <code>._News.webloc</code> file in a field with resource type '<code>url </code>'.
  
== Features ==
+
The contents of this resource file are visible with the Apple Developer Tool [http://developer.apple.com/documentation/Darwin/Reference/ManPages/man1/DeRez.1.html DeRez]
  
* Reveals hidden / cloaked / closed SSIDs
+
[[Category:File Formats]]
* Shows logged in clients (with MAC Addresses, IP addresses and signal strengths)
+
* Mapping and GPS support
+
* Can draw area maps of network coverage
+
* PCAP import and export
+
* Support for 802.11b/g
+
* Different attacks against encrypted networks
+
* Deauthentication attacks
+
* AppleScript-able
+
* Kismet drone support (capture from a Kismet drone)
+
 
+
 
+
== Supported Hardware Chipsets ==
+
 
+
Apple AirPort and AirPort Extreme (dependent upon Apple's drivers)
+
Intersil Prism 2, 2.5, 3 USB devices
+
Ralink rt2570 and rt73 USB devices
+
Realtek RTL8187L USB (such as the Alfa AWUS036H, which does not work on Mac OS 10.6.7 or later)
+
 
+
== Crypto Support ==
+
 
+
Bruteforce attacks against LEAP, WPA and WEP
+
Weak scheduling attack against WEP
+
Newsham 21-bit attack against WEP
+
 
+
 
+
More information about KisMAC can be found at [http://www.http://trac.kismac-ng.org/wiki link kismac-ng.org]
+

Revision as of 03:27, 4 September 2008

This is Mac OS X's internet shortcut file, similar to the Microsoft Windows .URL file. However, due to the heavy usage of AppleDouble resources, the expected data is actually stored as metadata and not in the the expected data file location.

On the file system itself, the shortcut file named News.webloc pointing to http://news.google.com is actually a zero byte file. The URL is instead stored in the ._News.webloc file in a field with resource type 'url '.

The contents of this resource file are visible with the Apple Developer Tool DeRez