silver-moonshine Posted August 27, 2013 Share Posted August 27, 2013 (edited) Hey guys, there's been more than one occasion in the past were I have gone wondering the web'z looking for fun programs for having fun on my wireless with my rooted android devices and being a massive Hak5 fan , these forums are one place I do search regularly, now there is a few wireless pentest workarounds i'v seen ( install ubuntu , install kali so on and so forth) i do have a kali laptop and a backtrack laptop , as well as a kali net-book with an alfa awus036nhr taped to the back and reaver pro on a pen-drive Velcro'd to the back, but theres not much for rooted android devices with legit / custom android firmware. So pretty much I thought i'd share some of the tools I have found through my searches. Now please remember , I have had nothing to do with the development of any of these programs and shall not be held responsible for any thing that may go wrong (if anything does) i have used these tools on many occasions and have never had any issues , remember these tools are for Rooted devices only, and are for only testing against your own network for learning purposes. one thing that is missed out in here though is a MAC Changer , which i would highly recommend , because as we all know if your going to pentest your own network , we need to wear a mask to recreate the scene of an intruder. :)(why else would we need a mask. :) ) anyway , heres what i have found 1 .android-netspoof ( Packed full of wifi goodness , well and truly one of my favorites) 2. Bcmon ( who needs InSSIDer when you can have good ol fashioned CLI :) ) 3. Droid sheep (ARP fun and more ) 4. Dsploit ( plentyfull of tools ) 5. Fing Network tools ( know thy network) 6. Droid SQLi SQL injector) 7. Piik (View live stream of network images ) 8. SSL Strip - 9. WifiKIll (prettymuch i assume to be a network de-authentication tool ) 10. Wiggle wifi wardriving (incase you wish too pinpoint all your access points around your 3mile house to wiggle) as I said before , try these at your own risk , as I did , but more than anything , have fun , and TYTL :) Edited August 30, 2013 by silver-moonshine Quote Link to comment Share on other sites More sharing options...
no42 Posted August 27, 2013 Share Posted August 27, 2013 You forgot Drozer (Previously known as Mercury), for assessing Android Applications and finding security issues like injection, default passwords, weak crypto: https://labs.mwrinfosecurity.com/tools/drozer/ Quote Link to comment Share on other sites More sharing options...
silver-moonshine Posted August 27, 2013 Author Share Posted August 27, 2013 ha , well as I said , these are just some that i figured I should share , if anyone knows any feel free to add. Thanks midnitesnake. Quote Link to comment Share on other sites More sharing options...
vector Posted August 28, 2013 Share Posted August 28, 2013 ok besides just linking to your dropbox with the .apk's (who really knows what youve really got there) you should also link to the documentation and the website if avail. such as bcmon.apk. people need to know that this is only compatible with certain devices with the bcm4329 or bcm4330 chipsets. and even then isnt compatible with certain rom versions. youre looking for trouble if you start installing different firmware and modules on your hardware that werent compiled or arent compatible with your kernel version. just having root isnt enough for many of these tools. however things like netspoofer are fine with just a rooted device because it does all the work in a debian chroot. also to add to your list is intercepter-ng a pretty neat tool. https://play.google.com/store/apps/details?id=su.sniff.cepter&hl=en Quote Link to comment Share on other sites More sharing options...
silver-moonshine Posted August 29, 2013 Author Share Posted August 29, 2013 (edited) ok besides just linking to your dropbox with the .apk's (who really knows what youve really got there) you should also link to the documentation and the website if avail. such as bcmon.apk. people need to know that this is only compatible with certain devices with the bcm4329 or bcm4330 chipsets. and even then isnt compatible with certain rom versions. youre looking for trouble if you start installing different firmware and modules on your hardware that werent compiled or arent compatible with your kernel version. just having root isnt enough for many of these tools. however things like netspoofer are fine with just a rooted device because it does all the work in a debian chroot. also to add to your list is intercepter-ng a pretty neat tool. https://play.google.com/store/apps/details?id=su.sniff.cepter&hl=en Fair enough I'm sorry for lack of info, but out of convenience I linked them To my dropbox , I wasn't too sure how else to upload them , and fair enough they may not be what I say they are but I genuinely have no hidden motivations other than to share my Knowledge (not allot by the way ) I just wanted to help out. Anyway you are right in saying so though always research before installing , know your sources ,and read documentation. Thanks vector for the backhanded compliment , no offence taken I know your just pointing it out anyway cheers guys and let's keep this list going :) tytl Edited August 29, 2013 by silver-moonshine Quote Link to comment Share on other sites More sharing options...
barry99705 Posted August 30, 2013 Share Posted August 30, 2013 Here you go. In order of the above list. http://sourceforge.net/projects/netspoof/ http://bcmon.blogspot.com/ http://droidsheep.de/ http://www.dsploit.net/ https://play.google.com/store/apps/details?id=com.overlook.android.fing&hl=en http://www.hackerscafe.in/2013/05/droidsqli-first-automated-mysql.html Piik's site seems to be down, grab the apk from the dropbox link. https://play.google.com/store/apps/details?id=com.crazyricky.androidsslstrip&hl=en http://paranoid.me/wifikill/downloader/ https://play.google.com/store/apps/details?id=net.wigle.wigleandroid&hl=en Quote Link to comment Share on other sites More sharing options...
silver-moonshine Posted August 30, 2013 Author Share Posted August 30, 2013 haha , thank you barry99705 :) Quote Link to comment Share on other sites More sharing options...
LexMichdeappel Posted September 8, 2013 Share Posted September 8, 2013 Ah this is going to be a fun sunday afternoon. Let's see how safe I am at home. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.