You Might Also : Best wifi hack app for iphone and Android 2017
Android is a popular platform not only for mere mortals but for the right people. The number of useful utilities here is just off the scale. For this, we can say thanks to the UNIX-roots of the system, which greatly simplified the porting of many tools on Android. Alas, some of them Google does not allow on the Play Store, so you'll have to manually set up the corresponding APKs. Also, for some utilities, you need maximum access to the system (for example, the iptables firewall), so you should take care of root access in advance.
Best Apps Hacking For AndroidFor each manufacturer, its own technology is used here, but it is quite easy to find the necessary instructions. A good set of HOWTO assembled the LifeHacker resource (bit.ly/eWgDlu). However, if any model was not found, the XDA-Developers forum (www.xda-developers.com) always comes to the aid, where you can find various information on virtually any Android phone model. Either way, some of the utilities listed below will work without root access. So we present you hacking tools for android.
You Might Also : 5 aplikasi hack wifi di iphone tanpa jailbreak
#1. Package ManagerBotBrew
Let's start the review with an unusual package manager. Developers call it "utilities for superusers", and it's not far from the truth. After installing BotBrew, you get a repository, from where you can download a huge number of compiled Android-like tools. Among them are: Python and Ruby interpreters to run numerous tools written on them, tcpdump sniffer and Nmap scanner for network analysis, Git and Subversion for working with version control systems and much more.
#2. Network ScannersPIPS
An inconspicuous smartphone, which unlike a laptop easily fits in your pocket and never arouses suspicion, can be useful for exploring the network. Above we have already said how you can install Nmap, but there is one more option. PIPS is specially adapted for Android, although it's an unofficial Nmap scanner port. So, you can quickly find active devices on the network, determine their OS with the help of fingerprinting options, conduct a port scan - in short, do everything that Nmap can do.
With the use of Nmap, despite all its power, there are two problems. First, the parameters for scanning are transmitted through the keys for launching, which need not only to know but also to be able to enter from an uncomfortable mobile keyboard. And secondly, the results of scanning in the console output are not as vivid as we would like. These drawbacks are deprived of the Fing scanner, which very quickly scans the network, makes fingerprinting, then displays a list of all available devices in a comprehensible form, dividing them by types (router, desktop, iPhone, etc.). At the same time for each host, you can quickly see the list of open ports. And directly from here you can connect, say, to FTP, using the FTP client installed in the system - it's very convenient.
When it comes to analyzing a specific host, the NetAudit utility can be irreplaceable. It works on any android device (even non-hardened) and allows not only to quickly identify devices on the network, but also to explore them using a large fingerprinting database to determine the operating system, as well as the CMS systems used on the web server. Now there are more than 3000 digital prints in the database.
If, on the contrary, you need to work at the level below and carefully investigate the work of the network, then you can not do without Net Tools. This is an indispensable set of utilities in the system administrator's work, which allows to completely diagnose the operation of the network to which the device is connected. The package contains more than 15 different kinds of programs, such as ping, traceroute, arp, dns, netstat, route.
#3. Wi-fi monitor mode in androidIn all WiFi-modules there is a special monitor mode (monitor mode). This mode can also be used for sniffing, interception and hacking passwords. However, in Android-devices due to hardware limitations access to this mode is closed. The fact is that most Android smartphones use the same ones from Broadcom - it's bcm4329 or bcm4330, which do not work in a completely standard way.
You Might Also: How to connect a wlan in iPhone, iPad, And iOS
A group of hackers ( Omri Ildis , Ruby Feinstein and Yuval Ophir ) decided to correct this shortcoming. They implemented the reverse engineering of the drivers - and found that the Broadcom driver simply cuts the 802.11 headers in the communication process, so that the packet monitoring mode is not available. For three weeks of work they managed to make modified versions of firmware for both Nexus One (bcm4329) and Galaxy S II (bcm4330). After reflashing, the standard monitor mode becomes available.
In the future, hackers are going to improve the firmware: add the ability to inject packets, make a better Linux driver and mount APK for mass use.
The bcmon project on Google Code
The site contains instructions for activating monitor mode on Nexus One (Cyanogen 7) and GS2 (Cyanogen 9). Ready packages can be downloaded here.
