home
WiFi
Hacker programs for android jump. Hacker programs for android. Hacker programs for hacking from a smartphone

Hacker programs for android jump. Hacker programs for android. Hacker programs for hacking from a smartphone

: ROOT
Description: The program is equipped with a large arsenal of functions necessary to penetrate the system of various devices.
Functional:
MAC Changer- Changes your MAC address (Does not always work, most often works on Linux)
zTether- Allows you to intercept Coockie, change images, redirect to other sources, intercept images downloaded by the victim, etc. But the special difference is that here the victim will be connected to you, and not to another Wi-Fi router.
Routerpwn.com- Redirects you to the website Routerpwn 1.23.245 (Not advertising), which is intended for standard passwords of many Wi-Fi routers.
Wifi Monitor- Shows all Wi-Fi adapters in your radius with signal strength and channel frequency.
HTTP Server- Allows you to create a kind of local site where you can redirect your victims.
Example:
- Example for zTether is very simple, you create a Wi-Fi point through your phone and every user connected to you automatically becomes your victim.
- Well, in general, you are the same as in DSploit you can intercept Coockie, etc. and users who are connected to another Wi-Fi point, but on the condition that you penetrate it.
- What about access to the system of various devices? The main task zANTI- this is penetration into the control panel, the command console, to be precise. On the home page zANTI You can select a device connected like you to a specific Wi-Fi. Also to the right is the number of open ports through which you can penetrate. This includes FTP, TelNet, SSH, and much more, but to connect to them, you need ConnectBot, which can be downloaded from Play Store. Also via zANTI you can scan your device for popular holes in the system, etc.
Download: Download zANTI 2.5.0

2) ConnectBot
Required for work: Android 1.6+
Description: This application will allow you to manage the device through the command console and execute simple commands like ipconfig, reboot, restart, shutdown. I can’t say that this is a direct hack, since first you need to find an open port on the device with access to SHH or TelNet, and then guess the login and password of the command panel (Login: Admin Password: Admin/0000). But when you get access to the device, you can fool around.
Functional: SSH, TelNet, Local (To control your own command panel)
Example: Connect to some Wi-Fi, then scan for vulnerable ports, and then through ConnectBot enter through an open port. A command prompt opens where you can run standard commands.
Note: You can also connect to the Wi-Fi router itself and reboot it. (Command: reboot)
Download: Empty (Available in Play Store)

3) Secret Codes
Required for work: Android 4.0+
Description: This program will find all the hidden features of your Android device, which will allow you to use the secret functions of some applications.
Functional: Empty
Example: Go to the application Secret Codes, click on the magic wand in the center of the screen, then it scans your device and displays a list of available applications.
Note: It also finds hidden capabilities of the Android firmware itself.
Download: Empty (Available in Play Store)

4) dSploit
Required for work: ROOT, BusyBox, Android 4.0+
Description: This is a whole set of different goodies in one application. There is a Coockie's interceptor and an interceptor for photographs and website transitions. Not a program, but a treasure. The application also scans for vulnerabilities and, if present, can shake device system.
Functional:
Simple Sniff - Steals Coockie's
Password Sniffer - Steals passwords
Session Hijacker - Allows you to view which sites your captured device is visiting
Kill Connection's - Disconnects from the Wi-Fi network
Redirect - Translates to other sites
Replace Image's - Replaces images with the ones you select
Replace Video's - Replaces the video with the one you select
Script Injection - Displays a message when moving from site to site (According to standard)
Custom Filter - Filters websites
Example: Absent
Download: Download dSploit 1.1.3c (BREAKED)

5) WIBR+
Required for work: Nothing
Description: This application, using the downloaded password database, simply brutite password for the Wi-Fi network, when the password is found, it will display it on top of all windows. The network name and password will be indicated there. You can upload your own database or use pre-installed ones.
Example: You go into the application, then click “Add network”, select a Wi-Fi network, check the boxes next to the password databases that you want to select and the program selects the passwords itself.
Download: Download WIBR+ 2.2.0

