dSploit:Penetration Testing ToolKit For Android

Oct 15, 2012 | comments

A while back i wrote an article about Anti an android Pen-testing toolkit, Today i came across a wonderful Tool Dsploit Which is more powerful and has more features than Anti, The best part about Dsploit is its open source (i.e) free, unlike anti which has some Premium Restrictions.

Mobile devices have accelerated productivity as they move to replace many of the other devices we used to carry in a small package. Most phones have Wi-Fi capability, cameras, mass storage capability and a persistent internet connection via 3G and 4G and allow a wide number of applications and if rooted provide many of the same tools as a computer, but with more hardware and network capabilities. These conveniences also carry over to make them an very powerful tool to use in penetration tests, more powerful I would argue than a laptop, as a mobile device can be easily hidden on your person, or inside of an office building.

dSploit contains a number of powerful functions that allow you to analyze, capture, and manipulate network transactions. You can scan networks for connected devices, identify the operating system, running services and open ports on each device, as well as checking them for vulnerabilities.
You can also use dSploit to perform so-called “man in the middle’ operations. This is where the ‘fun’ comes. You can use it to intercept traffic from a network-attached computer, and mess with it in a number of ways. For example you can cause havoc with friends or family by replacing all images that appear on every web page on a computer with an image you specify. You can also completely block all internet traffic on the computer. There are a number of other tools such as password sniffers and login crackers, which of course should never be used for anything malicious.

Features :
  • RouterPWN  - Launch the http://routerpwn.com/ service to pwn your router.
  • Trace - Perform a traceroute on target.
  • Port Scanner - A syn port scanner to find quickly open ports on a single target.
  • Inspector - Performs target operating system and services deep detection, slower than syn port scanner but more accurate.
  • Vulnerability -  FinderSearch for known vulnerabilities for target running services upon National Vulnerability Database.
  • Login CrackerA -  very fast network logon cracker which supports many different services.
  • Packet ForgerCraft -  and send a custom TCP or UDP packet to the target.
  • MITM - A set of man-in-the-midtle tools to command&conquer the whole network.
  • Simple Sniff - Only redirects target's traffic through the device ( useful when using a network sniffer like 'Sharp' for Android ) and shows network stats.
  • Password Sniffer - Sniff passwords of many protocols such as http, ftp, imap, imaps, irc, msn, etc from the target.
  • Session Hijacker - Listen for cookies on the network and hijack sessions.
  • Kill Connections - Kill connections preventing the target to reach any website or server.
  • Redirect - Redirect all the http traffic to another adtress.
  • Replace Images - Replace all images on webpages with the specified one.
  • Replace Videos - Replace all youtube videos on webpages with the specified one.
  • Script Injection - Inject a javascript in every visited webpage.
  • Custom Filter - Replace custom text on webpages with the specified one.

 Requirements :
  • An Android device with at least the 2.3 ( Gingerbread ) version of the OS.
  • The device must be rooted
  • The device must have a BusyBox full install, this means with every utility installed ( not the partial installation).

                                  Download dSploit

Share this article :

Post a Comment

I'm certainly not an expert, but I'll try my hardest to explain what I do know and research what I don't know. Be sure to check back again , after moderation i do make every effort to reply to your comments .

Copyright © 2011. INDIATRIKS - All Rights Reserved
Template Edited By Indiatriks
Proudly Powered By Blogger