Related
Please don't use this to do any illegal activity. It is meant to test your own network to see how secure your setup is.
It works great. I realized how weak my WEP password was and switched to a much more secure WPA 2
Must be Rooted, have Superuser, Android VNC and Busybox!
First download the zip file here: http://www.megaupload.com/?d=M6YCKZLR
Then extract it, and put it in a new folder "bt5", on your phones internal /sdcard
In a terminal emulator, type “su” <enter>, “cd /sdcard/bt5″ <enter>
Now type, “sh bt” <enter>
If all is well you’ll now be running BackTrack 5 on your Android device; you can access it from VNC if you said “Yes” to the prompt asking if you wanted a VNC session
To actually see Backtrack, run a VNC viewer from the market (many are free), then connect to host “127.0.0.1″, port “5901″, password “root”
I just stumbled upon this searching the internet, I do not take credit for this or take any responsibility if you mess up your phone.
As long as you follow these directions, everything should work smooth, and if you dont like it, you can simply delete the files.
Good Luck
What's this now?
Any video or pics?
Big dog Infuse I997 GB KJ4
bignate78 said:
What's this now?
Any video or pics?
Big dog Infuse I997 GB KJ4
Click to expand...
Click to collapse
http://www.backtrack-linux.org/backtrack/backtrack-5-release/
I think this is all about running linux on phone. I remember seeing this video about running linux on phone through vnc and/or terminal.
bignate78 said:
What's this now?
Any video or pics?
Big dog Infuse I997 GB KJ4
Click to expand...
Click to collapse
Backtrack is a penetration and network security test suite. Please don't do anything with this unless you're on a home network or are otherwise authorized to do so. This could very easily get you into trouble if you don't know what you're doing.
Sent from my SAMSUNG-SGH-I997 using xda premium
adalgiso said:
Backtrack is a penetration and network security test suite. Please don't do anything with this unless you're on a home network or are otherwise authorized to do so. This could very easily get you into trouble if you don't know what you're doing.
Sent from my SAMSUNG-SGH-I997 using xda premium
Click to expand...
Click to collapse
Thanks for the headsup mate
Yes, just don't do anything illegal. It is meant to test your own network to see how secure your setup is. It works great. I realized how weak my WEP password was and switched to a much more secure WPA 2
hollywood528 said:
Yes, just don't do anything illegal. It is meant to test your own network to see how secure your setup is. It works great. I realized how weak my WEP password was and switched to a much more secure WPA 2
Click to expand...
Click to collapse
Please post the same in red in OP so others too may know when they read OP.
diablo009 said:
Please post the same in red in OP so others too may know when they read OP.
Click to expand...
Click to collapse
no problem. done.
hollywood528 said:
no problem. done.
Click to expand...
Click to collapse
Thank you
Extraction of wifi passwords is what I'm getting from here right?
Sent from my SGH-I997 using xda premium
hollywood528 said:
Yes, just don't do anything illegal. It is meant to test your own network to see how secure your setup is. It works great. I realized how weak my WEP password was and switched to a much more secure WPA 2
Click to expand...
Click to collapse
WEP is trivial to break. I gave a talk in my senior seminar class and demoed breaking wep passwords. With packet objection to drive traffic across the network, wep is breakable in minutes. its been officially deprecated by the IEEE, no one should use wep.
Sent from my SAMSUNG-SGH-I997 using xda premium
Optimus-Prime said:
Extraction of wifi passwords is what I'm getting from here right?
Sent from my SGH-I997 using xda premium
Click to expand...
Click to collapse
Not just that, its a whole mess of network tools.
Sent from my SAMSUNG-SGH-I997 using xda premium
adalgiso said:
WEP is trivial to break. I gave a talk in my senior seminar class and demoed breaking wep passwords. With packet objection to drive traffic across the network, wep is breakable in minutes. its been officially deprecated by the IEEE, no one should use wep.
Sent from my SAMSUNG-SGH-I997 using xda premium
Click to expand...
Click to collapse
Right. Using WEP is equivalent to having 123456 or abcdef as password.
diablo009 said:
Right. Using WEP is equivalent to having 123456 or abcdef as password.