To run the code on other devices, you need to download the source code yourself and compile the package.
#4. MANIPULATION WITH TRAFFICShark For Root
Based on tcpdump, the sniffer honestly logs all data into the pcap-file, which can be further studied with the help of familiar utilities like Wireshark or Network Miner. Since no possibilities for MITM-attacks are implemented in it, it is rather a tool for analyzing your traffic. For example, this is a great way to learn what programs transferred to your device from questionable repositories transmit.
If we talk about combat applications for Android, then one of the most notorious is FaceNiff, which implements interception and implementation in intercepted web sessions. After downloading the APK-package with the program, you can run this hack-tool almost on any Android-smartphone and, by connecting to a wireless network, intercept accounts of various services: Facebook, Twitter, VKontakte and so on - just over ten. Seizure of the session is carried out using ARP spoofing attacks, but the attack is possible only on unprotected connections (wedged into SSL traffic FaceNiff can not). To constrain the flow of scripts, the author limited the maximum number of sessions to three.
If the creator of FaceNiff wants to use the money, then DroidSheep is a completely free tool with the same functionality. However, on the official site you will not find the distribution kit (this is due to the severe laws of Germany regarding security utilities), but it can be found on the Web without problems. The main task of the utility is to intercept user web sessions of popular social networks, implemented with the help of the same ARP Spoofing. But with secure connections, the trouble is: like FaceNiff, DroidSheep flatly refuses to work with the HTTPS protocol.
This utility also demonstrates the insecurity of open wireless networks, but somewhat in a different plane. It does not intercept user sessions but allows using spoofing attacks to pass HTTP traffic through itself, performing the specified manipulations with it. Starting from the usual pranks (replace all pictures on the site with trollfeysami, flip all images or, say, changing the issuance of Google) and ending with phishing attacks, when the user podsvyvayut feyky pages of popular services such as facebook.com, linkedin.com, Vkontakte.ru and many others.
Anti (Android Network Toolkit by zImperium LTD)
If you ask which hack-utility for Android is the most powerful, then Anti, perhaps, there are no competitors. This is a real hacking machine. The main task of the program is scanning the network perimeter. Further, various modules come into play, with which a whole arsenal is implemented: it's scanning traffic, performing MITM attacks, and exploiting the vulnerabilities found. True, there are also disadvantages. The first thing that catches your eye is that vulnerabilities are exploited only from the central server of the program that is on the Internet, so you can forget about goals that do not have an external IP address.
#5. Traffic TunnelProxy Droid
It is often necessary to launch traffic through a proxy or a sox, in which case ProxyDroid will help out. It's simple: you choose which traffic applications you need to tunnel, and you specify a proxy (HTTP / HTTPS / SOCKS4 / SOCKS5 are supported). If authorization is required, then ProxyDroid also supports it. By the way, the configuration can be zabindit on a certain wireless network, making different settings for each of them.
Well, but how to ensure the security of your data, which is transmitted in an open wireless network? In addition to VPN, which Android supports out of the box, you can raise the SSH tunnel. To do this, there is a wonderful utility SSH Tunnel, which allows you to wrap through the remote SSH-server traffic of selected applications or the entire system as a whole.
Well-known file manager is now also on smartphones! As in the desktop version, there is a system of plug-ins for connecting to different network directories, as well as a canonical two-pane mode - especially convenient on the tablets.
#6. Remote Access.SNMP MIB Browser
Specially written for Android MIB browser, with which you can manage network devices via SNMP. It can be useful for the development of the attack vector on various routers because the standard community string (in other words, the password for access) for management through SNMP has not been canceled yet.
PocketCloud Remote RDP / VNC
A useful program that allows you to connect to a remote desktop through the services of RDP or VNC. Very pleased that these are two clients in one, there is no need to use different tools for RDP and VNC.
Having access to the remote host, you need to be able to use it. And for this we need customers. Let's start with SSH, where the de facto standard is already ConnectBot. In addition to the user-friendly interface, it provides the ability to organize secure tunnels through SSH connections.
