5,593,248 Members 32,879 Now Online
XDA Developers Android and Mobile Development Forum

[APP]DroidSheep : ARP-Spoofing App for Android

Tip us?
 
virus786
Old
(Last edited by virus786; 16th June 2012 at 09:06 PM.)
#1  
virus786's Avatar
Senior Member - OP
Thanks Meter 139
Posts: 165
Join Date: Feb 2012
Location: Cape Town
Default [APP]DroidSheep : ARP-Spoofing App for Android

DroidSheep is an Android app for Security analysis in wireless networks and capturing facebook, twitter, linkedin and other accounts.

DroidSheep requires ROOT!
Please note:
DroidSheep was developed as a tool for testing the security of your accounts.
This software is neither made for using it in public networks, nor for hijacking any other persons account.
It should only demonstrate the poor security properties network connections without encryption have.
So do not get DroidSheep to harm anybody or use it in order to gain unauthorized access to any account you do not own! Use this software only for analyzing your own security!

How does this work?
As already announced DroidsSheep supports almost every website – also “big” webservices like facebook and Yahoo.
How does that work this simple?
There are many users that do not known that air is the transmission medium when using WiFi.
Therefore information is not only transfered to its receiver but also to any other party in the network within the range of the radio waves.



Usually nothing special happens because the WiFi users discard packets that are not destined to themselves.
DroidSheep does not do this. It reads all the packets looking at their contents.
Is a website sending a clear recognition feature within a message’s content, which can identify a user (“SessionID”), then DroidSheep is able to read it although it is not intended to external users.
Moreover DroidSheep can use this token to use it as its own.
The server can’t decide whether the authorized user or DroidSheep has sent the request.



How can I protect myself?
The only satisfying answer is: SSL respectively HTTPS.
Many providers already offer HTTPS, even facebook, however it must often be enabled in the settings first.
When using HTTPS the data are still sent to alle participants in the WiFi-network, too, but because the data has been encrypted it is impossible for DroidSheep to decrypt the contect of a message - remaining only a complete mess of letters, with which an attacker can’t do anything.
The real problem is that not every website provides SSL. What to do when you are in a public network (hotel, airport, etc.), you also want to use this and the site does not offer HTTPS though?
You can use a VPN-connection
For this the computer sets up an encrypted channel to a confidential computer which again transfers the data to the website.
Please note this is NOT my work I am simply sharing this and giving a direct link to the APK (it was removed from droidsheep.de because of German rules).


Source: http://droidsheep.de

Build 14: http://www.iuptech.com/public/SD/dow...ep-current.apk <-- Thanks mbirth for build 14 link.

Build 15: Attached to this post - compiled by mbirth <-- Thanks

All credit goes to Andreas Koch for this amazing app! - Thanks a million!
Attached Files
File Type: apk de.trier.infsec.koch.droidsheep-15.apk - [Click for QR Code] (302.4 KB, 126065 views)
DEVICE: Samsung Galaxy S2 I9100 International
COLOUR: White + Black Battery cover (Looks and feels awesome)
BATTERY: Extended 2000mAh
ROM: Alliance Rom 7.2 LSD
KERNEL: Jeboo
MODEM: LS8
LAUNCHER: TouchWizz
MUSIC PLAYER: PowerAmp
PICTURE VIEWER: QuickPic
VIDEO PLAYER: MX Video Player
BROWSERS: Stock Samsung JB / Opera Mini / Pop Up Browser
The Following 89 Users Say Thank You to virus786 For This Useful Post: [ Click to Expand ]
 
hanschke
Old
#2  
Senior Member
Thanks Meter 79
Posts: 746
Join Date: Mar 2007
build 13 is the latest? not 15
 
