In this tutorial for Cr0w’s Place we are starting a new series of videos called Hacking with Android and as the title says we are going to see applications that helps us to perform Penetration Testing Attacks.
In part 1 of this series we are working with Intercepter-NG.
Intercepter-NG is a multifunctional network toolkit for various types of IT specialists. It has functionality of
several famous separate tools and more over offers a good and unique alternative of Wireshark for android.
The main features are:
- SSL Stripping
- ARP Poisoning
- Session Hijager
- Network Discovery with OS Detection
- Network Traffic Analysis
- Passwords Recovery
- Files Recovery
Runs on Android 2.3.3+ with root+busybox
Session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server. It has particular relevance to web developers, as the HTTP cookies used to maintain a session on many web sites can be easily stolen by an attacker using an intermediary computer or with access to the saved cookies on the victim’s computer.
SSL stripping is a man-in-the-middle attack in which a network attacker could prevent a web browser from upgrading to an SSL connection in a subtle way that would likely go unnoticed by a user.
ARP Spoofing attack is the egression of unsolicited ARP messages. These ARP messages contain the IP address of a network resource, such as the default gateway, or a DNS server, and replaces the MAC address for the corresponding network resource with its own MAC address. Network devices, by design, overwrite any existing ARP information in conjunction with the IP address, with the new, counterfeit ARP information. The attacker then takes the role of man in the middle; any traffic destined for the legitimate resource is sent through the attacking system. As this attack occurs on the lower levels of the OSI model, the end-user is oblivious to the attack occurrence.
Everything you are going to see is for educational purposes only, so operate carefully and in your own property. I bring no responsibility in what happens to you if you act irresponsibly.
Thank You For Watching.:)