When working with many web applications and analyzing their logic, data that is transmitted in encoded form, namely Base64, is quite common. Encode will help you decode this data and see what is stored in it. Perhaps by substituting a quote, encoding them back into Base64 and substituting in the URL of the site under investigation, you will get a cherished error in executing the query to the database.
If you need a hex editor, then it also exists for Android. With HexEditor you can edit any files, including system files, if you upgrade the program to the superuser. Excellent replacement for the standard text editor, allowing you to easily find the right fragment of text and change it.
You Might Also: Almost full storage space" How to recover that space on your iPhone
#8. WIRELESS NETWORKWifi Analyzer
The built-in manager of wireless networks does not differ in informativeness. If you need to quickly get a complete picture of the nearby access points, the Wifi Analyzer utility is an excellent choice. It not only shows all the access points nearby, but also displays the channel on which they work, their MAC address and, most importantly, the type of encryption used (seeing the cherished letters "WEP", we can assume that access to the secure network is provided ). In addition, the utility is ideal if you need to find where the desired access point is physically located, thanks to a visual signal level indicator.
This utility, as claimed by its developer, can be useful when the wireless network is crowded with clients, and at that moment you need a good connection and a stable connection. WiFiKill allows you to disconnect clients from the Internet either selectively or by a certain criterion (for example, it is possible to postpay over all the apple trees). The program just does ARP spoofing and redirects all clients to themselves. This algorithm is silly just implemented on the basis of iptables. This is the control panel for wireless fast-food networks.
#9. AUDIT OF WEB-APPLICATIONSAnDOSid
Surely you've heard about such a program for disabling web servers, like Slowloris. The principle of its action is to create and hold the maximum number of connections with a remote web server, thus not allowing it to connect to it to new clients. So, AnDOSid - analog Slowloris right in the Android-devaysa! It's sad, but two hundred connections are often enough to provide unstable work for every fourth website on Apache.
Router Brute Force ADS 2
If the site is password-protected with Basic Access Authentication, then its reliability can be checked using the utility Router Brute Force ADS 2. Initially, the utility was created for passwords router passwords, but it is clear that it can be used against any other resource with similar protection. The utility works, but it is obviously damp. For example, the developer does not provide a brute force, and only brute-force dictionary is possible.
HTTP Query Builder
Manipulating HTTP requests from the computer is a trifling matter, for this there are a huge number of utilities and plug-ins for browsers. In the case of a smartphone, everything is a little more complicated. You can use HTTP Query Builder to send a custom HTTP request with the parameters you need, such as the desired cookie or the modified User-Agent. The result of the query will be displayed in a standard browser.
Best Apps Hacking For iPhoneNo less popular among developers of security-utilities is the iOS platform. But if in the case of Android, the rights of root were only needed for some applications, then on jailbreaks, the jailbreak is almost always required. Fortunately, even for the latest firmware iDevaysov (5.1.1) already has a tool for jailbreaking. Together with full access, you still get an alternative application manager Cydia, in which many utilities are already collected.
#1. Password RecoveryA legendary program that helps to "remember" the password to millions of hackers around the world has been ported to iOS. Now, directly from the iPhone, passwords can be sorted into services such as HTTP, FTP, Telnet, SSH, SMB, VNC, SMTP, POP3 and many others. True, for a more effective attack, better stock up on good dictionaries for bruteforce.
Everyone knows this vulnerability, such as the use of standard passwords. PassMule is a kind of reference book, which contains all sorts of standard logins and passwords for network devices. They are conveniently laid out by the names of vendors, products, and models so that finding the right one will not be difficult.
#2. Remote ControliTap mobile RDP / iTap mobile VNC
Two utilities from one manufacturer are designed to connect to a remote desktop using RDP and VNC protocols. Similar utilities in the App Store are many, but these are especially convenient to use.
Many network devices (including expensive routers) are managed via SNMP. This utility allows you to scan subnets for available SNMP services with a previously known community string value (in simple terms, standard passwords). Note that the search for SNMP services with standard community string (public / private) in an attempt to gain access to device management is an integral part of any penetration test along with identifying the perimeter itself and identifying services.
#3. NETWORK SCANNERSNikto
It would seem that everyone forgot about Nikto, but why? After all, this web-based vulnerability scanner, written in a scripting language (namely Perl), you can easily install via Cydia. And this means that you can easily run it on your jailbroken device from the terminal. Nikto is happy to provide you with additional information on the tested web resource. In addition, you can add your own signatures to the search database in your knowledge database.
