Archive Pages Design$type=blogging$count=7



Ahad, 16 Mac 2014

Reaver for Android v1.10

Reaver for Android, short RfA, is a simple-to-use Reaver-GUI for Android devices with bcmon support.
It has some very cool features:

  • Detects automatically WPS-enabled routers.
  • All Reaver-Settings are accessible from an a simple-to-use GUI.
  • Activates and deactivates Monitor-Mode automatically when needed.
  • Provides a simple way to connect when Reaver finds the WPA-Key.

Project status: BETA
What does this mean?
Well, RfA works, but is only tested on very few devices.
Also there are some features which are not yet implemented.
If RfA gets enought attention, developement will continue very soon.​

  1. Download/install bcmon.apk from HERE and RfA.apk from the bottom of this post.
  2. Run bcmon, if it crashes try a second time.
  3. If all runs fine, start RfA.
  4. After selecting an WPS-enabled router, click on "Test Monitor-Mode".
  5. Now you can use RfA:), don't uninstall bcmon.
Steps 1 - 4 are only for the installation, they don't have to be repeated once done.

What is this awesome app actually usefull for?
Well, RfA is able to unveil the actual WPA(2)-Key of many routers within 2 - 10 hours.

WHAT?! I though WPA(2) is safe?
It used to be, but then many router models got WiFi Protected Setup, short WPS, implemeted, which is pretty vulnerable. (Details)
Basically it's a Brute-Force attack with Reaver against a 8 digit pin with 10^4 + 10^3 possibilities.

What is Reaver?
Reaver-WPS is a pentesting tool developed by Tactical Network Solutions.
It attacks WPS-enabled routers and after the WPS-Pin is cracked, it retrieves the actual WPA-Key.
Reaver provides only a terminal interface, which is ok for Notebooks etc., however it's a pain on Android devices.
Because of this I developed RfA.

Doesn't Reaver requires Monitor-Mode and so can't work on Android?
Yes, Reaver needs Monitor-Mode, but thanks to bcmon some Android devices are now Monitor-Mode capable.​

Developed and tested on: Nexus 7 2012 (Stock 4.3)
RfA *should* work on all devices with bcmon support (Broadcom bcm4329/bcm4330 chipsets)
Simply try by installing bcmon. Don't worry, if something goes wrong a simple reboot should fix everything.

Tested & works on:
Nexus 7 2012 (Stock 4.3, Cyanogen 9)
Huawei Honour (Cyanogen Mod based ROM)​

Credits & used tools:
Monitor-Mode over bcmon.apk:
Omri Ildis, Ruby Feinstein & Yuval Ofir

Tactical Network Solutions
See :

Download : Reaver for Android

WhatsApp Sniffer 1.03

WhatsAppSniffer is a tool for root terminals to read WhatsApp conversations of a WIFI network

(Open, WEP, WPA/WPA2). It captures the conversations, pictures / videos and coordinates that are

sent or received by an Android phone, iPhone or Nokia on the same WIFI network. It has not been

tested with Windows Phone terminals. It can't read the messages written or received by the

BlackBerry's,as they use their own servers and not WhatsApp's.

This application is designed to demonstrate that the security of WhatsApp's communications is null.

WhatsAppSniffer just use the TCPDump program which reads all the WIFI network packets and

filters those which has origin or destination WhatsApp's servers. All messages are in plain text, so it

does not decrypt anything, complying fully with the legal terms of WhatsApp (3.C: "While we do not

disallow the use of sniffers Such as Ethereal, tcpdump or HttpWatch in general, Any we do going

efforts to disallow reverse-engineer our system, our protocols, or explore outside the boundaries of the

ordinary requests made by clients WhatsApp .... ")

For WPA/WPA2 encrypted networks, if uses the tool ARPSpoof (optional).



- For now, there is only support for this characters:


- Read conversations outgoing and incoming to Android, iPhone and Nokia phones.

- They are separated by phone number

- Notify when a message has been captured

- Ability to start a debug session saving all logs

- It matches phone numbers captured with agenda for coincidences

*Try at own RISK.

Download : WhatsApp Sniffe