Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Learning zANTI2  for Android Pentesting

You're reading from   Learning zANTI2 for Android Pentesting Dive into the world of advanced network penetration tests to survey and attack wireless networks using your Android device and zANTI2

Arrow left icon
Product type Paperback
Published in Aug 2015
Publisher
ISBN-13 9781784395049
Length 134 pages
Edition 1st Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Miroslav Vitula Miroslav Vitula
Author Profile Icon Miroslav Vitula
Miroslav Vitula
Arrow right icon
View More author details
Toc

Penetration testing

A penetration test (or pentest, if you wish to call it that), is some sort of intrusion, or attack, that is intended to uncover weakness, security issues or vulnerability of a local network, for instance.

In this book, we will focus on Android penetration tests. We won't be focusing on these tests for exploiting Android vulnerabilities and proving insufficient security in the system, but on those network tests that are done using an Android device. As you might know, there is a whole bunch of network penetration tools for Linux-powered operating systems, including Kali Linux (formerly BackTrack) and there's a good amount of Android tools as well.

Here's a screenshot from DroidSheep, a very popular app in the past for its simple user interface and high functionality, though it was capable of only one feature—session hijacks. The app didn't have a fully working SSL strip, but we'll get to that. Actually, there was no big need for SSL back then. Most of the protocols were HTTP and open for hijacks.

Penetration testing

This finally gets us to penetration tests and mainly, their role in networking, OS, security and basically anywhere else. If it weren't for penetration tests, there would be massive attacks due to unpatched vulnerabilities, exploited security holes, and stolen data, from hackers who just were smart enough to find and exploit some random vulnerability in the system.

That said, we need penetration tests, period.

Getting to know the dark side of Android

Android uses a Linux core since it's a Linux-based OS. Since Linux is very flexible, we can do nice things to it, not in terms of changing live wallpapers, rather about permissions: root permissions, to be precise. Heard about them? Probably yes, as you're going to need these for pentests.

The fact that your Android device is rooted may actually be caused by an exploited vulnerability in the OS. If you've ever tried to root your device running Android 2.3 Gingerbread, you've probably heard about GingerBreak software. This application ran an exploit that tried to obtain root. When succeeded, the exploit then remounts the system as R/W and runs an installer script to do the job. Superuser binary is installed, along with the well-known superuser app, and it reboots the system. Boom, easy. Most one-click root apps work like this by exploiting a vulnerability that leads and provides better access to the system.

Besides root access, you'll need the Swiss knife of Unix, BusyBox.

BusyBox is a utility that combines all Unix utilities and commands that are not commonly used in Android (so they aren't there) and lets you install all of these in one package.

Getting to know the dark side of Android

By typing busybox inside of the terminal you notice how many commands BusyBox features with. BusyBox installation is a necessity for us to run network attacks and perform penetration test on a network.

Since our little penetration application uses quite a few utilities available in BusyBox, be sure to have it fully installed on your Android. BusyBox can easily be installed from one of the BusyBox installers available in the Google Play store, just search for BusyBox and you should be good to go.

To avoid any problems, I recommend that you use the BusyBox application by Stephen (Stericson) developer; it works seamlessly. The following screenshot displays the BusyBox application's download screen:

Getting to know the dark side of Android

One of the most advanced penetration testing tools for Android, the very well-known dSploit, was created a few years ago. It was capable of some crazy stuff. Here's the list of some of game changing features that really moved the Android penetration testing game forward:

  • Inspector (inspects the target, specifies OS, and more)
  • The vulnerability finder
  • The login cracker
  • Man-in-the-middle attacks, including redirect, image/video replacement, JavaScript Injector or custom filter that changes text values on the Web

These are just a few features that made dSploit an awesome tool. A few years later, the main developer of dSploit joined Zimperium, a company offering enterprise class protection for mobile/tablet devices against advanced mobile attacks. They made some really good tools, which include:

  • zIPS
  • zConsole
  • zANTI

zIPS aims to protect your device as much as possible, alerts you when there's an attacker around trying to hijack your passwords, or just performs a TCP scan of your device. zIPS also automatically keeps you safe and protects against the attack. zConsole takes all the reports from zIPS or zANTI and shows them in a nice interface on your desktop. If you're interested in taking the network security to a higher level, you can protect yourself and order these tools on http://www.zimperium.com/.

And then, there's zANTI—the reason why you're here reading these lines.

You have been reading a chapter from
Learning zANTI2 for Android Pentesting
Published in: Aug 2015
Publisher:
ISBN-13: 9781784395049
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image