Android-Responder: running Responder.py in an Android (rooted) device - Penetration Testing in Linux

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

Prerequisites
Rooted android phone
Installed NetHunter or qPython

Usage
 
git clone git@github.com:nvssks/Android-Responder.git
 
cd Android-Responder
 
git submodule update –init –recursive

Copy everything in Android – Responder needs to be in the same $DIR as the scripts
Android with qPython:
~$ su -c sh $DIR/startTether.sh
~$ su -c sh $DIR/stopTether.sh
Kali NetHunter:
~$ su -c bootkali
root@kali:/# bash $DIR/startTether.sh
root@kali:/# bash $DIR/stopTether.sh
Note: Due to some limitations on older Android environments, startTether.sh needs to be stoped with Ctrl+C before running stopTether.sh

 

The script’s execution steps. These enable tethering by setting up the network and running Responder.

 

The captured hash (in yellow) and other poisoned responses.
Video shows a Windows 10 lock screen (fresh install) connected to an Android device running Responder.py. Host laptop is not connected to any other network (wifi or ethernet)

Comments

Post a Comment

Popular posts from this blog

onioff: Inspecting Deep Web Links

Image
onioff: Inspecting Deep Web Links   ONIOFF – Onion URL Inspector A simple tool – written in pure python – for inspecting Deep Web URLs (or onions). It takes specified onion links and returns their current status along with the site’s title. Compatible with Python 2.6 & 2.7. Author: Nikolaos Kamarinakis ( nikolaskama.me ) Installation You can download ONIOFF by cloning the Git Repo and simply installing its requirements: $ git clone https://github.com/k4m4/onioff.git $ cd onioff $ pip install -r requirements.txt Usage Usage: python onioff.py {onion} [options] To view all available options run: $ python onioff.py -h NOTE : In order for ONIOFF to work, Tor must be correctly configured and running. Source: https://github.com/k4m4/onioff
Read more

Fern Wifi Cracker: wireless security audit tools

Image
Fern Wifi Cracker: wireless security audit tools Fern Wifi Cracker is a Wireless security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library , the program is able to crack and recover WEP/WPA/WPS keys and also run other network based attacks on wireless or ethernet based networks   Prerequisites The Program requires the following to run properly: The following dependencies can be installed using the Debian package installer command on Debian based systems using “apt-get install program” or otherwise downloaded and installed manually 1. Aircrack-NG 2. Python-Scapy 3. Python Qt4 4. Python 5. Subversion 6. Xterm 7. Reaver (for WPS Attacks) 8. Macchanger Features Fern Wifi Cracker currently supports the following features: 1. WEP Cracking with Fragmentation,Chop-Chop, Caffe-Latte, Hirte, ARP Request Replay or WPS attack 2. WPA/WPA2 Cracking with Dictionary or WPS based attacks 3. Automatic sav...
Read more

Ad