However, many prefer Fing'u. The scanner has a fairly simple and limited functionality, but it is enough for the first acquaintance with the network, say, cafeteria :). The results show information about available services on remote machines, MAC
addresses, and hostnames connected to the network being scanned.
What program is used by any pentester anywhere in the world, regardless of goals and objectives? Network scanner. And in the case of iOS, it is likely to be the most powerful Scully. Thanks to a set of built-in utilities, you can quickly get a detailed picture of network devices and, for example, open ports. In addition, the package includes network testing utilities, such as ping, traceroute, nslookup.
#4. WORKING WITH THE SYSTEMMobile Terminal
The first thing you want to start with is the terminal installation. For obvious reasons, it does not exist in the standard delivery of the mobile OS, but we will need it to run the console utilities, which we will talk about further. The best implementation of the terminal emulator is MobileTerminal - it supports several terminals, gestures for control (for example, for transmission) and in general it impresses with its thoughtfulness.
Another, more complex option to access the console of the device is to install OpenSSH on it (this is done via Cydia) and locally connect to it via the SSH client. If you use the right client like iSSH, where control from the touch screen is amazingly implemented, then you can work from one place with the local console and remote hosts.
#5. DATA CROSSINGEttercap-NG
It's hard to believe, but this complicated tool for the implementation of MITM-attacks vsetaki ported to iOS. After the colossal work it was possible to make a full-fledged mobile port. To rid yourself of dancing with a tambourine around dependencies during self-compilation, it's better to install an already assembled package using Cydia, having previously added heworm.altervista.org/cydia as the data source. Included is the utility etterlog, which helps to extract from the collected dump traffic of various kinds of useful information (for example, accounts to FTP).
Intercepter-NG (console edition)
The notorious sniffer Intercepter-NG has recently had a console version that works on iOS and Android. It already implemented the grabbing of passwords transmitted through a variety of protocols, interception of messenger messages, and the resurrection of files from traffic. At the same time, network scan functions and high-quality ARP Poison are available. For work, you must first install the libpcap package via Cydia. The entire startup instruction is reduced to setting the correct permissions: chmod + x intercepter_ios. Further, if you run the sniffer without parameters, a clear interactive interface will appear.
Pirni & Pirni Pro
Now that you have access to the console, you can try the utilities. Let's start with Pirni, the first full-fledged sniffer for iOS. Constructively, the limited Wi-Fi module built into iDevices can not be translated into the promiscious mode necessary for normal interception of data. So for sniffing, classic ARP spoofing is used, through which all traffic is passed through the device itself. The standard version of the utility is launched from the console, but there is a more advanced version - Pirni Pro, which boasts a graphical interface. And it knows how to parse HTTP traffic on the fly and even automatically pull out interesting data (for example, logins and passwords) from there using regular expressions that are set in the settings.
#6. ANALYSIS OF WIRELESS NETWORKSWiFi Analyzer
In older versions of iOS, craftsmen started aircrack and could break the WEP-key, but we checked: the new devices do not work. Therefore, for the study of Wi-Fi, we will have to settle for only Wi-Fi scanners. WiFi Analyzer analyzes and displays information about all available 802.11 networks around, including information about SSID, channels, vendors, MAC addresses and encryption types. With such a program, it's easy to find the physical location of a point, if you suddenly forgot it, and, for example, look at the WPS PIN you wrote to connect.
#7. OPERATION OF VULNERABILITYMETASPLOIT
It's hard to imagine a more hacking utility than Metasploit, and it's it that completes our review today. Metasploit is a package of various tools, the main task of which is to exploit vulnerabilities in software. Imagine: about 1000 reliable, proven and necessary in everyday life pentester exploits - right on your smartphone! With the help of such a tool you can really settle in any network. Metasploit allows not only to exploit gaps in server applications - tools for attacks on client applications are also available (for example, through the Browser Autopwn module, when the combat load is inserted into the traffic of clients). There is no mobile version of the toolkit, however, you can install the standard package on the Apple device using the detailed instructions .