FORUMS
Remove All Ads from XDA

[APP][ROOT] cSploit - Android Network Toolkit (Mobile PenTesting)

1,120 posts
Thanks Meter: 248
 
Post Reply Email Thread
hack

cSploit Is The most complete and advanced IT security professional toolkit on Android. This App was actually called dSploit but some reason they had close the project to know read Csploit story The Android OS contingency have a BusyBox full designation with each focus commissioned (not a prejudiced installation). If we do not have busybox already, we can get it here or here (note cSploit does not validate any busybox installer, these are usually dual we found).



Features
  • Map your internal network
  • Fingerprint hosts’ handling systems and open ports
  • Add your possess hosts outward a internal network
  • Integrated traceroute
  • Integrated Metasploit horizon RPCd
  • Search hosts for famous vulnerabilities around integrated Metasploit daemon
  • Adjust feat settings, launch, and emanate bombard consoles on exploited systems
  • More coming
  • Forge TCP/UDP packets
  • Perform male in a center attacks (MITM) including:
  • Image, text, and video replacement– reinstate your possess calm on unencrypted web pages
  • JavaScript injection– supplement your possess javascript to unencrypted web pages.
  • password sniffing ( with common protocols ratiocination )
  • Capture pcap network trade files
  • Real time trade strategy to reinstate images/text/inject into web pages
  • DNS spoofing to route trade to opposite domain
  • Break existent connections
  • Redirect trade to another address
  • Session Hijacking– listen for unencrypted cookies and counterpart them to take Web session
  • For More Details Please Visit www.csploit.org


After being initially created by evilsocket, I ( tux-mind ) started working on dSploit in summer 2012, i forked it and added the following features:
  • Vulnerability finder
  • Exploit finder
  • MetaSploitFramework integration ( draft )

Story

After some weeks the project owner ( evilsocket ) asked me to merge it to the upstream branch. Initially there were about 2 main developers (me and evilsocket) and an UI developer ( androguide ). After a few months evilsocket got overloaded by work and stop working on it.

But I kept working on dSploit, always trying to improve it. Many functions were slow and error-prone, I changed the way them work, added new features and corrected many bugs.

Finally, in summer 2014 I suggested a new way to make dSploit work, the new core. basically I wish to move all the slow and inefficent code out of Java. Evilsocket agreed with my suggestion and told me to start working on it. Evilsocket is very busy with work because he started working for zImpremium.

On autumn 2014 evilsocket received the order to merge dSploit into zANTI2. this decision killed the project. I asked if I could bring it on, but evilsocket told that the domain dsploit.net belongs to him and dsploit will officially merge into zANTI2. so I forked the project and finished my work on the new core.

NOTE: Evilsocket told, that in a far future zANTI2 will be open source, but I don’t want to wait for this, I want to finish all original dSploit TODOs.

This was when cSploit was born.


cSploit target

My final goal is to write an application that is able to:

- enumerate local hostsdone
- find vulnerabilitiesdone
- find exploits for these vulnerabilitiesdone
- use those exploits to gain access to the targetdone
- crack wifi passwords
- install backdoors for later access


Portability

Thanks to the new core, cSploit will be easily portable.

Basically it can run on any UNIX-based system, but for now only Android is supported. When I reach a beta-state version I will consider working on iOS, OSX, GTK+ and QT.


Support us

Please donate to cSploit to support our efforts and resources. Thank you!

Also, if you want to contribute fork the repo you want to contribute to and create a pull request when you're done. If you actively contribute to the project I will ask you to join the team.



Current project status

We are in a delicate first phase of this project and we are not stable, yet. Currently we are moving many parts of the code into a new core. Even if you see a release marked as release, this does not mean that it has no bugs. My apologies for that, I’m doing my best to achieve a stable app :v:.
Possible error

A short error message isn’t often self-explanatory. Sometimes it too difficult to explain an issue with a short message and here you can find a few common examples that explain some errors:

cannot start process: this message is printed when the core of cSploit cannot start the required process.
cmd returned #number: this message is printed when cmd has exited with an error code number
cmd killed by signal number: this message is printed when cmd has been killed by signal number

The errors above are bugs that are specific for your device. Hence, please report them if no one already did.
Reporting bugs

I’m human, thus I can fail. This is why we need a good issue tracker like the one provided by github. I’m working on an automated way of reporting bugs directly from the app just by clicking on a button. Until then you have to manually collect your logcat and share it on the github issues page.
FAQ
Is cSploit the same as dSploit ?