6) WiFiKill
Required for work: ROOT, Specific CPU (May not work with Intel)
Description: This application can disable any other device connected to the Wi-Fi network, and can also intercept photos and pages that Wi-Fi network users are currently visiting.
Example: You are sitting in a cafe where there is a free Wi-Fi network, for example, you want to download a game, but besides you there are other people in the cafe who are also downloading something, you go into the application and turn off everyone who bothers you. The incoming speed increases and you are happy that your installation speed has increased. Be careful, because if someone notices that you are the only one whose Internet works, they will obviously suspect something...
Download: Download WiFiKill 2.3.2

7) Game Guardian
Required for work: ROOT (Not always), Android 2.3.3+
Description: This program works on the principle of Cheat Engine, it also searches for the number you specify, after which you can change it. The application is used to hack games on your Android.
Example: You go into any game, then turn on GG and click "Search", enter a number, and the program finds it, then just change it to any other. Done, now you can enjoy your millions in any application.
Download: Download Game Guardian 8.10.0

8) Freedom
Required for work: ROOT, S-OFF(For HTC), Android 2.2+
Description: The program blocks the connection between the game server and your device, allowing you to make in-game purchases without spending a penny.
Example: You go to Freedom, select an application from those available in the list, wait a few seconds, then you will be transferred to the application of your choice, and from there you can buy what you want through Google Play.
Download:

Nowadays, many issues can be solved with a few movements of a finger. This is largely achieved by storing a huge amount of personal information on our portable devices, so we should be wary of applications that can be used by attackers to gain access to personal data.

The purpose of this article is not to promote these applications, but to warn about their existence. Many Android users are not aware of them because most of them cannot be found on Google Play, but they can be easily found on the Internet.

Zanti

APK Inspector

APK Inspector allows you to get the source code of absolutely any application, change it and gain access to the full functionality of the application you need. To use it, root user rights are required.

WiFi Kill

This application allows you to disconnect unwanted users from any Wi-Fi network.

Wi-Fi Inspector

Want to know who has joined your network without permission? Wi-Fi Inspector allows you to obtain information about all devices connected to your Wi-Fi network, simultaneously providing you with the IP address, Mac address, device name and manufacturer information.

Shark For Root

Shark For Root is used for network monitoring and dump opening. The application is based on tcpdump.

DroidSheep

An excellent application for those who have just discovered the amazing world of personal data hacking. DroidSheep allows you to intercept social network sessions using a regular smartphone. But be careful, because your session can also be intercepted.

Hackcode

An application needed by testers, system administrators and computer security professionals to perform various tasks: reconnaissance, scanning executable files and other tasks.

DroidBox

DroidBox is capable of performing dynamic analysis of Android applications. The application provides the following information:

  • information leakage through the network, files or SMS;
  • permission bypass;
  • cryptographic operations performed via Android API;
  • SMS sent and calls made.

Good day everyone, I am with you again, Survivor, and I continue to review various programs based on the Android system. Recently, several new programs have appeared that I would like to write about. Some of the above programs existed before, but are also worthy of your attention.

1) zANTI
Required for work : ROOT
Description : The program is equipped with a large arsenal of functions necessary to penetrate the system of various devices.
Functional :
MAC Changer- Changes your MAC address (Does not always work, most often works on Linux)
zTether- Allows you to intercept Coockie, change images, redirect to other sources, intercept images downloaded by the victim, etc. But the special difference is that here the victim will be connected to you, and not to another Wi-Fi router.
Routerpwn.com- Redirects you to the site

(Not an advertisement), which is intended for the standard passwords of many Wi-Fi routers.
Wifi Monitor- Shows all Wi-Fi adapters in your radius with signal strength and channel frequency.
HTTP Server- Allows you to create a kind of local site where you can redirect your victims.
Example :
- Example for zTether is very simple, you create a Wi-Fi point through your phone and every user connected to you automatically becomes your victim.
- Well, in general, you are the same as in DSploit you can intercept Coockie, etc. and users who are connected to another Wi-Fi point, but on the condition that you penetrate it.
- What about access to the system of various devices? The main task zANTI- this is penetration into the control panel, the command console, to be precise. On the home page zANTI You can select a device connected like you to a specific Wi-Fi. Also to the right is the number of open ports through which you can penetrate. This includes FTP, TelNet, SSH, and much more, but to connect to them, you need ConnectBot, which can be downloaded from Play Store. Also via zANTI you can scan your device for popular holes in the system, etc.
Download :

You must be registered to see links.

2) ConnectBot
Required for work : Android 1.6+
Description : This application will allow you to manage the device through the command console and execute simple commands like ipconfig, reboot, restart, shutdown. I can’t say that this is a direct hack, since first you need to find an open port on the device with access to SHH or TelNet, and then guess the login and password of the command panel (Login: Admin Password: Admin/0000). But when you get access to the device, you can fool around.
Functional : SSH, TelNet, Local (To control your own command panel)
Example : Connect to some Wi-Fi, then scan for vulnerable ports, and then through ConnectBot enter through an open port. A command prompt opens where you can run standard commands.
Attachment: You can also connect to the Wi-Fi router itself and reboot it. (Command: reboot)
Download : Empty (Available in Play Store)

3) Secret Codes
Required for work : Android 4.0+
Description : This program will find all the hidden features of your Android device, which will allow you to use the secret functions of some applications.
Functional : Empty
Example : Go to the application Secret Codes, click on the magic wand in the center of the screen, then it scans your device and displays a list of available applications.
Attachment: It also finds hidden capabilities of the Android firmware itself.
Download : Empty (Available in Play Store)

4) dSploit
Required for work: ROOT, BusyBox, Android 4.0+
Description: This is a whole set of different goodies in one application. There is a Coockie's interceptor and an interceptor for photographs and website transitions. Not a program, but a treasure. The application also scans for vulnerabilities and, if present, can shake device system.
Functional:
Simple Sniff - Steals Coockie's
Password Sniffer - Steals passwords
Session Hijacker - Allows you to view which sites your captured device is visiting
Kill Connection's - Disconnects from the Wi-Fi network
Redirect - Translates to other sites
Replace Image's - Replaces images with the ones you select
Replace Video's - Replaces the video with the one you select
Script Injection - Displays a message when moving from site to site (According to standard)
Custom Filter - Filters websites
Example: Absent
Download:

You must be registered to see links.

5) WIBR+
Required for work: Nothing
Description: This application, using the downloaded password database, simply brutite password for the Wi-Fi network, when the password is found, it will display it on top of all windows. The network name and password will be indicated there. You can upload your own database or use pre-installed ones.
Example: You go into the application, then click “Add network”, select a Wi-Fi network, check the boxes next to the password databases that you want to select and the program selects the passwords itself.
Download:

You must be registered to see links.

6) WiFiKill
Required for work: ROOT, Specific CPU (May not work with Intel)
Description: This application can disable any other device connected to the Wi-Fi network, and can also intercept photos and pages that Wi-Fi network users are currently visiting.
Example: You are sitting in a cafe where there is a free Wi-Fi network, for example, you want to download a game, but besides you there are other people in the cafe who are also downloading something, you go into the application and turn off everyone who bothers you. The incoming speed increases and you are happy that your installation speed has increased. Be careful, because if someone notices that you are the only one whose Internet works, they will obviously suspect something...
Download:

You must be registered to see links.

7) Game Guardian
Required for work: ROOT (Not always), Android 2.3.3+
Description: This program works on the principle of Cheat Engine, it also searches for the number you specify, after which you can change it. The application is used to hack games on your Android.
Example: You go into any game, then turn on GG and click "Search", enter a number, and the program finds it, then just change it to any other. Done, now you can enjoy your millions in any application.
Download:

You must be registered to see links.

8) Freedom
Required for work: ROOT, S-OFF(For HTC), Android 2.2+
Description: The program blocks the connection between the game server and your device, allowing you to make in-game purchases without spending a penny.
Example: You go to Freedom, select an application from those available in the list, wait a few seconds, then you will be transferred to the application of your choice, and from there you can buy what you want through Google Play.
Download:

You must be registered to see links.

Hello readers.
I’ll add to the topic of Android software, because I have something to recommend to you.
Some require root access, some don't. All this information can be found on the wonderful forum that you all know - 4pda.
So, without much preamble, I’ll get straight to the software.

ARP Guard.
A program designed primarily to protect and identify those who fuck online. That is, those who use, for example, WiFiKill. There are several operating modes, some require root access.

Network Utilities.
Huge functionality for testing the same Wi-Fi network. Similar to cSploit, I would even say that it is not inferior in capabilities. cSploit has features that this utility does not have, but the utility also has many features that cSploit does not have.
The hacker toolkit can only be unlocked through a special Easter egg. To use it, install the program, open the settings and quickly tap on the “Settings” inscription 20 times until the “Success” pop-up notification appears. After the notification appears, you need to restart the program. By the way, repeated 20 clicks deactivate the hidden functionality.
Available functionality:

  • IP Discover,
  • subnet scanner,
  • Ping,
  • Traceroute,
  • port scanner,
  • Telnet,
  • Sniffer,
  • Packet crafter,
  • DNS lookup
  • whois
  • IP calculator.
Hidden functionality (hackpack):
  • ARP spoofer,
  • DNS spoiler
  • HTTP sniffer
  • network spoofer,
  • Browser with Cookie Manager.
Functionality available without root:
  • IP Discover,
  • subnet scanner,
  • Ping,
  • Traceroute,
  • Netstat (socket status monitoring),
  • port scanner,
  • DNS lookup
  • Telnet,
  • whois
  • IP calculator.
sqlmapchik.
SQL injection on Android. Is a port of sqlmap from Kali Linux. More automated. By the way, for those interested, on this forum I wrote an article on how to use sqlmap on Kali Linux:
To view the link, Login or Register

DroidSQLi.
I don’t know why, but just in case, keep another piece of software that helps you attack the site using SQL injection. The principle is the same.

Secret Codes.
A very popular software that opens access to secret features of Android programs - hidden settings, undisclosed features, etc. You can also use it to steal information from VK accounts. By opening the secret settings on someone else’s phone, you will be taken to the hidden settings of the VK client, where you can copy the database, where all the information about the account is, including correspondence.

Show Java - a Java Decompiler.
Convenient reverse engineering on Android. For those who are not aware of what reverse engineering is, I will briefly explain - it is reverse engineering, decompilation of an application, which will help you look at the source code.

Wifi Analyzer.
Analyzes nearby Wi-Fi access points.
Possibilities:

  • Shows graphs based on signal level ratio,
  • Shows the number of channels for each network, Ad Hoc properties, encryption,
  • Ranks channels by rank,
  • Shows network information after connection (IP, Gateway, DNS, ServerIP, Link Speed, Hidden SSID, Local Mac).
You can also find the location of the router using the signal.

Netmonitor.
We monitor the GSM mobile operator network. You can look at information about base stations, including neighboring ones.
Possibilities:

  • CID (Cell ID),
  • LAC (Location Area Code),
  • mobile operator code,
  • signal level,
  • network type.
Base stations can be displayed on the map. You ask: "Why?" - I will answer you. The fact is that intercepting information transmitted via GSM is as easy as shelling pears. It's just like the principle of attack, the place is very vulnerable. The phone uses the station that is closest to it and has the best signal among its neighbors. It doesn’t matter what kind of station it is, it could be an attacker, but your phone will connect to it. This is how intelligence agencies can intercept cellular traffic. Therefore, I advise you to take a closer look at non-stationary stations.

Thank you for your attention to those who read. Everything is in the public domain, some are even on Google Play.
Good luck using the software.

“A smartphone with hacking tools? There is no such thing,” we would have told you just recently. It was possible to launch some of the usual tools for implementing attacks only on some Maemo. Now, many familiar tools have been ported to iOS and Android, and some hack-tools have been specially written for the mobile environment. Can a smartphone replace a laptop in penetration tests? We decided to check it out.

ANDROID

Android is a popular platform not only for mere mortals, but also for the right people. The number of useful ][-utilities here is simply off the charts. For this we can thank the UNIX roots of the system - this has greatly simplified the porting of many tools to Android. Unfortunately, Google does not allow some of them into the Play Store, so you will have to install the corresponding APK manually. Also, some utilities require maximum access to the system (for example, the iptables firewall), so you should take care of root access in advance. Each manufacturer uses its own technology here, but finding the necessary instructions is quite easy. A good set of HOWTOs was put together by the LifeHacker resource (bit.ly/eWgDlu). However, if you couldn’t find a particular model here, the XDA-Developers forum (www.xda-developers.com) always comes to the rescue, where you can find various information on virtually any model of Android phone. One way or another, some of the utilities described below will work without root access.

Let's start the review with an unusual package manager. The developers call it “utilities for superusers,” and this is not far from the truth. After installing BotBrew, you get a repository from where you can download a huge number of familiar tools compiled for Android. Among them: Python and Ruby interpreters for running numerous tools that are written in them, a tcpdump sniffer and an Nmap scanner for network analysis, Git and Subversion for working with version control systems, and much more.

Network scanners

An inconspicuous smartphone, which, unlike a laptop, fits easily into a pocket and never raises suspicion, can be useful for network exploration. We have already said above how you can install Nmap, but there is another option. PIPS is a port of the Nmap scanner specifically adapted for Android, albeit an unofficial one. This means you can quickly find active devices on the network, determine their OS using fingerprinting options, perform a port scan - in short, do everything that Nmap is capable of.

There are two problems with using Nmap, despite all its power. Firstly, the parameters for scanning are transmitted through launch keys, which you must not only know, but also be able to enter using an inconvenient mobile keyboard. And secondly, the scanning results in the console output are not as clear as we would like. The Fing scanner does not have these shortcomings; it very quickly scans the network, does fingerprinting, and then displays in a clear form a list of all available devices, dividing them by type (router, desktop, iPhone, and so on). At the same time, for each host you can quickly view a list of open ports. Moreover, right from here you can connect, say, to FTP, using the FTP client installed in the system - very convenient.

When it comes to analyzing a specific host, the NetAudit utility can be indispensable. It works on any Android device (even non-rooted) and allows you not only to quickly identify devices on the network, but also to examine them using a large fingerprinting database to determine the operating system, as well as CMS systems used on the web server. There are now more than 3,000 digital fingerprints in the database.

If, on the contrary, you need to work at a lower level and carefully examine the operation of the network, then you cannot do without Net Tools. This is an indispensable set of utilities for the work of a system administrator, which allows you to fully diagnose the operation of the network to which the device is connected. The package contains more than 15 different types of programs, such as ping, traceroute, arp, dns, netstat, route.

Traffic manipulation

The tcpdump-based sniffer honestly logs all data into a pcap file, which can then be studied using familiar utilities like Wireshark or Network Miner. Since no capabilities for MITM attacks are implemented in it, it is rather a tool for analyzing your traffic. For example, this is a great way to study what programs installed on your device from dubious repositories convey.

If we talk about combat applications for Android, then one of the most sensational is FaceNiff, which implements interception and injection into intercepted web sessions. By downloading the APK package with the program, you can run this hack tool on almost any Android smartphone and, by connecting to a wireless network, intercept accounts of a variety of services: Facebook, Twitter, VKontakte, and so on - more than ten in total. Session hijacking is carried out using the ARP spoofing attack, but the attack is only possible on unprotected connections (FaceNiff is not able to wedge into SSL traffic). To curb the flow of scriptdis, the author limited the maximum number of sessions to three - then you need to contact the developer for a special activation code.

If the creator of FaceNiff wants money for using it, then DroidSheep is a completely free tool with the same functionality. True, you won’t find the distribution kit on the official website (this is due to Germany’s harsh laws regarding security utilities), but it can be found on the Internet without any problems. The main task of the utility is to intercept user web sessions of popular social networks, implemented using the same ARP Spoofing. But there’s a problem with secure connections: like FaceNiff, DroidSheep flatly refuses to work with the HTTPS protocol.

This utility also demonstrates the insecurity of open wireless networks, but on a slightly different level. It does not intercept user sessions, but allows HTTP traffic to pass through itself using a spoofing attack, performing specified manipulations with it. Starting from ordinary pranks (replacing all the pictures on the site with trollfaces, flipping all the images or, say, replacing Google results) and ending with phishing attacks, when the user is given fake pages of such popular services as facebook.com, linkedin.com, vkontakte.ru and many others.

If you ask which hack utility for Android is the most powerful, then Anti probably has no competitors. This is a real hacker combine. The main task of the program is to scan the network perimeter. Next, various modules enter the battle, with the help of which a whole arsenal is implemented: eavesdropping on traffic, carrying out MITM attacks, and exploiting found vulnerabilities. True, there are also disadvantages. The first thing that catches your eye is that the exploitation of vulnerabilities is carried out only from the central program server, which is located on the Internet, as a result of which targets that do not have an external IP address can be forgotten.

Traffic tunneling

The well-known file manager is now on smartphones! As in the desktop version, there is a system of plugins for connecting to various network directories, as well as a canonical two-panel mode - especially convenient on tablets.

Okay, but how can you ensure the security of your data that is transmitted over an open wireless network? In addition to VPN, which Android supports out of the box, you can create an SSH tunnel. For this purpose, there is a wonderful SSH Tunnel utility, which allows you to route the traffic of selected applications or the entire system as a whole through a remote SSH server.

It is often necessary to send traffic through a proxy or SOX, and in this case ProxyDroid will help out. It's simple: you choose which application traffic you want to tunnel, and specify a proxy (HTTP/HTTPS/SOCKS4/SOCKS5 are supported). If authorization is required, ProxyDroid also supports this. By the way, the configuration can be linked to a specific wireless network by making different settings for each of them.

Wireless network

The built-in wireless network manager is not very informative. If you need to quickly get a complete picture of nearby access points, then the Wifi Analyzer utility is an excellent choice. It will not only show all nearby access points, but will also display the channel on which they operate, their MAC address and, most importantly, the type of encryption used (having seen the coveted letters “WEP”, we can assume that access to the secure network is provided ). In addition, the utility is ideal if you need to find where the desired access point is physically located, thanks to a visual signal strength indicator.

This utility, as its developer states, can be useful when the wireless network is filled to capacity with clients who use the entire channel, and it is at this moment that a good connection and stable connection is needed. WiFiKill allows you to disconnect clients from the Internet either selectively or based on a specific criterion (for example, it is possible to make fun of all the Yabloko members). The program simply performs an ARP spoofing attack and redirects all clients to themselves. This algorithm is stupidly simply implemented on the basis of iptables. This is the control panel for fast food wireless networks :).

Web application audit

Manipulating HTTP requests from a computer is a piece of cake; there are a huge number of utilities and browser plugins for this. In the case of a smartphone, everything is a little more complicated. HTTP Query Builder will help you send a custom HTTP request with the parameters you need, for example, the desired cookie or a changed User-Agent. The result of the request will be displayed in a standard browser.

If the site is password protected using Basic Access Authentication, then you can check its reliability using the Router Brute Force ADS 2 utility. Initially, the utility was created to brute force passwords on the router admin panel, but it is clear that it can be used against any other resource with similar protection . The utility works, but is clearly crude. For example, the developer does not provide for brute force, but only brute force using a dictionary.

Surely you have heard about such a sensational program for disabling web servers as Slowloris. The principle of its operation is to create and hold the maximum number of connections with a remote web server, thus preventing new clients from connecting to it. So, AnDOSid is an analogue of Slowloris right in your Android device! I'll tell you a secret, two hundred connections are enough to ensure unstable operation of every fourth website running the Apache web server. And all this - from your phone!

Various utilities

When working with many web applications and analyzing their logic, it is quite common to encounter data transmitted in encoded form, namely Base64. Encode will help you decode this data and see what exactly is stored in it. Perhaps, by substituting quotes, encoding them back into Base64 and substituting them in the URL of the site you are researching, you will get the coveted database query error.

If you need a hexadecimal editor, then there is one for Android too. With HexEditor you can edit any files, including system files, if you elevate the program's rights to superuser. An excellent replacement for a standard text editor, allowing you to easily find the desired piece of text and change it.

Remote access

Once you have access to a remote host, you need to be able to use it. And for this we need clients. Let's start with SSH, where ConnectBot is already the de facto standard. In addition to a convenient interface, it provides the ability to organize secure tunnels via SSH connections.

A useful program that allows you to connect to a remote desktop via RDP or VNC services. I’m very glad that these are two clients in one; there is no need to use different tools for RDP and VNC.

A MIB browser specially written for Android, with which you can manage network devices using the SNMP protocol. It can be useful for developing an attack vector on various routers, because the standard community string (in other words, an access password) for management via SNMP has not yet been canceled.

iOS

The iOS platform is no less popular among security utility developers. But if in the case of Android, root rights were needed only for some applications, then on Apple devices, jailbreaking is almost always required. Fortunately, even for the latest iDevices firmware (5.1.1) there is already a jailbreak tool. Along with full access, you also get an alternative application manager, Cydia, which already contains many utilities.

Working with the system

The first thing I want to start with is installing the terminal. For obvious reasons, it is not included in the standard delivery of the mobile OS, but we will need it to run console utilities, which we will discuss further. The best implementation of a terminal emulator is MobileTerminal - it supports multiple terminals, control gestures (for example, for sending Control-C) and is generally impressive in its thoughtfulness.

Another, more complex option to gain access to the device's console is to install OpenSSH on it (this is done through Cydia) and connect to it locally through an SSH client. If you use the right client like iSSH, which has amazing touch screen control, then this method is even more convenient than using MobileTerminal.

Data interception

Now that you have access to the console, you can try the utilities. Let's start with Pirni, which went down in history as a full-fledged sniffer for iOS. Unfortunately, the structurally limited Wi-Fi module built into the device cannot be switched to the promiscuous mode necessary for normal data interception. So to intercept data, classic ARP spoofing is used, with the help of which all traffic is passed through the device itself. The standard version of the utility is launched from the console, where, in addition to the MITM attack parameters, the name of the PCAP file is specified, into which all traffic is logged. The utility has a more advanced version - Pirni Pro, which boasts a graphical interface. Moreover, it can parse HTTP traffic on the fly and even automatically extract interesting data from it (for example, logins and passwords), using regular expressions that are specified in the settings.

The well-known sniffer Intercepter-NG, which we have written about several times, has recently had a console version. As the author says, most of the code is written in pure ANSI C, which behaves the same in almost any environment, so the console version worked from the very beginning both on desktop Windows, Linux and BSD, and on mobile platforms, including iOS and Android . The console version already implements grabbing passwords transmitted over a variety of protocols, intercepting instant messenger messages (ICQ/Jabber and many others), as well as recovering files from traffic (HTTP/FTP/IMAP/POP3/SMTP/SMB). At the same time, network scanning functions and high-quality ARP Poison are available. For correct operation, you must first install the libpcap package via Cydia (don’t forget to enable development packages in the settings). All startup instructions boil down to setting the correct rights: chmod +x intercepter_ios. Next, if you run the sniffer without parameters, a clear interactive Itercepter interface will appear, allowing you to launch any attacks.

It’s hard to believe, but this sophisticated tool for implementing MITM attacks was finally ported to iOS. After a tremendous amount of work, we managed to make a full-fledged mobile port. To save yourself from dancing with a tambourine around dependencies during self-compilation, it is better to install an already built package using Cydia, after adding theworm.altervista.org/cydia (TWRepo repository) as a data source. The kit also includes the etterlog utility, which helps to extract various types of useful information from the collected traffic dump (for example, FTP access accounts).

Wireless network analysis

In older versions of iOS, craftsmen ran aircrack and could break the WEP key, but we checked: the program does not work on new devices. Therefore, to study Wi-Fi, we will have to be content with only Wi-Fi scanners. WiFi Analyzer analyzes and displays information about all available 802.11 networks around you, including information about SSID, channels, vendors, MAC addresses and encryption types. The utility builds visual graphs in real time based on the data present on the air. With such a program it is easy to find the physical location of the point if you suddenly forget it, and, for example, look at the WPS PIN, which can be useful for connecting.

Network scanners

What program does any penetration tester use anywhere in the world, regardless of goals and objectives? Network scanner. And in the case of iOS, this will most likely be the most powerful Scany toolkit. Thanks to a set of built-in utilities, you can quickly get a detailed picture of network devices and, for example, open ports. In addition, the package includes network testing utilities such as ping, traceroute, nslookup.

However, many people prefer Fing. The scanner has quite simple and limited functionality, but it is quite enough for the first acquaintance with the network of, say, a cafeteria :). The results display information about available services on remote machines, MAC addresses and host names connected to the scanned network.

It would seem that everyone has forgotten about Nikto, but why? After all, you can easily install this web vulnerability scanner, written in a script language (namely Perl), via Cydia. This means that you can easily launch it on your jailbroken device from the terminal. Nikto will be happy to provide you with additional information on the tested web resource. In addition, you can add your own search signatures to its knowledge database with your own hands.

This powerful tool for automatically exploiting SQL vulnerabilities is written in Python, which means that once you install the interpreter, you can easily use it directly from your mobile device.

Remote control

Many network devices (including expensive routers) are managed using the SNMP protocol. This utility allows you to scan subnets for available SNMP services with pre-known community string values ​​(in other words, standard passwords). Note that searching for SNMP services with standard community strings (public/private) in an attempt to gain access to device management is an integral part of any penetration test, along with identifying the perimeter itself and identifying services.

Two utilities from the same manufacturer are designed to connect to a remote desktop using the RDP and VNC protocols. There are many similar utilities in the App Store, but these are the ones that are especially easy to use.

Password recovery

The legendary program that helps millions of hackers around the world “remember” their password has been ported to iOS. Now you can search passwords for services such as HTTP, FTP, TELNET, SSH, SMB, VNC, SMTP, POP3 and many others directly from your iPhone. True, for a more effective attack, it is better to stock up on good brute force dictionaries.

Everyone knows firsthand the vulnerability of using standard passwords. Pass Mule is a kind of directory that contains all kinds of standard logins and passwords for network devices. They are conveniently organized by vendor name, product, and model, so finding the one you need won't be difficult. The program is rather designed to save time on searching for a manual for the router, the standard login and password for which you need to find out.

Exploiting vulnerabilities

It’s hard to imagine a more hacking utility than Metasploit, and that’s what concludes our review today. Metasploit is a package of various tools whose main task is to exploit vulnerabilities in software. Imagine: about 1000 reliable, proven and necessary exploits in the daily life of a pentester - right on your smartphone! With the help of such a tool you can really establish yourself in any network. Metasploit not only allows you to exploit flaws in server applications - tools are also available to attack client applications (for example, through the Browser Autopwn module, when a combat payload is inserted into client traffic). Here it must be said that there is no mobile version of the toolkit, however, you can install a standard package on an Apple device using .

WiFi

You may also like