dSploit is a penetration testing suite developed by Simone Margaritelli for the Android operating system. It consists of several modules that are capable to perform network security assessments on wireless networks. It allows you to perform tasks such as, network mapping, vulnerability scanning, password *****ing, Man-In-The-Middle attacks and many more.
Requirements ?
What are the Modules Available On dSploit ?
Router PWN, Trace, Port Scanner, Inspector, Vulnerability Finder, Login *****er, MITM and Packet Forger.
The router PWN module opens a service that can help you in the exploitation of router vulnerabilities. More clearly, it is a webpage that provides compilation of ready to run local and remote exploits.
How To Use Router PWN :
Tap on the Router PWN module will open up You do not have permission to view the full content of this post. Log in or register now.
Router PWN:
The router PWN module opens a service that can help you in the exploitation of router vulnerabilities. More clearly, it is a webpage that provides compilation of ready to run local and remote exploits.
How To Use Router PWN :
Tap on the Router PWN module will open up You do not have permission to view the full content of this post. Log in or register now..
Then, tap on the target router vendor, it will show you the list of ready to run local and remote exploits.
You can try each and every exploits on the target router ! Have fun....
Trace:
Trace module allows you to perform traceroute on the target. More clearly, it will help you to identify the target IP address and the connection speed.
It is basically used to identify, where the connection is actually slowing down and which intermediate router/device is responsible for that.
How To Use Trace:
First, Tap on the Trace option...
Then, tap on the start button, it will show you target's IP address and response time.
Port Scanner:
It allows you to identify open ports without establishing a connection (SYN scanning also known as half-open scanning).
How To Use Port Scanner:
First, tap on port scanner option and then tap on "start". It will display the open port along with the service.
Inspector:
Inspector option (slower than port scanning) allows you to detect target's operating system and services.
How To Use Inspector:
First, tap on Inspector and then tap on "start" button. It will display target information such as operating system, services and device type.
Vulnerability Finder:
It allows you to search for known vulnerabilities of target's running services.
How To Use Vulnerability Finder:
Tap on "Vulnerability Finder" and then tap on search. Before starting Vulnerability Finder, you should run Inspector to identify target's services.
If there is any known vulnerability for target running services, Vulnerability Finder will display it.
Login *****er:
https://3.bp.phc.onl/#forbidden#/-7iVispySMO0/Vc1VXCx6-SI/AAAAAAAAA34/j2dd9oA3ae4/s320/Login%25252B*****er1.jpg
It allows you to ***** admin passwords. It is a faster logon *****er that supports many services.
How To Use Login *****er:
Tap on Login *****er option.... it will open up a window like this:
https://2.bp.phc.onl/#forbidden#/-zPbUnv0Zgi4/Vc1VqS3ir9I/AAAAAAAAA4A/Y7gaMZCAoFg/s320/Login%25252B*****er2.jpg
As you can see, you can change the service, port number, character set, username and password length. It also provides options for dictionary attack --- "User word list" and "Password word list".
Don't know what is a dictionary attack ? Let me tell you, dictionary attack is an attempt to break in a login system using a file containing guessed username and password list.
So, set the options according to your needs. Then tap on "START" button. It will display the valid username and password.
MITM (Man In The Middle Attack):
This option allows you to intercept and play with the target's network traffic. The MITM category has several useful tools such as Simple Sniff, Password Sniffer, Session Hijacker, Kill Connections, Redirect, Replace Images, Replace Videos, Script Injection and Custom Filter.
Simple Sniff:
It allows you to redirect the target's traffic through your device to get some stats about target's traffic.
How To Use Simple Sniff:
First, tap on "Simple Sniff" tool.... Below window appears: (Dialogue box saying " Do you want to save sniffed traffic to a pcap file").
Tap on "Yes" and then tap the "Start" button. It will start to display the real-time stats.
