Phishing Using Only a Android Phone

Recently evilsocket released a Android app called dSploit, it’s basically a stripped down version of Metasploit for Android. You can preform Man in The Middle attacks and also scan for vulnerable operating systems. But one of the MITM attacks that I think could be the best, is the ability to redirect all traffic on a network to a web page. For example you could go to a coffee shop having before hand written up a legitimate looking sign in page for the target shop or public wifi network.
You join just like any other patron open up dSploit and redirct all traffic to a fake login page being served off you phone. Rather than just having guest sign in you could also have them register to pay to get access to the wifi, they are unsuspectingly handing you their credit card numbers or logins to any site you chose. All you need is a Android cell phone or tablet and a few minutes to set the server up.

  • I will be using kWS for serving my fake login pages. You can download it form the Android store.
  • You will need to download dSploit for the developers web page I posted earlier about installing and using dSploit.

First you need to decide where you HTML page will be stored. Mine is going in /mnt/sdcard/publichtml you can put yours anywhere.

Once you decide what directory to put your HTML in click on Port and enter a port number I decided to go with 8888. Because it is not normally blacklisted on any public networks.

After you finish setting up the directories and port go ahead and place what ever HTML you want into the selected /publichtml folder. Once you do that open up kWS and click on run server.

Hopefully you get a return from the server that looks exactly like this one. Take note of you local IP address. If you don’t there’s something wrong with your setup. Go back and make sure that the server is looking for the html in the right place. If that doesn’t change anything try again with a different port. Once you get it running correctly, all you need to do is open up dSploit and it will scan the network you are attached to. Select 192.168.1.0/24 then select MITM and finally Redirect. Fill out the menu with your phones local IP address that you found when you started the web server and what ever port the server is using.

Finally click Ok and it will begin redirecting all HTTP traffic to your fake web page. The few times I’ve used this I simply redirected people to a fake Facebook login where I saved the email and password to a text file. But this could be used for a much more malicious purpose. If you have any problems or suggestions tell me in the comments and I’ll try to work them out for you.

About these ads

2 thoughts on “Phishing Using Only a Android Phone

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s