Jump to content

Network Hacking From Android - Network Spoofer


Will Shackleton

Recommended Posts

Hey there, I've recently finished a project called Network Spoofer. It's an application which lets you run arpspoof attacks and other fun hacks from Android, messing with people's internet from your phone.

The main feature is that similar to the Upside-down-ternet project: from the phone you can flip pictures on someone's computer upside down. It can do a few more things such as website redirecting and Google search changing, and I hope to add more features soon.

If anyone wants to contribute to the code, here are the hosted projects:

Launchpad (main project - primarily used)

Sourceforge

This program works well in combination with Shark for Android - combined they allow you to capture packets when logged onto wifi networks.

I hope this works for you - if you have success / no luck / questions, please post in this thread. If you find this doesn't work, please post here / Email / PM me with details and (if you know how) a log output from the application (adb logcat); the tag is 'android-netspoof'.

Currently confirmed working devices:

  • Nexus One - thoroughly tested with CM7 - Android 2.3.3
  • T-Mobile G1 - also tested with CM6 - Android 2.2

Installation:

Simply install from the Android Market (on a device running >2.2), and download the setup files from the application. This requires about 600MB free SD card space. The program needs the phone to be rooted, and have busybox (most custom firmwares have this). Once it's done, it takes only a few seconds to get it running.

Enjoy! :D

Will Shackleton

digitalsquid.co.uk

netspoof.png

Link to comment
Share on other sites

It looks great, Can't wait till I can test it. I got Lg optimus 2x, with stock rom, 2.2 Where you would like me to report weather it works, from androidmarket, send email to developer or where?

Thanks for posting this here.

Doesnt work yet, does it require bash, which is included in cyanogen mods? Stock LG doesnt have it.

Edited by Jarmo
Link to comment
Share on other sites

600MB? Daaaamn I'm gonna need a bigger SD card :D

Yeah, I know. Inside it's a debian image which contains squid (a proxy, used to modify data), perl, imagemagick (image processing tools) and all the other debian toolkit. The program then chroots into this image on the SD card.

Link to comment
Share on other sites

  • 1 month later...

I have got this working on the HTC Hero running Villainrom - 2.2

It had trouble extracting but it managed to sort it self out.

It doesn't grab all the traffic (even if set to one machine) but i think thats because of how slow the phone is.

I do like it though and hope you do carry on with this and you never know it might get on the show (hope so)

Link to comment
Share on other sites

  • 4 months later...

I have a HUAWEI-M835 and flashed with this ROM Mate5: Here And I can't get this to work, Im on wifi and have BusyBox Pro installed and Rooted. And I know all about ARP, DNS Spoofing, Mitm attacks Etc. So I know I'm doing everything right, Settings etc. If someone could let me know if there is a way to fix this on this phone. Or if its not even compatible with my ROM please let me know, I would love to get this to work.(And its not giving any Errors,It SHOULD be working, But its just not.) Thanks.

Link to comment
Share on other sites

  • 1 month later...
  • 1 month later...
  • 1 month later...

I am testing this out on my HTC Rezound (rooted) (busybox) (ICS) (Sense) and I am running into a couple of issues, it doesn't really give me any errors or anything but it doesn't execute the attacks very well. The download worked fine and I can start the app up but when I select a device to perform the attack on it just opens up a page like this:

24goyo1.png

Any ideas on what is going wrong or anything you want me to do to help you further test it out? Do you need a logcat?

Link to comment
Share on other sites

Wow, this works absolutely perfectly!!! 10/10!! Love it!

Can somebody show me how to set up SSLstrip with this? Would you have to redirect the traffic through your phone, and then use SSLStrip as a separate application somehow? I'm fairly new to this, but have a little experience with linux networking.

Using shark, I don't think you would get SSL packets like you would with SSLstrip.

Edited by checksum420
Link to comment
Share on other sites

Wow, this works absolutely perfectly!!! 10/10!! Love it!

Can somebody show me how to set up SSLstrip with this? Would you have to redirect the traffic through your phone, and then use SSLStrip as a separate application somehow? I'm fairly new to this, but have a little experience with linux networking.

Using shark, I don't think you would get SSL packets like you would with SSLstrip.

The program is nothing but scrips that run on a Debian image. There is no reason why sslstrip wouldn't work. The modified version for a Linux PC uses sslstrip. You would have to compile and install sslstrip on the Debian image and then modify the scripts to use it.

Link to comment
Share on other sites

  • 2 weeks later...

K. By the way, works great on my samsung stratosphere android 2.3

Also redirecting all traffic does not work. I'm assuming you used dnsmasq, but there's a bug. If I tell it to forward all sites to "zombo.com", and I go to my computer and go to google, I see a white page with the title "ZOMBO" but the page does not load. Just FYI.

Link to comment
Share on other sites

  • 5 weeks later...
  • 1 month later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...