Click to expand...
Click to collapse
Problem with WEP is that its cipher is inherently insecure. It relies on the RC4 stream cipher, and it can be broken with 50% probability after only 40k packets captured. Using packet injection, you can generate 40k packets in <1m. Collecting 85k packets gets you a solution probability of 95%, so figure it takes about 2m to generate that much traffic. On modern computers, aircrack-ng can compute the key in ~5m, from the beginning of the attack. WEP will only stop a random passerby from jumping on your wireless. It's not a real barrier to any dedicated attacker. Once they're on your network, it's also trivial to set up a man-in-the-middle through ARP poisoning and then your data is all compromised. We even demonstrated capturing traffic off a VOIP phone through a MITM attack. Here's a copy of my talk from my class if anyone is interested: http://db.tt/ocmyCoeF
Awesome! I've been meaning to look into putting Backtrack on instead of Ubuntu. You sir, have saved me the trouble! Thanks!
Tried to install this following your directions but it does not seem to work can you tell me what I might be doing wrong? I ran the SH BT command and it gave me what you see in the screen capture.
The failure is because I had already run it once. When I try to connect to 127.0.0.1 it gives me an error connection refused?
Infused with Android DNA
---------- Post added at 11:48 AM ---------- Previous post was at 11:34 AM ----------
---------- Post added at 11:50 AM ---------- Previous post was at 11:48 AM ----------
If all is well you’ll now be running BackTrack 5 on your Android device; you can access it from VNC if you said “Yes” to the prompt asking if you wanted a VNC session
To actually see Backtrack, run a VNC viewer from the market (many are free), then connect to host “127.0.0.1″, port “5901″, password “root”
Click to expand...
Click to collapse
I never received a prompt about wanting a VNC connection? Was this supposed to happen in terminal?
Nice. Very nice. Runs like a charm. Thanks a lot!
Type "su" where you are now and it comes alive.
Sent from my GT-N7000 using XDA App
been playing with BackTrack for some time now on my Ubuntu 10.10 machine, and now that i ahve it with my android....
OH ITS ON!
This is sweet! If this works.. Should be able to do this with almost any distribution right?
Hey everyone, so my 3g internet expired which caused me to use my neighbor's open wifi, and i was wondering if i could make my phone some sort of "hotspot" that uses wifi internet rather than mobile networking with my phone.
Just so i dont have to move my wii closer to the wall to have a stable connection
Does anyone catch my drift here? If so please tell me i just want to strengthen my neighbors wifi signal and use his internet for my console.
Sent from my GT-P3100 using xda app-developers app
sorry i don't think so .i wanted to do it but there's no way
You would have to find a way to bridge the Wi-Fi connection with a USB/BT tether, which frankly I don't think can be done and would either way require a second device.
Wi-Fi extenders are dirt cheap, go grab one?
Sent from my GT-I9000 using xda premium
MCRfan020100 said:
Hey everyone, so my 3g internet expired which caused me to use my neighbor's open wifi, and i was wondering if i could make my phone some sort of "hotspot" that uses wifi internet rather than mobile networking with my phone.
Just so i dont have to move my wii closer to the wall to have a stable connection
Does anyone catch my drift here? If so please tell me i just want to strengthen my neighbors wifi signal and use his internet for my console.
Sent from my GT-P3100 using xda app-developers app
Click to expand...
Click to collapse
There is no way to do that as of now.......maybe if connectify had a platform for mobile like they do with PCs
---------- Post added at 10:07 AM ---------- Previous post was at 10:00 AM ----------
Hr Kristian said:
You would have to find a way to bridge the Wi-Fi connection with a USB/BT tether, which frankly I don't think can be done and would either way require a second device.
Wi-Fi extenders are dirt cheap, go grab one?
Sent from my GT-I9000 using xda premium
Click to expand...
Click to collapse
Actauly they really are cheap....check this
http://www.ebay.com/itm/Mini-USB2-0...SB_Wi_Fi_Adapters_Dongles&hash=item5894e0fd55
Alrighty guys do this the hard way then eh? :/ well thanks!
