dSploit, hacking made Open.
In these days I’m being involved in a whole new project for me.
dSploit is a new tool made by evilsocket, an Italian guys who made also other great tools and project, you can check them here.
dSploit is a new tool made by evilsocket, an Italian guys who made also other great tools and project, you can check them here.
dSploit is a modular app for Android that make easy the pentesting on a WiFi network.
At the moment it can also generate the default WPA and WEP of some kind of some routers to gain access to the network and get BIOS name of the target.
At the moment it can also generate the default WPA and WEP of some kind of some routers to gain access to the network and get BIOS name of the target.
Let’s see what are the modules of dSploit now:
1. Trace, you can make a traceroute of the target and see where your packets go before they reach it.
2. Port Scanner, you can make a quickly scan of the ports of the target. From version 1.0.29b I helped to implement the possibility of scan only custom ports.
3. Inspector, this module can give you more info of the target like OS, Device Type and services opened.
4. Vulnerability Finder, by using it you can, after have made an Inspector scan, see if the services opened have some known vulnerabilities.
5. Login Cracker, you can try a bruteforce or a dictionary attack against common services like SSH, telnet, VNC, etc
6. Packet Forger, this module can forge custom packets to send to the target.
7. MITM, the man in the middle module is the most usefull and give you a lot of possibilities:
7.1 Simple Sniff, it just sniff all data on the network and give you the possibility to save them on a pcap file.
7.2 Password Sniffer, it lists for all password of some common services, imap, telnet, etc
7.3 Session Hijacker, this is a really powerfull module which gives you the possibility of sniff cookie and hijack session and open them on a broswer who inject the cookie sniffed. It now should work also on https connection, as we
will explain later.
will explain later.
7.4 Kill Connections, this just kill all connections made by the target to any address outside and inside the network.
7.5 Redirect, you can redirect all http connections to a custom address.
7.6 Replace Images, replaces all images of the web page with a custom one.
7.7 Replace Videos, as the one before but this replace Youtube videos.
7.8 Script Injection, an usefull module which inject any JS code into any web page of the target.
7.9 Custom Filter, last module that can replace all text with custom one, you can also use regex to select text.
As you can see this awesome app gives you a lot of possibilities. Let’s now say a little more how some modules work.
Sniffing Part
The app has a build-in proxy server which is used by the app to change a inject data.
There is also a second service in the app which is very very important, it strips the connections from https to http deautenticating the client just one time and sniff the data.
This is used by all MiTM modules.
The app has a build-in proxy server which is used by the app to change a inject data.
There is also a second service in the app which is very very important, it strips the connections from https to http deautenticating the client just one time and sniff the data.
This is used by all MiTM modules.
Now you can see the power of this app!
An other important thing of the app is that is totally OpenSource and anyone can contribute!
Only for Educational Purpose not use it
for illegal purpose
0 comments:
Post a Comment