The basic code is the same but I’m continuing the development since dSploit has been officially merged into zANTI2.
When will feature XYZ implemented or bug ABC fixed?

Like on every other open source project - don’t ask for ETA :grin:
How can I contribute to cSploit ?

There are many ways to contribute: by donating, by improving the source code or by correcting my English on this website.



cSploit Release APK

cSploit releases are hosted on github.

- release are stables versions.
- pre-release are almost stable versions.

To download the application, click on the green button below and download the latest "cSploit-release.apk" file.

Download


cSploit Nightly APK

Thanks to xaitax - nightly builds are available:

Download


The Following 24 Users Say Thank You to anastasiszn For This Useful Post: [ View ] Gift anastasiszn Ad-Free
14th June 2016, 12:49 AM |#2  
Senior Member
Flag Williams, Oregon
Thanks Meter: 14
 
Donate to Me
More
You are tux-mind?
14th June 2016, 01:41 PM |#3  
anastasiszn's Avatar
OP Senior Member
Flag Thessaloniki
Thanks Meter: 248
 
More
Quote:
Originally Posted by pcwizzy37

You are tux-mind?

No my friend.

Στάλθηκε από το GT-I9105P μου χρησιμοποιώντας Kali NetHunter
14th June 2016, 03:30 PM |#4  
antukubo's Avatar
Senior Member
Flag Johor Bahru
Thanks Meter: 73
 
More
Glad this project is not dead. Keep your good work.
14th June 2016, 06:31 PM |#5  
Senior Member
Flag Williams, Oregon
Thanks Meter: 14
 
Donate to Me
More
Quote:
Originally Posted by anastasiszn

No my friend.

Στάλθηκε από το GT-I9105P μου χρησιμοποιώντας Kali NetHunter

Does tux-mind have an xda account? If he does, what is it?
14th June 2016, 06:32 PM |#6  
anastasiszn's Avatar
OP Senior Member
Flag Thessaloniki
Thanks Meter: 248
 
More
Quote:
Originally Posted by pcwizzy37

Does tux-mind have an xda account? If he does, what is it?

No,only Twitter.

Στάλθηκε από το GT-I9105P μου χρησιμοποιώντας Kali NetHunter
22nd June 2016, 11:23 AM |#7  
anastasiszn's Avatar
OP Senior Member
Flag Thessaloniki
Thanks Meter: 248
 
More
New release is out!

changelog : fixed ExploitFinder not finding exploits.
The Following 2 Users Say Thank You to anastasiszn For This Useful Post: [ View ] Gift anastasiszn Ad-Free
22nd June 2016, 03:37 PM |#8  
Member
Thanks Meter: 11
 
More
dsploit was the best tool then i tried zanti2 and was a piece of s.....
i looking forward to use this tool
good job
25th June 2016, 02:18 PM |#9  
anastasiszn's Avatar
OP Senior Member
Flag Thessaloniki
Thanks Meter: 248
 
More
Quote:
Originally Posted by chaddr18

dsploit was the best tool then i tried zanti2 and was a piece of s.....
i looking forward to use this tool
good job

dsploit retired. Use this application for network choices.

Στάλθηκε από το GT-I9105P μου χρησιμοποιώντας Kali NetHunter
The Following User Says Thank You to anastasiszn For This Useful Post: [ View ] Gift anastasiszn Ad-Free
5th November 2016, 05:25 PM |#10  
FurySh0ck's Avatar
Member
Thanks Meter: 4
 
More
Hello friends!
First of all I have to say I appriciate your work @anastasiszn .
I've read the story about the application and I think that what you're doing is awesome. I hope you will manage to add all the features you want to the app.
I have 2 questions:

-What is the difference between the nightly version and the regular release? I am currently testing the release version and it seems to work fine (I will get to it in a moment). I would like to know what is nightly version and what are the differences between the apps.

-I tried using cSploit for testing. The problem is with MITM attacks. If I try to attack a computer \ net, the internet browser seems to notice. Google chrome and FireFox prevent me from using the internet claiming "Your connection is not secured \ private". It is important to say that connection kill for single devices works with no problems. It is also important to say that zANTI2's MITM attacks work. Chrome and Fox doesn't seem to notice zANTI2.
Any Ideas on how I can bypass this "ban" the browsers give me?

Thanks a lot for people who answer!
6th November 2016, 01:35 AM |#11  
dornz's Avatar
Senior Member
Thanks Meter: 91
 
More
Sweet 🎃

Sent from my LG-D855 using XDA-Developers mobile app
Post Reply Subscribe to Thread

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes