Monday, 14 September 2015

Zanti : Network Auditor for Android

Want to find vulnerabilities in your network using your android phone? Then Zanti Network auditor for android is the right choice for you!

Zanti is a free app by a company named zimperium. The app is aimed at Security buffs who want to boost the security of their networks by performing scans for open ports etc. It provides features such as changing the mac address of your device, performing man in the middle attack using your device etc. Here, we present an example of how to use it to fiddle around with your network, perform a man in the middle attack on a device in your network and change all the images that load on it to an image of your choice!

Zanti : Network Auditor for Android



WARNING: This tutorial is for educational purposes only. The motive of such tutorials is to spread awareness about security, not to teach unethical practices!!!

=>You must have administrative previlages (root access) to your phone to do this. There are many ways to do it, but one way that worked for me was by downloading the Framaroot application, selecting the Boromir exploit and just restarting the phone! Now I had an app named SuperSU on my phone :). You can download Framaroot from here: http://www.apkhere.com/app/com.alephzain.framaroot

Your phone may show warnings, stating that Framaroot should be removed as it is trying to bypass the existing permissions. Just let it be. Don't remove it.

NOTE: ROOTING YOUR PHONE VOIDS IT'S WARRANTY! IF YOU DO SOMETHING SILLY, YOU MAY LOSE ALL YOUR DATA AND YOU MAY POSSSIBLY "BRICK" YOUR PHONE, SO BEWARE!

=>Go to https://www.zimperium.com/zanti-mobile-penetration-testing, enter your email id to get the download link for zanti. Download and install it.

Screenshot_2015-09-12-22-45-24

=>Open zanti. A dialog box opens up, asking for superuser permissions for zanti. Select Grant. Enter your email, select I accept Zimperium's EULA, then select Start Now.

Screenshot_2015-09-12-22-46-02

=>Select skip on the top right corner, select the "I am fully authorized" check box, then touch the finish button and you are good to go!

Screenshot_2015-09-12-22-48-24

=>It will automatically find the devices in your network. select the target device from the list of devices that shows up.



=>Scroll down and select "Man in the middle" option. Turn on the "replace images" option and select an image from your device. This image will replace EVERY image that is loaded via internet on the target device.

Screenshot_2015-09-12-22-52-38

Screenshot_2015-09-12-23-00-38

=>Turn on MITM from upper right corner and you are done!

=>I visited http://www.website.com and this is what it looked like. Pretty fun, isn't it. :-P ;-)

zanti network auditor for android

 

You can do a lot of stuff with zanti, and this was just one of the cool features of this app. If you know more such tricks, just mail us and we will post them! Or comment below for further queries.

No comments:

Post a Comment