Sent from my GT-P3100 using Tapatalk 4 Beta
Yes, There Is!
I've had this wish for weeks, and I chanced upon an android app called fqrouter2.
Its available on the Google Play Store. It works; allows a Wifi connection to be shared over a wifi connection!
q
good question
the acess point is made for it, but it raises the range of the router, not of the cellphone
Maximum you can do it connect your phone to wifi and use a USB-tethering. I think
fqrouter2
Look for fqrouter2. its available on the play store. Requires root.
Excellent find thanks guys!
fqrouter2 for rooted Android devices (available free in Google Play Store)
MyWi for jailbreaked iOS devices (quite costly)
intelliborn.com/mywi.html
Not the dumbest idea... to use bluetooth. But the data rate is limited to 2.1 Mbit/s and sharing for multiple devices may or may not work.
Working link:
http://www.bequench.com/how-to/android-device-as-wifi-repeater/98/
Edit: Tested with a Samsung Galaxy S4 acting as repeater. A whopping 0.6 Mbit/s data rate, multiple devices are possible though. But they have to share these 0.6.
I am looking for real world users with knowledge to suggest, recommend, or advise me in my quest of needing or not needing a Anti virus / Malware / Firewall application on my Android device. With consideration of cost not to be a factor.
Sent from my SAMSUNG-SGH-I747 using xda app-developers app
To know. Android has no viruses. Yo dont have a need to a n antivirus app. Its just for tracking you phone if Its lost or for paying attention to the opened usb drbbuging. Or for the high risk apps on the mobile .
Hit Thanks if I helped you.
SeNt FrOm Ma GALAXY
Android has vulnerabilities. Anti virus apps will do nothing except slow your phone down. If you want to avoid vulnerabilities, don't download cracked apps, and only download from Google play store, or another trusted source, like f-droid. As long as you do this, you'll be very safe. If you'd like lost phone tracking, I'd recommend Cerberus.
I personally use kaspersky antivirus wich is great And simple to use !
Sent from my Xperia S running Key Lime Pie
It's not needed because android is based on Linux and Linux has a better security model and system.
Sent from my SPH-L710 using xda app-developers app
why not
As a very computer savvy 'dude', I would say that some of the free security apps are not such a bad thing to install. Linux is very good, however it is open source which means every update that comes out is because a bunch of people found vulnerabilities in the code, so it needs to be patched. I am a Net +, Security +, and Certified Ethical Hacker certified (although the Ethical is usually "X"ed out )) but many in my 'field' run some type of AV --even on their home linux computer, not just the droid. heck, most of us password secure our phones. we are pretty paranoid as a rule of thumb, but it certainly only adds a level of confidence that you are protected.
Like I said, their are plenty of good freeware, just google it, and try em out!!
But I will say the android is more secure than iCrap.
Kaspersky mobile security is the best..
Sent from my C6502 using XDA Premium 4 mobile app
most of the antivirus apps are bloatware/malware themselves. Don't install suspicious apps and keep an eye on your resources, you should be fine.
The AVG has a decent app tp android... But i guess it´s useless, because those antivirus app does not anything!
Most anti virus also have anti theft and loss prevention capabilities ... it's not a bad idea to grab one ... lookout has some nice free features
How does android have no viruses? You are saying that there is no one out there that codes maliciously for android devices.... should I also believe that all dogs boys and all cats are girls?
Sent from my SCH-I545 using xda premium
Dear XDA memebers I found a Backdoor on all Androids Frimeware :'( NoBody believe me
Sent from my GT-S5830i using xda premium
I've used Lookout for a couple of years. Seems to serve it's purpose.
Sent from my EVO using XDA Premium 4 mobile app
Mohamed Khaled Mk said:
To know. Android has no viruses. Yo dont have a need to a n antivirus app. Its just for tracking you phone if Its lost or for paying attention to the opened usb drbbuging. Or for the high risk apps on the mobile .
Hit Thanks if I helped you.
SeNt FrOm Ma GALAXY
Click to expand...
Click to collapse
Wrong.... Virus on android exist! And the real problems with Android (vs iOS), it that you can install .apk without rooting your.phone! 80% of the infect stuff come from apk and about 20% from ads in free apps!
For the initial question, I personally use AVG Pro ($9.99). Antivirus, anti-malware and anti-spyware. You have a privacy protection include and safe web browsing.
Oh, there's an lost device option too... You can find it on a Google Map!
Chris
Sent from my Optimus G (RootBox) using xda app-developers app
I use avast antivirus and I am fine. It has many features including firewall protection app and could also operate as an alarm. This function, however I still do not know how to use.
Best combinations for Non-rooted users
Antivirus : Avast
Firewall: Mobiwol Firewall
Try it and see!
GL
Mohamed Khaled Mk said:
To know. Android has no viruses. Yo dont have a need to a n antivirus app.
Click to expand...
Click to collapse
Well, there are about 300 distinct families of viruses for Android, and about 60,000 variants (if not more). All the markets, both official and unoffical, have been affected at some point.
According to Google's last talk at VB2013, if you run an unmodified ROM with App Verify enabled and you download apps only from the Google Play Store, you have 0.1% probability of getting infected. Nevertheless, there are about 100 antivirus apps which, in addition to detecting known viruses, help the user to track a lost phone (for instance).
I believe it's quite incorrect to say that "Android has no viruses".
I agree that anti-virus app will slow down your phone if your phone's cpu is not strong.
CyanogenMod comes with as built in permission manager. When you install any app, you can see the permissions the app uses. If something is suspicious, just block that permission using permission manager.
And for firewall there is droid wall which is dead simple but works spot on!
Sent from my HTC Explorer A310e
uniquesky said:
I agree that anti-virus app will slow down your phone if your phone's cpu is not strong.
Click to expand...
Click to collapse
It is true, my phone became slow when I installed Kaspersky for Android.
Hey guys,
I am trying to learn how to use bcmon and Reaver for Android. I wanted to know if you guys have got any tutorials about them, cause thats hard to understand.
For the ones that dont know: These apps are supposed to show some Wifis passwords, but I can't tell they work, i havent tried yet!
Guys, hacking is illegal, so, dont test this app without the authorization of the Wifi owner
Dont kniw if they use bruteforce and those things bla bla
Any help is appreciated, and other apps too.
I have a SII Lite :B
there is also wifi router keygen and facesniff
Joey22688 said:
there is also wifi router keygen and facesniff
Click to expand...
Click to collapse
Its not about how to use bcmon but make sure you have a supported device.
Its about the tools included.
Such as besside-ng , aircrack-ng , crunch , airodump-ng , wash , reaver etc.
You have to look up how to use those tools first.
But for now you can use besside-ng (IN A CONTROLLED LAB!)
This tool cracks all wep networks in your range and will grab the wpa handshake for all wpa and wpa2 networks.
This stuff is stored in /data/data/com.bcmon*/results
If you want to crack wpa or wpa2 you must use awordlist and use aircrack-ng.
Example: you capture a wpa hanshake for your att network that has a default password.
use a usb hdd to generate a list of all numbers 10 digits(90 gigabytes)
use aircrack-ng pointed at the wpa cap and the wordlist on your usb hdd and give it probably a month to two months and you will have your password for the network.
Now say you want to use a reaver it utilizes the wps feature on routers to gain access to the key by attacking the pin for the wps feature on the router. Like guessing the right key to use for the lock) this attack can be done very fast given that your router doesnt have wps patched.
You can use wash to determine if wps is vulnerable and the version of wps.
Its all determined by what vulnerabilities are present and how much time you have and having knowledge of the tools at hand.
So go research.
Thanks a lot,I'm going to test them soob
Sent from my LT25i using Tapatalk
Aria.A97 said:
Thanks a lot,I'm going to test them soob
Sent from my LT25i using Tapatalk
Click to expand...
Click to collapse
Have fun
sorry for being noob. but is that even possible to hack wifi passwords?
zangetxu said:
sorry for being noob. but is that even possible to hack wifi passwords?
Click to expand...
Click to collapse
on what devices can i hack wi-fi?? Can i do it on htc one v?
