Zanti 2: How to Hack PC, mobiles, mac. Network penetration testing toolkit and application for Android.
Zanti 2 is a android application which is made up for network penetration testing.
Zanti version 2
Features of Zanti
What Zanti 2 can do?
Scan the whole network
show alive host in the network
scan port through Nmap for port Scanning
Scan Service on each port and find vulnerability.
Perform Brute force attack
Perform Shellshock etc vulnerability
MITM: Man In The Middle Attack
Session Hijacking
SSL Striping
Sniffing packets
Replace image
Redirect URL and IP
Intercept and modified live download.
For Demonstration :
Before install Zanti your Phone must be rooted.. In case your phone is not rooted search in the site you will find how to root android its very easy.
I used Zanti in my android device and Scan the network.I choose the Mac OSx Machine which was my laptop.
After that start The MITM on and SSL strip to grab some packets and try to grab the password of that machine.in the end i successfully travel the victim into http over https and grab the login credentials.
For demo kindly check the images which i posted in this post.
Step 1: Scan the whole wifi network.
After that Scan i get to know all the mobile and system connected to wifi network, its also scan the all ports as you can see in the above image.
I choose the 192.168.0.100 (Mac OSX)
Step 2: After Opening the desirable victim i can see the open port and some other details as shown in below image
As you can see in the above image Zanti2.apk successfully scan the all host in the network and after choosing the victim you want to hack or perform some testing you will see the same image in about section.
In the Attack section:
1. Password Complexity audit: Its check and brute force the password ex: default password on the victim.
2. MITM: It Intercept the network packets via MITM attacks.
3. ShellShock : its check the vulnerability exist on the victim or not.
4. SSL Poodle : its check the target is it vulnerable for SSL Poodle attack or not.Its also shows the Nmap Scan Result ( Check the below image)
In My demo i used MITM Attack on the Target.
Step 3: After Selecting MITM attack you will see many things you can do on target machine ex: check the image below
As you can see all the attack you can do on target by using MITM, In my case i switch"ON" the MITM which is on the Right-Top.
In next step i turned "ON" the SSL Strip. (Check the image below)
As you can see hotmail is strip into http and its ready to grab the password as soon as victim enter the login details.
How i hack hotmail email and facebook using Zanti2.apk on my android mobile, check on
Step 5: After SSL Striping attack and MITM attack working successfully, Victim enter the login details and get the password and username (check the image below)
in the image https:login.live.com is in Yellow color and have 2 request and 1 Password.
Its Also Grab the Session which is known as Session Hijacking as shown in above image.
In next step i turned "ON" the SSL Strip. (Check the image below)
As you can see i turned "ON" both things together by using Zanti2.apk in the MITM attack from my android device to hack the other phone or PC.
Step 4: After that I sniff the packets ( Check the image below) and SSL Striping working perfectly and strip hotmail in HTTP .
As you can see hotmail is strip into http and its ready to grab the password as soon as victim enter the login details.
How i hack hotmail email and facebook using Zanti2.apk on my android mobile, check on
Step 5: After SSL Striping attack and MITM attack working successfully, Victim enter the login details and get the password and username (check the image below)
in the image https:login.live.com is in Yellow color and have 2 request and 1 Password.
Its Also Grab the Session which is known as Session Hijacking as shown in above image.
In the above image we can see the entered username and password.
In the end we successfully hacked the Mac Osx victim.
Note :- if victim use same wifi lan than attackers can hack it if not than not possible ....thank u hope u like to read this article....
No comments:
Post a Comment