Password Sniffer:
It helps you to sniff passwords from the target !. It supports many services including http, ftp, imap, irc, msn and so on.
How To Use Password Sniffer:
First tap on "password sniffer" tool.....and then tap on "start".... It will start to display the sniffed passwords from the target.
Session Hijacker:
A quick note: By using session hijacking method, you can s†éál session cøøkíés of victim's web profile and then gain access to victim's web account without the password.
How To Use Session Hijacker:
Tap on Session Hijacker option.... then it will open up a window like this:
Tap on "Start" button... it will display sessions from the target, tap on the target session will display a dialog box saying "Stop sniffing and start session hijacking ?". Then tap on "Yes". It will open up the victim's web profile on your smartphone! (No password or username needed). See the images below:
Kill Connections:
It allows you to block the target from accessing any website or server !
How To Use Kill Connections:
Just tap on "Kill connections" option!
Redirect:
It allows you to redirect the target's http traffic to another address. That is, if the target is trying to visit a website (http) example, pixbay.com, you can redirect him/her to an another website like wikipedia.org!
How To Use Redirect:
Just tap on "Redirect"..... it will open up a box like this:
Type the IP address of a website in the Address field. You can obtain it by using this site. (You can also change the port address)Then tap on "OK".
Replace Images:
This option allows you to replace all images with a specified one.
How To Use Replace Images:
Tap on Replace Images and it will open up a window like this:
Select an option "Local Images" or "Web URL". If you just selected the Local images, it will open up a window like this:
Select Gallery and then select an image. It will replace the images with your image.
If you just selected Web URL option, enter the URL of the image and then tap "OK".
Replace Videos:
This module allows you to replace all the YøùTùbé videos on webpages with the specified one.
How To Use Replace Videos:
Tap on Replace videos.....it will open up a window like this:
Enter the URL of the video in the window and then tap on "OK". It will replace the videos with the video in your URL.
Script Injection:
This allows an attacker to inject a malicious JavaScript in webpages (By intercepting targets traffic, not by häçking the website).
How To Use Script Injection:
Tap on the Script Injection option.....It will display a window like this:
Choose a method, you can choose a JavaScript file or write some code. Tap on the "Custom Code", the below window appears:
Edit the code and then tap on "OK" button.
Custom Filter:
Custom Filter allows you to replace custom text on webpages with the specified one.
How To Use Custom Filter:
Tap on the "Custom Filter" option..... It will display a window like this:
Fill it up ! ( see the image below)
Then tap on "OK", it will replace websites text with specified text.
Now the MITM part is over, let's go back to the "Packet Forger".
Packet Forger:
Packet Forger tool allows you to craft and send a custom TCP or UDP packet to the target.
How To Use Packet Forger:
Tap on "Packet Forger". It will display a window like this:
As you can see in the image, you can change the protocol, port and the packet. A single tap on the "Request" side will open the default text editor. Craft your custom packet and send it to the target. (You can also get the response in the same window!)
What Are The Other Options Available On dSploit ?
There are many additional options available in dSploit, let's take a look at the main menu.
As you can see, there is plus button(+), a refresh button and a WiFi button.
The plus button allows you to add a custom target. You can enter an URL, host name or ip address in the field (see the image below). After entering it, tap on the "OK" button to add the target in the current session.
The refresh button is to refresh the current session.WiFi button allows you to select the target network.
Next, tap on the recent tasks key in the navigation bar, a small list of options appears.
New Session: For starting a new session.
Save session: For saving the current session.
Restore session: For opening a saved session.
Settings: Opens a panel of additional settings. Mainly, you can enable or disable SSL stripping! Yes, dSploit has it.
Start Network Monitor/Stop Network Monitor: For starting or stopping network monitoring process.
So that's all, hope you enjoyed reading the article, if you find this article worthy, share it with your friends and followers.
You do not have permission to view the full content of this post. Log in or register now.
Busybox
You do not have permission to view the full content of this post. Log in or register now.
Requirements ?
- Your android must be rooted and the device must have an ARM CPU.{You do not have permission to view the full content of this post. Log in or register now.}
- Android version 2.3 up (Gingerbread) or higher.
- The device must have BusyBox or SuperUser installed (full installation).
What are the Modules Available On dSploit ?
Router PWN, Trace, Port Scanner, Inspector, Vulnerability Finder, Login *****er, MITM and Packet Forger.
The router PWN module opens a service that can help you in the exploitation of router vulnerabilities. More clearly, it is a webpage that provides compilation of ready to run local and remote exploits.
How To Use Router PWN :
Tap on the Router PWN module will open up You do not have permission to view the full content of this post. Log in or register now.
Router PWN:
The router PWN module opens a service that can help you in the exploitation of router vulnerabilities. More clearly, it is a webpage that provides compilation of ready to run local and remote exploits.
How To Use Router PWN :
Tap on the Router PWN module will open up You do not have permission to view the full content of this post. Log in or register now..
Then, tap on the target router vendor, it will show you the list of ready to run local and remote exploits.
You can try each and every exploits on the target router ! Have fun....
Trace:
Trace module allows you to perform traceroute on the target. More clearly, it will help you to identify the target IP address and the connection speed.
It is basically used to identify, where the connection is actually slowing down and which intermediate router/device is responsible for that.
How To Use Trace:
First, Tap on the Trace option...
Then, tap on the start button, it will show you target's IP address and response time.
Port Scanner:
It allows you to identify open ports without establishing a connection (SYN scanning also known as half-open scanning).
How To Use Port Scanner:
First, tap on port scanner option and then tap on "start". It will display the open port along with the service.
Inspector:
Inspector option (slower than port scanning) allows you to detect target's operating system and services.
How To Use Inspector:
First, tap on Inspector and then tap on "start" button. It will display target information such as operating system, services and device type.
Vulnerability Finder:
It allows you to search for known vulnerabilities of target's running services.
How To Use Vulnerability Finder:
Tap on "Vulnerability Finder" and then tap on search. Before starting Vulnerability Finder, you should run Inspector to identify target's services.
If there is any known vulnerability for target running services, Vulnerability Finder will display it.
Login *****er:
https://3.bp.phc.onl/#forbidden#/-7iVispySMO0/Vc1VXCx6-SI/AAAAAAAAA34/j2dd9oA3ae4/s320/Login%25252B*****er1.jpg
It allows you to ***** admin passwords. It is a faster logon *****er that supports many services.
How To Use Login *****er:
Tap on Login *****er option.... it will open up a window like this:
https://2.bp.phc.onl/#forbidden#/-zPbUnv0Zgi4/Vc1VqS3ir9I/AAAAAAAAA4A/Y7gaMZCAoFg/s320/Login%25252B*****er2.jpg
As you can see, you can change the service, port number, character set, username and password length. It also provides options for dictionary attack --- "User word list" and "Password word list".
Don't know what is a dictionary attack ? Let me tell you, dictionary attack is an attempt to break in a login system using a file containing guessed username and password list.
So, set the options according to your needs. Then tap on "START" button. It will display the valid username and password.
MITM (Man In The Middle Attack):
This option allows you to intercept and play with the target's network traffic. The MITM category has several useful tools such as Simple Sniff, Password Sniffer, Session Hijacker, Kill Connections, Redirect, Replace Images, Replace Videos, Script Injection and Custom Filter.
Simple Sniff:
It allows you to redirect the target's traffic through your device to get some stats about target's traffic.
How To Use Simple Sniff:
First, tap on "Simple Sniff" tool.... Below window appears: (Dialogue box saying " Do you want to save sniffed traffic to a pcap file").
Tap on "Yes" and then tap the "Start" button. It will start to display the real-time stats.
Password Sniffer:
It helps you to sniff passwords from the target !. It supports many services including http, ftp, imap, irc, msn and so on.
