A penstress or on simple penetration tests is a legal way to deal with a real burglary, and even getting money for it. Advanced security audit is usually performed on a laptop with and specific equipment, but many security bars are easy to detect and using a conventional smartphone and tablet. In this article, we will look at 14 hacker applications that will allow you to perform a pensture using Android, without pulling out a laptop.
The article is written in research purposes. All information is familiarized. Neither the author of the article nor the administration is responsible for the unlawful use of the programs mentioned in the article.
Hacker programs for hacking from a smartphone
All hacker applications for android are divided into several groups:
- Web resources scanners - hacker utilities to search for vulnerabilities.
- Combines - allow you to search for vulnerabilities (and exploits for them) both in the software and in the hardware. Perform Sniffination, MITM attacks, etc.
- Sniffiers are hacker applications for intercepting and analyzing traffic.
- Auxiliary utilities - Tools helping in a penny.
- Directories and search engines - applications that perform auxiliary functions.
Scanners Web Resources for Android
Let's start an overview of the programs for hacking a smartphone from the most important thing, namely from web application scanners. Here we have three applications that will allow you to find open admins, sting the password, test the site on XSS vulnerability, the possibility of SQL injections, make up the listings of directories and much more.
Mobile web application vulnerability scanners Lite is looking for typical errors in the configuration of the specified web server and tries to get the listing of directories (usually - successfully). Among the additional tools there is a haze generator and AES decrypter.
The application has simple and understandable settings. Supports HTTPS and checks the correctness of TLS. Able to search for XSS, brow CGI and perform in the dictionary. Can work in the background and in multi-threaded mode. Contains the Google Hacks database and automatically determines known vulnerabilities.
Kayra's report and screen about
For each item marked in the scan settings, a detailed report is created. On the screenshot only its small part is visible. The free version is quite functional, but sometimes annoying advertising. There are no advertising and restrictions in the paid version, its cost at the time of writing the article is 159 rubles.
- Tested version: 1.4.0
- Size: 4.7 MB
- Android version: 4.1 and above
- ROOT required: No
The next hacker program for Android is Droidsqli. The DROIDSQLI application is used to check websites for a vulnerability to SQL injections of four types:
- Normal SQL Injection is a classic option with the transmission of the Union All Select parameter;
- ERROR BASED SQL INJECTION - Use in queries knowingly incorrect syntax to obtain an error message revealing additional database parameters;
- Blind SQL Injection - a series of querys with True / False response analysis from a DBMS that allows you to restore the database structure;
Time Based SQL Injection - the formation of additional queries causing the suspension of the DBMS at a certain time, which makes it possible to increase data extraction.
Demonstration of Error Based SQL-Injection
The DroidSQLI utility automatically selects the injection method, and also uses query filtering techniques.
To start the site testing, you must manually find the entry point. Is it usually a webpage address containing a view request? Id \u003d x or? P \u003d x, where x is an integer positive number. In our example, the dyiload for the id parameter looks like this:
id \u003d (Select Count (*), Concat (0x71626b6a71, (select (ELT (4777 \u003d 4777, 1))), 0x7170767871, Floor (Rand (0) * 2)) x from information_schema. Plugins Group by x) a) |
The network has a lot of sites vulnerable to SQL injections. I think you can easily find some such, just looking at the history of your browser.
- Tested version: 1.1
- Size: 705 KB
- Android version: 4.2 and above
- ROOT required: No
The following tool for hacking from smartphones is the DroidBug Admin Panel Finder Free utility. The application is looking for admin panels in default addresses of different CMS. The result of its work does not always correspond to the real position of things, since the IDS and WAF are standing on popular web servers. They block the bust of the URL or redirect it to Honeypot (trap), which meets HTTP 200 OK to all requests, and collects the info itself on the attacking.
However, in less popular sites with safety, everything is very sad, and the valid admin panel is in seconds. In a paid version, worth 139 rubles, removed advertising and unlocked the ability to escape the mixed template for PHP / ASP / CGI / CFM / JS support sites.
Search for Admins on the site
- Tested version: 1.4
- Size: 6.3 MB
- Android version: 2.1 and above
- ROOT required: No
Combines for hacking from a smartphone
The Internet consists not only of web applications, and the holes find not only in them. The next selection of hacker applications for Android will allow you to look for vulnerabilities (and exploits for them) in software and hardware, perform sniffing, mitm attacks, leave and do a lot of other interesting things.
cSPloit is a Dean of the most functional tools for scanning networks and search for vulnerabilities on found hosts. Maps network card and displays information about all devices found in it. Able to determine their IP / Mac and Vendor (according to the first three MAC addresses), to determine the OS installed on them, search for vulnerabilities using MetaSploit Framework RPCD and brutfort passwords.
Search for clients and MITM attack
Performs MITM attacks of different types through the DNS spoofing (it is possible to replace media files in traffic on the fly, JS injections, hijacking sessions and capture cookie for authorization without password entry). Also knows how to disconnect individual devices (or disconnect them with a scope from the access point). Intercepts traffic and saves it in format.pcap or redirects where you wish.
cSPLOIT contains a tool for creating and sending to the selected host any TCP / UDP package. The link redirects to the online service to select and operate vulnerabilities under a certain model. The base has ceased to be updated in 2015, but still retains relevance. In my brief test on the ASUS router, which is produced since the end of 2016, in the fresh firmware (April 2018) a vulnerability was discovered first described in 2009.
Open ports and selection of exploits for the chosen target
Additionally, the CSPLOIT helps to create a hostele remote and get complete control over the past past past. In general, it is a unambiguous Must Have for Pentesters, and not only for them.
- Tested version: 1.6.6 RC2
- Size: 3.5 MB
- Test assemblies CSPLOIT NIGHTLY available
- Android version: 2.3 and above
- Requires Ruth: Yes!
- in System / Bin
cSPLOIT, INTERCEPTER-NG and other powerful utilities deserve more detailed consideration in individual articles. We propose first to get used to the basic principles of pentest on the example of simple applications, and then go to hardcore.
Fork Csploit from Simone Margaritelli, who ordered to live for a long time in 2014. The project remained in the beta stage with a very raw code. If the CSpoit worked for me without complaints, the last three versions of the DSPloit dropped with an error almost immediately after launch.
The same Csploit, side view
Since Margaritaleli got a job in Zimperium, DSPloit's work was included in the Zanti branded utility.
Scanning Wireless Network and Host Detection
- Tested (not quite successful) Version: 1.1.3c
- Size: 11.4 MB
- Android version: 2.3 and above
- ROOT required: Yes!
- Additional requirements: Install BusyBox in / System / Bin, show a tendency to masochism
zanti.
Mobile application for penzes from Zimperium. More modern, stable and visual analog of DSPLOIT.
The Zanti interface is divided into two parts: scanning and mitm. In the first section, he, like the DSPLOIT and the original CSPLOIT, mapits the network, defines all hosts, their parameters and vulnerability.
Nmaps network
A separate function is the definition of vulnerabilities on the smartphone itself. According to the program report, our test Nexus 5 contains 263 holes that will not be closed because the life of the device has expired.
Detection of vulnerabilities
zanti helps to hack routers and receive full access to them (with the ability to change the admin password, set another SSID, PSK, and so on). Using MITM attacks, Zanti reveals unsafe elements on three levels: in OS, applications and device settings.
Key feature - generating a detailed report on all scanned elements. The report contains explanations and tips to eliminate the found flaws.
Zanti report
- Tested version: 3.18
- Size: 24 MB
- Android version: 2.3 and above
- Requires Ruth: Yes!
- Notes: Zanti does not work on devices with architecture processors x86 and x86_64
Sniffiers to intercept traffic on Android
No pen prestater do without good. This is the same ordinary tool like a knife on the cook table. Therefore, the following section of the article is devoted to applications for intercepting and analyzing traffic.
- This is an advanced sniffer focused on making MITM attacks. Captures traffic and analyzes it on the fly, automatically defining authorization data in it. Can save the intercepted traffic in format.pcap and analyze it later.
Among the automatically defined data formats, there are passwords and hashies for the following protocols: AIM, BNC, CVS, DC ++, FTP, HTTP, ICQ, IMAP, IRC, KRB5, LDAP, MRA, MYSQL, NTLM, Oracle, Pop3, Radius, SMTP, SOCKS , Telnet, VNC.
Scan and Arp Spoofing
Intercepter-NG collects files transmitted via FTP, IMAP, POP3, SMB, SMTP and HTTP. CSPLOIT and analogs from intercepted packets and analogs, intercepter-NG uses ARP spoofing to execute MITM. It supports SSLStrip, which allows you to perform MITM attacks even with HTTPS traffic, replacing the HTTPS requests of the attacked hosts of their HTTP options through the built-in DNS proxy.
In addition, he knows how to determine the ARP spoofing in relation to itself (useful when connecting to public hotspots) and protect against it. When you click the icon in the form of an umbrella, ARP cache is checked.
- Tested version: 2.1 (Console - 0.8)
- Size: 5.2 MB
- Android version: 2.3 and above
- Requires Ruth: Yes!
- Additional requirements: Install BusyBox in / System / Bin
A simpler and "legal" TCP / UDP packet analyzer with the ability to intercept https sessions via MITM. Does not require, because it uses the process of proxing traffic through android through and the SSL certificate substitution.
In Android 6.0.1 and more recent versions you need to manually add a CA certificate through the application settings.
Traffic capture
Packet Capture works locally. He does not perform ARP spoofing, hijacking sessions and other attacks on external hosts. The application is positioned as for debugging and downloaded from the official market. Able to decode packages as text / hex / urlencoded, but does not yet support compressed (GZIP) HTTP requests.
With Packet Capture, it is convenient to control the network activity of installed applications. It shows not just the amount of traffic transmitted, and what exactly and where each program or the built-in Android component sends, which packages and from which servers receives in response. Excellent utility for the search for Trojan bookmarks and annoying advertising.
- Tested version: 1.4.7
- Size: 4.5 MB
- Android version: 2.3 and above
- ROOT required: No
Auxiliary hacker utilities for Android
If advanced feedback utilities require root and busybox, then applications are simply available in the Play Store and work on any smartphone without tricks. ARP spoofing and MITM attacks do not fulfill, but to scan the wireless network, the detection of hosts and explicit safety problems is enough.
This program scans the ether in search of access points with the WPS function. I find such, she tries to try on them default pins. They are a bit, and they are known from the manuals of routers manufacturers.
If the user has not changed the default PIN and did not turn off the WPS, then the utility is most in five minutes it moves all the known values \u200b\u200band gets WPA (2) -PSK, no matter how long and complex it is. The password from the wireless network is displayed on the screen and is automatically saved in the Wi-Fi smartphone settings.
WPPS hotspot detection
Since the release of that article WPSAPP has been updated and has become better in all respects. She knows more Pins of various vendors, quickly goes through them and learned to brutfort in new modes. The utility works both on the rutted smartphones and without root rights. She has many analogues, but they are all less effective.
- Tested version: 1.6.20
- Size: 3.0 MB
- Android version: 4.1. It works much better on Android 5.1 and newer
- ROOT required: preferably, but not necessarily
Support and free Wi-Fi-Network Scanners. A very convenient utility for detecting access points (including hidden), clarifying their parameters (Mac, vendor, channel, encryption type), signal power estimates and distance to them. The distance from the router is calculated by the formula for direct visibility, so it is not always indicated quite accurately.
Display of hidden networks and evaluation of channel noise
Wifianalyzer allows you to visually see the situation on the air, filter out targets by signal level, SSID used by the frequency (2.4 / 5 GHz) and the type of encryption. You can also manually determine the least roaming channel by the schedules of two types: the usual and temporary accumulation.
In short, WiFianalyzer is what is worth starting exploration in wireless networks. The search for targets with certain parameters will save a bunch of time with further operation with advanced utilities.
- Tested version: 1.8.11
- Size: 1.6 MB
- Android version: 4.1 and above
- ROOT required: No
Fing.
Often, the functionality of hacker utilities intersects with the possibilities of completely legal tools that system administrators use for setup networks.
Fing is one of these tools. It quickly scans the Wi-Fi network to which you managed to connect (for example, using WPSApp), and defines all hosts. It can be in demand to check your own wireless network for NSDs, but agree, to explore unfamiliar networks much more interesting.
Defining ports and services on selected hosts
Fing performs advanced analysis of NetBiOS, UPNP and Bonjour names, therefore it determines the types of devices and shows more of their properties. Fing integrated Ping and Tracerout utilities. He also knows how to send Wol (Wake On LAN) requests, remover of "sleeping" devices that support this function.
Fing automatically defines open ports and services associated with them. When SMB, SSH, FTP and other Fing is detected, offers to connect to them, causing external programs from your menu for this. If the corresponding utility (for example, AndSMB) is not installed, the fing opens a link to load it.
Additional features of the program are open after registering the Fing account. You can perform the inventory of devices and networks. Even more functions opens after the acquisition of hardware FingBox. He knows how to track the connection of unborn guests and selectively block their devices, as well as check the Internet connection to typical problems and automatically eliminate them.
- Tested version: 6.7.1
- Size: 10 MB
- Android version: 4.1 and above
- ROOT required: No
The application defines all client devices in a wireless network, and then uses ARP spoofing to selectively shut down or enjoys the connection to all other than yourself. And then you can download files at full speed somewhere in the cafe, looking at how other visitors are tormented.
Netcut - find and nod!
Joke! So to do is not unforgettable, but quickly pound an attacker, without climbing the settings of the router, - why should I? You can not just turn off the connection for any host, but constantly block its attempts to connect to the access point until it change the MAC address (see the Jail tab).
If someone tries to make such a fint regarding your device, Netcut will determine the ARP cache poisoning and clears it (see Netcut Defender). For a dollar per month, you can get an account Pro, remove advertising and restrictions.
- Tested version: 1.4.9
- Size: 12 MB
- Android version: 4.0 and above
- ROOT required: Yes!
References and search engines for a pensector
Finally, we will tell about a pair of useful utilities that do not have a direct relationship to hacking, but perform auxiliary and informational function more.
Welcome! On this site, all the best from the team of hackers is collected. In the "Files" section you will find everything you need for any hacker: WMrobber, Trojans, viruses, Joiner, Keyspy, textbooks, various collections and much more.
All files are packed in archives (RAR) with the same password. On how to get the password, see the "Password" section.
Below are some of the available programs.
WebMoney Robber V2.5.
Description This program will change your life! With it, you can get big money. Internet connection is required (Modem / LAN). The program does not require your WM Indefikator, password and keys; And you can use it from any computer.
Detailed instructions for using the program is in the archive downloaded.
All trojans, clab. Spies, viruses, etc., downloaded from our site, are not determined by any antivirus.
Thanks to the "deactivation of an emulator" method, antiviruses will not be able to determine our products for a long time.
In extreme cases, new software versions will be released.
Joiner Glue File V1.5
Description Joyner - the program glues various files to one EXE file. For example, you can glue the virus with some exciting game and send to your enemy. He will launch the game and get infected with a virus, nothing suspension. This joiner can glue up to 255 different files. It has a wide variety of settings for each glued file. Can encrypt, compress, add glued files to autoload, etc. And of course, the result of the result (the result of gluing) is not determined by antivirus.!
Trojan ETH V3.5 (Elusive Trojan Horse)
Description This is a remote administration system. Functionality exceeds Remote Administrator. Through this Troyan, it is possible, as in Radmin, fully control the sacrifice computer (full control). It has the search function for passwords and keys from various programs (Webmoney, postal clients, etc.) on the victim's computer. This Troyan is prescribed in six places, and firmly sits in the system. It is not visible in the list of processes. Suitable for all Windows operating systems.
Claw. Spy MSKEYSSPY NET V1.0
The description is firmly prescribed in the system. Not visible in the list of processes. Disasters EN and RU keyboard layout, upper and lower case registers. It has more variety of settings. Leads a detailed log file with the date and time of entries. Shows the header of the program in which the keys click. Sends a log file to the host by mail.
Anonymity in Network v2.0
Description hides your IP address and MAC address (at the program level).
MSCOOKIE EDITOR V1.5.
Description Cookie File Editor. You can also edit PWL files.
Tutorial: Free Internet.
Description If you are tired of paying for the use of the Internet, then this collection is for you. Here are collected thirty best ways. All ways are relevant.
Tutorial: hacking on the Internet.
Description Tutorial on hacking sites, E-mail addresses, etc.
Collection of passwords to paid porn sites.
A description of about 1000 passwords to 100 best porn plats. The collection is often updated. Workers passwords at least 95%.
Collection of celebrity e-mail addresses
Description These are personal and little-known postal addresses of popular pop stars and cinema. Having writes to such an e-mail, your letter is not lost in a pile of letters from fans. The collection contains addresses of 83 celebrities.
Hacker Top Programs
Hidden from guests
It has a number of features that can help the pen prestater and hakra. Two compatible applications used in this tool include "Burp Suite Spider", which can be listed and scheduled various pages and website parameters by studying Cubes. Initiates the connection with these web applications, as well as "Intruder", which performs a range of automated attacks of nancent web applications.
Burp Suite. It is a great web hacking tool that many pensets can use to verify the website vulnerability and the fiction of web applications. Burp Suite works using a detailed knowledge of the application that was withdrawn from the HTTP protocol. The tool works through the algorithm that is configured and can generate a malicious attacking HTTP query that hackers are often used. Burp Suite is specially indispensable to detect and identify vulnerabilities for SQL injection and cross-site scripting.
Hidden from guests
Also known as "IPScan" is a freely available network scanner for hacking, which is simultaneously fast and easy to use. The main goal of this hacking tool to scan IP addresses and ports is to find open doors and ports in other people's systems. It is worth noting that Angry IP Scanner also has a bunch of other ways to hack only to know how to use it. General users of this hacking tool are network administrators and system engineers.
Hidden from guests
It is an amazing tool for network hacking, which can be configured in one of three specified modes:- it can be used as an interceptor
- package registrar
- to detect intrusion online
THC HYDRA - is often considered as another password cracker. ThC Hydra is extremely popular and has a very active and experienced developer team. In essence, Hydra is fast and stable for hacking logins and passwords. It uses the dictionary and brutize the attacks to try various combinations of logins and passwords on the entry page. This hacking tool supports a wide range of protocols, including Mail (POP3, IMAP, etc.), databases, LDAP, SMB, VNC, and SSH.
Wapiti - has very devoted fans. As a tool for feeding (or Frymvork), Wapiti is able to scan and identify hundreds of possible vulnerabilities. In fact, this multipurpose hacker utility can check the security of web applications by performing the "black box" system. That is, it does not study the source code of the application, but scans the HTML-pages of the application, scripts and forms where it can shove their data.
Today it is a hacker top programs. Do you have information Freshly? - Share it in the comments. Have questions? - Set. We will always answer and explain everything.
- Michael Hendrickx.
- URL: michaelhendrickx.com/lilith.
- System: * Nix / Win.
Lilith is a perl "Web script, designed to audit web applications. More precisely, it is a scanner and an injector HTTP-forms. Tulza analyzes a web page for tags
Programs