Using bcmon you need to have monitor mode. Not all broadcom chip sets support that. Bcmon has firmware updates for CM. That's the only firmware I have seen it on. They are working on supporting different devices. But monitor mode and packet injection is what you need to successfully "hack" WiFi. If you are wanting to get into pentesting there is more than cracking WiFi. The real fun starts once your in. I suggest you run those tools on your computer to get the hang of them. Good distros to try are Back Track 5 and Kali Linux. I'm trying to use bcmon myself but they don't support Samsung GS3 yet.
Sent from my SCH-I535 using xda app-developers app
if you konw back track, so transport it to android
Sent from my GT-P1000 using xda app-developers app
Papa Emeritus said:
Using bcmon you need to have monitor mode. Not all broadcom chip sets support that. Bcmon has firmware updates for CM. That's the only firmware I have seen it on. They are working on supporting different devices. But monitor mode and packet injection is what you need to successfully "hack" WiFi. If you are wanting to get into pentesting there is more than cracking WiFi. The real fun starts once your in. I suggest you run those tools on your computer to get the hang of them. Good distros to try are Back Track 5 and Kali Linux. I'm trying to use bcmon myself but they don't support Samsung GS3 yet.
Sent from my SCH-I535 using xda app-developers app
Click to expand...
Click to collapse
I will look into it, because if i manage to do so, it will be so much fun
dSploit - http://shlyahten.ru/70-dsploit-root.html
DroidSheep - http://shlyahten.ru/56-droidsheep-must-have-rus-root.html
Network Spoofer - http://shlyahten.ru/57-net-spoofer-root.html
WiFiKill - http://shlyahten.ru/58-wifikill-must-have-root.html
---------- Post added at 10:49 AM ---------- Previous post was at 10:28 AM ----------
Ninoviski said:
Hey guys,
I am trying to learn how to use bcmon and Reaver for Android. I wanted to know if you guys have got any tutorials about them, cause thats hard to understand.
For the ones that dont know: These apps are supposed to show some Wifis passwords, but I can't tell they work, i havent tried yet!
Guys, hacking is illegal, so, dont test this app without the authorization of the Wifi owner
Dont kniw if they use bruteforce and those things bla bla
Any help is appreciated, and other apps too.
I have a SII Lite :B
Click to expand...
Click to collapse
dSploit - http://shlyahten.ru/70-dsploit-root.html
DroidSheep - http://shlyahten.ru/56-droidsheep-must-have-rus-root.html
Network Spoofer - http://shlyahten.ru/57-net-spoofer-root.html
WiFiKill - http://shlyahten.ru/58-wifikill-must-have-root.html
Thank u sirs
Sent from my GT-I9070 using XDA Premium 4 mobile app
want
i want to ask something is there really a app to hack wifi passwords that works.......?
Disharmony said:
i want to ask something is there really a app to hack wifi passwords that works.......?
Click to expand...
Click to collapse
Yes, there really is: WifiUnlocker 2.0 But not all routers are supported.
Sent from my Nexus 7 (2013) using Tapatalk
Is there any sort of custom ROM out that has a collection of Android pentesting tools such as this one? Sort of like BackTrack/Kali, but for Android?
It would be great if an experienced member could explain how to hack wifi in a step by step format including the programs needed.
For the record, I'm using the G2 D802 with CM.
Oh man,it's seems that my dream to hack neighbours Wi-Fi password has a chance to come true.
Sent from my Nexus 5 using Tapatalk
Yeah indeed
But see, some apps up there hack the wifi (MITM, java script, those stuff). Dsploit do both, the password and some wifis.
If you wanna try I suggest u starting by the bcmon or that WifiUnlocker2.0 (havent seen it yet), but remember using the right app for the right security (WPA WEP...)
Sent from my GT-I9070 using XDA Premium 4 mobile app
Bccom
The device must have a Broadcom bcm4329 or bcm4330 wireless chipset.
Kohelet said:
Is there any sort of custom ROM out that has a collection of Android pentesting tools such as this one? Sort of like BackTrack/Kali, but for Android?
Click to expand...
Click to collapse
https://www.pwnieexpress.com/penetr...ity-assessment-products/sensors/pwn-pad-2014/
---------- Post added at 07:49 PM ---------- Previous post was at 07:47 PM ----------
Simonna said:
Oh man,it's seems that my dream to hack neighbours Wi-Fi password has a chance to come true.
Sent from my Nexus 5 using Tapatalk
Click to expand...
Click to collapse
Please keep this chat gray hat only.
This is not a forum to be malicious black hats.
If you are looking through this thread to Illegally get into someone else's network, then I advise you to leave.
Thanks.
I'm not too sure about too much of the heartbleed bug that has been going around but it has been confirmed that it can attack android 4.1.1 and above. Maybe its a possibility that we could look into this as an exploit to gain root access on our phones.
Below is a video talking about android vulnerability and also there is an app called ghost bleed that is supposed to look into and patch it till the carriers release an update to patch on their own. Hope this helps in any way to gain root
http://youtu.be/YyJi_wdZLKw
Sent from my SM-G900V using XDA Premium 4 mobile app
bruderhood15 said:
I'm not too sure about too much of the heartbleed bug that has been going around but it has been confirmed that it can attack android 4.1.1 and above. Maybe its a possibility that we could look into this as an exploit to gain root access on our phones.
Below is a video talking about android vulnerability and also there is an app called ghost bleed that is supposed to look into and patch it till the carriers release an update to patch on their own. Hope this helps in any way to gain root
http://youtu.be/YyJi_wdZLKw
Sent from my SM-G900V using XDA Premium 4 mobile app
Click to expand...
Click to collapse
Interesting find :good:
Heartbleed is a remote information disclosure vulnerability. I would not think that any information that would be useful to gaining root (such as vendor signing keys) would be resident in local memory
Sent from my SM-G900V using Tapatalk
Unfortunately, any heart bleed exploit would only pertain to a remote user capturing secure data sent from the device wirelessly such as web service logins and passwords. The types of data we would need to get our hands on is never passed in this manner so the only things this affects is you're personal data.
Sent from my SM-G900V using Tapatalk
Why not...?
Maybe we can use and abuse a system like Telnet? I'm no expert on phones, but I am a Computer Technician and Telnet used to be a way of hacking/getting into a PC into OS's. I mean Android is an modified OS to work on mobile devices.
DR4LUC0N said:
Maybe we can use and abuse a system like Telnet? I'm no expert on phones, but I am a Computer Technician and Telnet used to be a way of hacking/getting into a PC into OS's. I mean Android is an modified OS to work on mobile devices.
Click to expand...
Click to collapse
Hmm I use telnet at work just to see if our clients have designated ports open? Didn't know it can be used for other things
Sent from my SM-G900V using XDA Free mobile app
bruderhood15 said:
I'm not too sure about too much of the heartbleed bug that has been going around but it has been confirmed that it can attack android 4.1.1 and above. Maybe its a possibility that we could look into this as an exploit to gain root access on our phones.
Below is a video talking about android vulnerability and also there is an app called ghost bleed that is supposed to look into and patch it till the carriers release an update to patch on their own. Hope this helps in any way to gain root
http://youtu.be/YyJi_wdZLKw
Sent from my SM-G900V using XDA Premium 4 mobile app
Click to expand...
Click to collapse
I just ran that app and it didn't show any vulnerabilities in my phone. It all says pass.
from the tip of my fangers...!
DR4LUC0N said:
Maybe we can use and abuse a system like Telnet? I'm no expert on phones, but I am a Computer Technician and Telnet used to be a way of hacking/getting into a PC into OS's. I mean Android is an modified OS to work on mobile devices.
Click to expand...
Click to collapse
telnet is a networking protocol which (a) is not enabled by default in android and (b) even if it were enabled does not run with elevated permissions (unless you already have elevated permissions) so there's nothing there to "abuse". Telnet has no relationship with any heartbleed exploits which similarly cannot be used to gain any elevated permissions.
Sorry, it's just not relevant to any root exploit for any devices, not just ours.
There is already a thread for "Ideas for rooting our phones" Please search before posting