How To Use Password Sniffer:
First tap on "password sniffer" tool.....and then tap on "start".... It will start to display the sniffed passwords from the target.
Session Hijacker:
A quick note: By using session hijacking method, you can s†éál session cøøkíés of victim's web profile and then gain access to victim's web account without the password.
How To Use Session Hijacker:
Tap on Session Hijacker option.... then it will open up a window like this:
Tap on "Start" button... it will display sessions from the target, tap on the target session will display a dialog box saying "Stop sniffing and start session hijacking ?". Then tap on "Yes". It will open up the victim's web profile on your smartphone! (No password or username needed). See the images below:
Kill Connections:
It allows you to block the target from accessing any website or server !
How To Use Kill Connections:
Just tap on "Kill connections" option!
Redirect:
It allows you to redirect the target's http traffic to another address. That is, if the target is trying to visit a website (http) example, pixbay.com, you can redirect him/her to an another website like wikipedia.org!
How To Use Redirect:
Just tap on "Redirect"..... it will open up a box like this:
Type the IP address of a website in the Address field. You can obtain it by using this site. (You can also change the port address)Then tap on "OK".
Replace Images:
This option allows you to replace all images with a specified one.
How To Use Replace Images:
Tap on Replace Images and it will open up a window like this:
Select an option "Local Images" or "Web URL". If you just selected the Local images, it will open up a window like this:
Select Gallery and then select an image. It will replace the images with your image.
If you just selected Web URL option, enter the URL of the image and then tap "OK".
Replace Videos:
This module allows you to replace all the YøùTùbé videos on webpages with the specified one.
How To Use Replace Videos:
Tap on Replace videos.....it will open up a window like this:
Enter the URL of the video in the window and then tap on "OK". It will replace the videos with the video in your URL.
Script Injection:
This allows an attacker to inject a malicious JavaScript in webpages (By intercepting targets traffic, not by häçking the website).
How To Use Script Injection:
Tap on the Script Injection option.....It will display a window like this:
Choose a method, you can choose a JavaScript file or write some code. Tap on the "Custom Code", the below window appears:
Edit the code and then tap on "OK" button.
Custom Filter:
Custom Filter allows you to replace custom text on webpages with the specified one.
How To Use Custom Filter:
Tap on the "Custom Filter" option..... It will display a window like this:
Fill it up ! ( see the image below)
Then tap on "OK", it will replace websites text with specified text.
Now the MITM part is over, let's go back to the "Packet Forger".
Packet Forger:
Packet Forger tool allows you to craft and send a custom TCP or UDP packet to the target.
How To Use Packet Forger:
Tap on "Packet Forger". It will display a window like this:
As you can see in the image, you can change the protocol, port and the packet. A single tap on the "Request" side will open the default text editor. Craft your custom packet and send it to the target. (You can also get the response in the same window!)
What Are The Other Options Available On dSploit ?
There are many additional options available in dSploit, let's take a look at the main menu.
As you can see, there is plus button(+), a refresh button and a WiFi button.
The plus button allows you to add a custom target. You can enter an URL, host name or ip address in the field (see the image below). After entering it, tap on the "OK" button to add the target in the current session.
The refresh button is to refresh the current session.WiFi button allows you to select the target network.
Next, tap on the recent tasks key in the navigation bar, a small list of options appears.
New Session: For starting a new session.
Save session: For saving the current session.
Restore session: For opening a saved session.
Settings: Opens a panel of additional settings. Mainly, you can enable or disable SSL stripping! Yes, dSploit has it.
Start Network Monitor/Stop Network Monitor: For starting or stopping network monitoring process.
So that's all, hope you enjoyed reading the article, if you find this article worthy, share it with your friends and followers.
You do not have permission to view the full content of this post. Log in or register now.
Busybox
You do not have permission to view the full content of this post. Log in or register now.
Last edited:
