Feel like a real hacker - intercept other users' data! The program allows you to intercept web sessions of users who are connected to the same Wi-Fi point as you.
Easy to use, lightweight and stable program will allow you to "hijack" other users' web sessions. In practice, you can "look" into the mail of another user, edit the data in the social network account, and much more.
Characteristic
The DroidSniff program is designed to intercept user web sessions. It happens in the following way. You connect to a public, non-password-protected access point, turn on the program, wait for a scan, and "connect" to the discovered users.
The program provides the ability to follow links, open other people's social accounts, "climb" in an outside mail, not to mention the ability to simply track the actions of the unknown.
The program is based on exploiting the vulnerability of the HTTP protocol, which protects only the login-password entry page, and further maintains client-server communication by transferring cookies that are easily intercepted and can be used for their own purposes by cybercriminals using programs such as DroidSniff.
Peculiarities
There are two points to which we want to pay special attention. Firstly, the application lacks Russian localization, so you will have to deal with the functionality yourself. Secondly, the program compares favorably with DroidSheep - it works on Android systems from the 4th version, and it does it stably, quickly and without unnecessary hassle.
“A smartphone with hacking tools? There is no such thing, "- just recently we would have told you. It was possible to launch some familiar tools for implementing attacks only on some Maemo. Now, many familiar tools have been ported to iOS and Android, and some hack-tools have been specially written for the mobile environment. Can a smartphone replace a laptop in penetration tests? We decided to check.
ANDROID
Android is a popular platform not only for mere mortals, but also for the right people. The number of useful] [- utilities is simply off scale. For this, we can say thanks to the UNIX roots of the system - it greatly simplified the porting of many tools to Android. Alas, some of them are not allowed by Google in the Play Store, so you will have to install the corresponding APKs manually. Also, for some utilities, you need maximum access to the system (for example, the iptables firewall), so you should take care of root access in advance. Each manufacturer uses its own technology, but it is quite easy to find the necessary instructions. A decent set of HOWTOs has been put together by the LifeHacker resource (bit.ly/eWgDlu). However, if you could not find a model here, the XDA-Developers forum (www.xda-developers.com) always comes to the rescue, where you can find various information on virtually any Android phone model. One way or another, some of the utilities described below will work without root access.
Let's start with an unusual package manager. The developers call it "superuser utilities", and this is not far from the truth. After installing BotBrew, you get a repository from where you can download a huge number of familiar tools compiled for Android. Among them: Python and Ruby interpreters for running numerous tools that are written in them, tcpdump sniffer and Nmap scanner for network analysis, Git and Subversion for working with version control systems, and much more.
Network scanners
An inconspicuous smartphone that, unlike a laptop, easily fits into your pocket and never arouses suspicion, can be useful for network exploration. We have already said how you can install Nmap above, but there is another option. PIPS is a specially adapted, albeit unofficial port of the Nmap scanner for Android. This means that you can quickly find active devices on the network, determine their OS using fingerprinting options, perform port scans - in short, do everything that Nmap is capable of.
With Nmap, for all its power, there are two problems. Firstly, the parameters for scanning are transmitted through the launch keys, which you need not only to know, but also to be able to enter from an inconvenient mobile keyboard. And secondly, the scan results in the console output are not as descriptive as we would like. The Fing scanner is devoid of these shortcomings, which scans the network very quickly, does fingerprinting, after which it displays a list of all available devices in an understandable form, dividing them by type (router, desktop, iPhone, and so on). At the same time, for each host, you can quickly see a list of open ports. And right from here you can connect, say, to FTP using the FTP client installed in the system - it's very convenient.
When it comes to analyzing a specific host, NetAudit can be indispensable. It works on any Android device (even a non-rooted one) and allows you not only to quickly identify devices on the network, but also to investigate them using a large fingerprinting database to determine the operating system, as well as CMS systems used on the web server. Now there are more than 3000 digital prints in the database.
If, on the contrary, you need to work at a lower level and thoroughly investigate the operation of the network, then you cannot do without Net Tools. This is an indispensable set of utilities in the work of a system administrator that allows you to fully diagnose the operation of the network to which the device is connected. The package contains more than 15 different kinds of programs, such as ping, traceroute, arp, dns, netstat, route.
Traffic manipulation
A tcpdump-based sniffer honestly logs all data into a pcap file, which can then be examined using familiar utilities like Wireshark or Network Miner. Since it does not implement any opportunities for MITM attacks, it is rather a tool for analyzing its traffic. For example, this is a great way to learn what programs installed on your device from questionable repositories are transmitting.
If we talk about combat applications for Android, then one of the most sensational is FaceNiff, which implements interception and injection into intercepted web sessions. By downloading the APK package with the program, you can launch this hack-tool on almost any Android smartphone and, by connecting to a wireless network, intercept accounts of various services: Facebook, Twitter, VKontakte, and so on - more than ten in total. Session hijacking is carried out by means of ARP spoofing attack, but the attack is possible only on unsecured connections (FaceNiff cannot wedge into SSL traffic). To restrain the flow of scriptdis, the author limited the maximum number of sessions to three - then you need to contact the developer for a special activation code.
If the creator of FaceNiff wants money for using, then DroidSheep is a completely free tool with the same functionality. True, on the official website you will not find the distribution kit (this is due to the harsh laws of Germany regarding security utilities), but you can easily find it on the Web. The main task of the utility is to intercept user web sessions of popular social networks, implemented using the same ARP Spoofing. But with secure connections the trouble: like FaceNiff, DroidSheep flatly refuses to work with the HTTPS protocol.
This utility also demonstrates the insecurity of open wireless networks, but in a slightly different plane. It does not intercept user sessions, but it allows HTTP traffic to pass through itself using a spoofing attack, performing specified manipulations with it. Starting from the usual pranks (replacing all the pictures on the site with trollfaces, flipping all the images, or, say, replacing the Google search results) and ending with phishing attacks when fake pages of such popular services as facebook.com, linkedin.com, vkontakte.ru and many others.
If you ask which hack utility for Android is the most powerful, then Anti probably has no competitors. This is a real hacker harvester. The main task of the program is to scan the network perimeter. Further, various modules enter the battle, with the help of which a whole arsenal is implemented: this is listening to traffic, and performing MITM attacks, and exploiting the vulnerabilities found. True, there are also disadvantages. The first thing that catches your eye is that the exploitation of vulnerabilities is carried out only from the central server of the program, which is located on the Internet, as a result of which you can forget about goals that do not have an external IP address.
Tunneling traffic
The well-known file manager is now on smartphones! As in the desktop version, there is a plug-in system for connecting to various network directories, as well as the canonical two-pane mode - especially convenient on tablets.
Okay, but how do you keep your data safe on an open wireless network? Besides the VPN that Android supports out of the box, you can set up an SSH tunnel. For this there is a wonderful utility SSH Tunnel, which allows you to wrap the traffic of selected applications or the entire system through a remote SSH server.
It is often necessary to send traffic through a proxy or sox, in which case ProxyDroid will help out. It's simple: you choose which applications' traffic you want to tunnel, and specify the proxy (HTTP / HTTPS / SOCKS4 / SOCKS5 are supported). If authorization is required, then ProxyDroid also supports this. By the way, the configuration can be linked to a specific wireless network by making different settings for each of them.
Wireless networks
The built-in wireless manager is not very informative. If you need to quickly get a complete picture of nearby access points, then the Wifi Analyzer utility is an excellent choice. It will not only show all nearby access points, but also display the channel on which they work, their MAC address and, most importantly, the type of encryption used (seeing the cherished letters "WEP", we can assume that access to the secured network is provided ). In addition, the utility is ideal if you need to find where the desired access point is physically located, thanks to a clear signal level indicator.
This utility, according to its developer, can be useful when the wireless network is packed to capacity with clients who use the entire channel, and it is at this moment that you need a good connection and a stable connection. WiFiKill allows you to disconnect clients from the Internet both selectively and according to a specific criterion (for example, it is possible to joke over all apple trees). The program just performs an ARP spoofing attack and redirects all clients to themselves. This algorithm is foolishly simply implemented on the basis of iptables. Such is the control panel for wireless fast food networks :).
Web application audit
Manipulating HTTP requests from a computer is a breeze, there are a huge number of utilities and browser plugins for this. In the case of a smartphone, things are a little more complicated. HTTP Query Builder will help you send a custom HTTP request with the parameters you need, for example, the desired cookie or a modified User-Agent. The result of the query execution will be displayed in a standard browser.
If the site is password protected using Basic Access Authentication, then you can check its reliability using the Router Brute Force ADS 2 utility. Initially, the utility was created to brute force passwords to the router admin area, but it is clear that it can be used against any other resource with similar protection ... The utility works, but is clearly damp. For example, the developer does not provide for brute force, but only brute force is possible using a dictionary.
You've probably heard of such a notorious program for disabling web servers like Slowloris. Its principle of operation is to create and maintain the maximum number of connections with a remote web server, thus preventing new clients from connecting to it. So, AnDOSid is an analogue of Slowloris right in your Android device! I'll tell you a secret, two hundred connections are enough to ensure unstable work of every fourth website under the control of the Apache web server. And all this - from your phone!
Miscellaneous utilities
When working with many web applications and analyzing their logic, it is quite common to encounter data transmitted in encoded form, namely Base64. Encode will help you decode this data and see what exactly is stored in it. Perhaps, substituting a quotation mark, encoding them back into Base64 and substituting them in the URL of the site under investigation, you will receive the coveted error of executing a query to the database.
If you need a hex editor, Android has one too. With the help of HexEditor, you can edit any files, including system files, if you raise the program to superuser rights. An excellent replacement for the standard text editor, allowing you to easily find the desired piece of text and change it.
Remote access
After gaining access to a remote host, you need to be able to use it. And this requires clients. Let's start with SSH, where ConnectBot is already the de facto standard. In addition to a user-friendly interface, it provides the ability to organize secure tunnels through SSH connections.
A useful program that allows you to connect to a remote desktop via RDP or VNC services. I am very glad that these are two clients in one, there is no need to use different tools for RDP and VNC.
MIB browser specially written for Android, with which you can manage network devices using SNMP protocol. It can be useful for the development of an attack vector on various routers, because the standard community string (in other words, a password for access) for management via SNMP has not yet been canceled.
iOS
The iOS platform is no less popular among developers of security utilities. But if in the case of Android, root rights were needed only for some applications, then on Apple devices, jailbreak is almost always required. Fortunately, even the latest iDevice firmware (5.1.1) already has a jailbreak tool. Along with full access, you also get an alternative Cydia application manager, which already contains many utilities.
Working with the system
The first thing to start with is installing the terminal. For obvious reasons, it is not included in the standard delivery of the mobile OS, but we will need it to run the console utilities, which we will talk about further. The best implementation of a terminal emulator is MobileTerminal - it supports several terminals at once, gestures for control (for example, for transferring Control-C) and generally impresses with its thoughtfulness.
Another, more difficult option to access the device console is to install OpenSSH on it (this is done through Cydia) and connect to it locally via an SSH client. If you use the right client like iSSH, which has amazingly implemented touch screen control, then this method is even more convenient than through MobileTerminal.
Data interception
Now that you have access to the console, you can try the utilities. Let's start with Pirni, which went down in history as a full-fledged sniffer for iOS. Unfortunately, the constructively limited Wi-Fi module built into the device cannot be switched to the promiscious mode required for normal data interception. So, to intercept data, classic ARP spoofing is used, with the help of which all traffic is passed through the device itself. The standard version of the utility is launched from the console, where, in addition to the parameters of the MITM attack, the name of the PCAP file is specified, into which all traffic is logged. The utility has a more advanced version - Pirni Pro, which boasts a graphical interface. Moreover, it can parse HTTP traffic on the fly and even automatically extract interesting data from there (for example, usernames and passwords) using regular expressions that are set in the settings.
The notorious sniffer Intercepter-NG, which we have written about many times, has recently had a console version. As the author says, most of the code is written in pure ANSI C, which behaves the same in almost any environment, so the console version worked from the very beginning both on desktop Windows, Linux and BSD, as well as on mobile platforms, including iOS and Android. ... The console version has already implemented grabbing of passwords transmitted over various protocols, interception of messenger messages (ICQ / Jabber and many others), as well as resurrection of files from traffic (HTTP / FTP / IMAP / POP3 / SMTP / SMB). At the same time, network scanning functions and high-quality ARP Poison are available. For correct operation, you must first install the libpcap package via Cydia (do not forget to enable developer packages in the settings). The entire startup instruction boils down to setting the correct rights: chmod + x intercepter_ios. Further, if you run the sniffer without parameters, a clear interactive interface Itercepter appears, allowing you to launch any attacks.
It's hard to believe, but this most complex tool for implementing MITM attacks was still ported to iOS. After colossal work, it turned out to make a full-fledged mobile port. To save yourself from dancing with a tambourine around dependencies during self-compilation, it is better to install the already built package using Cydia, after adding theworm.altervista.org/cydia (TWRepo repository) as a data source. The set also includes the etterlog utility, which helps to extract various useful information from the collected traffic dump (for example, FTP access accounts).
Analysis of wireless networks
In older versions of iOS, craftsmen ran aircrack and could break the WEP key, but we checked: the program does not work on new devices. Therefore, to explore Wi-Fi, we will have to be content with only Wi-Fi scanners. WiFi Analyzer analyzes and displays information about all available 802.11 networks around, including information about SSID, channels, vendors, MAC addresses and encryption types. The utility builds visual graphs in real time based on the data present on the air. With such a program, it is easy to find the physical location of the point, if you suddenly forgot it, and, for example, look at the WPS PIN, which can be useful for connection.
Network scanners
What program does any pen tester use anywhere in the world, regardless of goals and objectives? Network scanner. And in the case of iOS, it will most likely be the most powerful Scany toolkit. With a set of built-in utilities, you can quickly get a detailed picture of network devices and, for example, open ports. In addition, the package includes network testing utilities such as ping, traceroute, nslookup.
However, many people prefer Fing. The scanner has a fairly simple and limited functionality, but it is quite enough for the first acquaintance with the network of, say, a cafeteria :). The results display information about available services on remote machines, MAC addresses and host names connected to the scanned network.
It would seem that everyone forgot about Nikto, but why? After all, this web vulnerability scanner, written in a scripting language (namely Perl), you can easily install through Cydia. This means that you can easily launch it on your jailbroken device from the terminal. Nikto will be happy to provide you with additional information on the tested web resource. In addition, you can add your own search signatures to its knowledge base with your own hands.
This powerful tool for automatic exploitation of SQL vulnerabilities is written in Python, which means that by installing the interpreter, it can be used without any problems directly from a mobile device.
Remote control
Many network devices (including expensive routers) are SNMP-managed. This utility allows you to scan subnets for available SNMP services with a previously known community string value (in other words, standard passwords). Note that searching for SNMP services with standard community strings (public / private) in an attempt to gain access to device management is an integral part of any penetration test, along with identifying the perimeter itself and exposing the services.
Two utilities from the same manufacturer are designed to connect to a remote desktop using the RDP and VNC protocols. There are many similar utilities in the App Store, but these are the ones that are especially convenient to use.
Password recovery
The legendary program that helps millions of hackers around the world to "remember" the password has been ported to iOS. Now it is possible to brute-force passwords for services such as HTTP, FTP, TELNET, SSH, SMB, VNC, SMTP, POP3 and many others directly from the iPhone. However, for a more effective attack, it is better to stock up on good dictionaries for brute force.
Everyone knows firsthand such a vulnerability as the use of standard passwords. Pass Mule is a kind of directory that contains all kinds of standard logins and passwords for network devices. They are conveniently categorized by vendor name, product and model, so finding the right one is easy. The program is more likely designed to save time searching for a manual for a router, the standard login and password for which you need to find out.
Exploiting vulnerabilities
It's hard to imagine a more hacking utility than Metasploit, and that's what concludes our today's review. Metasploit is a multi-tool package whose main task is to exploit vulnerabilities in software. Imagine: about 1000 reliable, proven and necessary exploits in the daily life of a pentester - right on your smartphone! With the help of such a tool, you can really settle in any network. Metasploit allows not only exploiting flaws in server applications - tools are also available for attacks on client applications (for example, through the Browser Autopwn module, when a combat load is inserted into client traffic). Here I must say that there is no mobile version of the toolkit, however, you can install a standard package on an Apple device using the.
", an almost similar article about Android was born.
We already know what the iPhone is capable of. Is Android inferior to it?
About 25 combat applications were reviewed. I want to give you the result of a little research. Many applications did not even start, some hung the phone tightly, but some even worked!
All software was tested on LG Optimus phone, with Android 2.3 version.
So, a brief overview of Android combat software:
1. Shark- The same wireshark. Yes, it is also available for Android. Works flawlessly. The device started up without problems. Writes logs in * .pcap format. Adds to sdcard. The file can be easily parsed both on a windows machine and on the phone itself using Shark Read. (Nice app. Especially if the phone works as a WiFi hotspot)
2. DroidSheep / Facesniff- Interception of web sessions. Quite simple, but sensational applications. We cling to an open point, launch it and wait ... By the way, sometimes you can hang the point itself.
3. WiFiKill- Application from the must have series. Scans the entire subnet you are on. Lists devices. Select the one you don't like, click on the checkmark and wait a couple of seconds. The device remains without the Internet.
4. Set MAC address- Changes your MAC. Works well in conjunction with step 3.
5. Net Swiss Tool Free / Fing- Scans wireless networks, displays a list of connected devices. It can scan each device separately, display a list of open ports. The ships include ping, trace, wake on lan, arp, udp-flood. 
6. Wi-Fi Analytics- Nice application. Displays all available access points, SSID, mac, encryption, signal strength.
7. Hosts Editor- Allows editing / etc / hosts. A useful application, especially when the phone acts as a WiFi hotspot.
8. kWS - Android Web Server- web server. Works well with # 7.
9. RouterAttack / Route Brute Force ADS 2- Real BruteForce on Android! Each of the applications tries to try to force Basic Access Authentication. The software itself is a little damp. But my point, with a password of 12345, was twisted pretty easily and quickly. For normal work - do not forget to download a good dictionary.
10. Router KeyGen- selects pre-installed WPA / WEP access keys for your Android smartphone from nearby routers. Works well with standard Thomson, DLink, Pirelli Discus, Eircom, Verizon FiOS.
11.Android Network Toolkit - Anti- Universal application. Network Scanner, Sniffer, MITM, Remote Exploits! Expandable functionality through plugins. The more functionality, the more money it costs.
Most of the applications require root privileges "a.
This article is written for informational purposes only!
The developers of such a utility claim that it was created in American secret laboratories. Of course, the installation of such a program is carried out under the full responsibility of the user, since by reading the information of another person, he violates his rights.
More about the game
Among the advantages that such a program brings is the ability to take possession of another person's account, read all his messages and send them on his behalf.
In addition, you can change the picture on the avatar or the status of another person, as well as send and receive files, which is very convenient.
Installation and use
The program copies the original MAC code of another person's mobile device, after which the device software considers that it was entered from a familiar smartphone or tablet. "WhatsApp Sniffer" can copy this code using a special SMS "victim", which has a special link.
Opening such a link will allow the user to enter the victim's phone. Also, copying the MAC code is possible through a call made to the victim's phone from this application. Answering such a call will enable the program to penetrate the victim's phone. Being next to the "victim" and using one Wi-Fi, you can launch the program and indicate the victim's phone number. Literally, in a second, the program will penetrate another person's phone.
- Remember that by installing a third-party application for yourself, you yourself are responsible for the consequences!
- Reading someone else's correspondence, you violate his rights, and for this criminal liability is provided!
- This instruction only provides information on how attackers read someone else's correspondence, but in no case calls you to do this.
What is a sniffer? In thieves' jargon, these words mean a person who can open the safe with anything, even the most rusty pin. Let's figure out what an application like WhatsApp Sniffer is for, for a computer and a phone, which, by the way, can be downloaded from our website.
Why do you need
This utility was created in special classified laboratories in America - at least that's what the developers say. With the help of a sniffer, you can easily hack any account in Votsap and get access to all the secrets of the correspondence of the desired person. Of course, you download the program at your own peril and risk, no one is responsible for its bugs and other possible unpleasant moments.
So, according to the developers, the sniffer allows you to:
- completely take over the accounts of the "victim", as if it were your personal account in Wotsap;
- read all user messages;
- send messages to the user's friends on his behalf;
- change the photo on the avatar;
- change status;
- send files and receive them.
How does it work
The utility works only on Android. The developers also assure us that this application is completely safe for the phone.
So, the essence of the sniffer's work is as follows: each phone has its own original MAC-code, which the utility copies and, thus, the program thinks that it was entered from a familiar smartphone or other gadget. The sniffer can copy the MAC code in three ways:
- SMS. Send a special SMS to the victim with a link. When the victim opens the link, the sniffer will penetrate the phone and the user's WhatsApp program, opening access for you.
- Call. The application calls the victim's phone and when she answers it penetrates the phone and the application.
- Wi-Fi. If you are next to the victim, and you use the same Wi-Fi with her, then you just need to launch a sniffer on your phone and indicate the victim's number: in a second, you will have access to her WhatsApp.
To use the sniffer, just start the utility, select the method of use and press "spoof" - the button that allows you to detect the phone of the person you are interested in.
Where to download and how to install
To download WhatsApp Sniffer for Android you need to type in Google: "whatsapp sniffer apk download", or use the installation file that you can find on our website. Unfortunately, you won't be able to download Whatsapp sniffer for iphone, because there is simply no Whatsapp sniffer for this operating system.
In order to install the utility on your phone, follow these steps:
- Transfer the installation file to your smartphone.
- Launch it - it will install normally.
- When opening the file, it will ask for permission to access some functions, select "Allow". That's it: the sniffer is installed on your gadget.
If you can't install Sniffer, then it is recommended to hack it for which you need to download WhatsApp Hach Sniffer for free in Russian.
How to keep yourself safe from WhatsApp Sniffer
What if you are not a spy, but a victim? If you have the slightest suspicion that your phone is being used by intruders for their own ends, you should uninstall the Wotsap application and reinstall it. Moreover, it is recommended:
- Clean your phone with any antivirus;
- Contact the Wotsap developers so that they put more serious protection against the penetration of third-party programs into the utility.
- Always check how reliable the Wi-Fi network you are using is. So, if you have any suspicions that hackers may be connected to it, then it is better not to connect to it.