virus786
Old
#3  
virus786's Avatar
Senior Member - OP
Thanks Meter 139
Posts: 165
Join Date: Feb 2012
Location: Cape Town
If there is a newer version, please post a link of the apk here and I will add it to the OP.
DEVICE: Samsung Galaxy S2 I9100 International
COLOUR: White + Black Battery cover (Looks and feels awesome)
BATTERY: Extended 2000mAh
ROM: Alliance Rom 7.2 LSD
KERNEL: Jeboo
MODEM: LS8
LAUNCHER: TouchWizz
MUSIC PLAYER: PowerAmp
PICTURE VIEWER: QuickPic
VIDEO PLAYER: MX Video Player
BROWSERS: Stock Samsung JB / Opera Mini / Pop Up Browser
The Following User Says Thank You to virus786 For This Useful Post: [ Click to Expand ]
 
mbirth
Old
#4  
mbirth's Avatar
Senior Member
Thanks Meter 83
Posts: 194
Join Date: Nov 2006
Location: Berlin
There's build 14: http://www.iuptech.com/public/SD/dow...ep-current.apk

Build 15 is nowhere to be found for now…
Google Nexus 5: Android 4.4.2, KOT49H [ART]
Google Nexus 10: Android 4.4.2, KOT49H [Dalvik]
SE Xperia X10 mini: Android 4.1.2, MiniCM10-4.1.0-20130518-NIGHTLY (JZO54K)

Accessories: Novero Tour, Sony SmartWatch 2 SW2
The Following 4 Users Say Thank You to mbirth For This Useful Post: [ Click to Expand ]
 
virus786
Old
#5  
virus786's Avatar
Senior Member - OP
Thanks Meter 139
Posts: 165
Join Date: Feb 2012
Location: Cape Town
OP updated with build 14
DEVICE: Samsung Galaxy S2 I9100 International
COLOUR: White + Black Battery cover (Looks and feels awesome)
BATTERY: Extended 2000mAh
ROM: Alliance Rom 7.2 LSD
KERNEL: Jeboo
MODEM: LS8
LAUNCHER: TouchWizz
MUSIC PLAYER: PowerAmp
PICTURE VIEWER: QuickPic
VIDEO PLAYER: MX Video Player
BROWSERS: Stock Samsung JB / Opera Mini / Pop Up Browser
The Following 3 Users Say Thank You to virus786 For This Useful Post: [ Click to Expand ]
 
NS4G.John
Old
#6  
Senior Member
Thanks Meter 20
Posts: 122
Join Date: Feb 2012
Location: San Francisco, Ca
Im having no luck with this app on my nexus s 4g. Which is a shame. I can post debugging info if somebody could help me out.
Word to the wise, DON'T type "fastboot oem lock" to see if it will work
 
mbirth
Old
#7  
mbirth's Avatar
Senior Member
Thanks Meter 83
Posts: 194
Join Date: Nov 2006
Location: Berlin
The v15 is in the official SVN: https://code.google.com/p/droidsheep...idManifest.xml

And since there's no official APK, you have to compile it yourself. Thus the different signature.

Attached is v15 compiled by myself.
Attached Files
File Type: apk de.trier.infsec.koch.droidsheep-15.apk - [Click for QR Code] (302.4 KB, 10490 views)
Google Nexus 5: Android 4.4.2, KOT49H [ART]
Google Nexus 10: Android 4.4.2, KOT49H [Dalvik]
SE Xperia X10 mini: Android 4.1.2, MiniCM10-4.1.0-20130518-NIGHTLY (JZO54K)

Accessories: Novero Tour, Sony SmartWatch 2 SW2
The Following 12 Users Say Thank You to mbirth For This Useful Post: [ Click to Expand ]
 
mobile-freak
Old
#8  
Senior Member
Thanks Meter 14
Posts: 118
Join Date: Oct 2010
Does it work on ICS?

I want to be sure if it works befor im rooting my Note
 
ccab
Old
#9  
Senior Member
Thanks Meter 253
Posts: 1,138
Join Date: May 2011
Yes
 
innocence07
Old
#10  
innocence07's Avatar
Senior Member
Thanks Meter 77
Posts: 354
Join Date: Feb 2012
Location: Lower Caloocan
not working xperia neo cant search for anything i leave it for about 10min still nothing i also done what youtube tells me to do still nothing im using my home router with password....

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes