Wi-Fi Pentestation using cSploit on Android

On computers, there are many tools and operating systems you can install to test Wi-Fi networks. Similarly there are tools such as cSploit, which can be run on Android phones with root access. The app developer’s website is http://www.csploit.org/.

When you first install the app, it will try to scan for all the devices on the network and show the number of open ports they have.

screenshot_20170128-224545

After you click on your target device that you want to run attacks on, you will see the many options you have. These include being able to scan the device or router to find out the operating system, any open ports, vulnerabilities, traceroute, login cracking, and sessions.

Screenshot_20170128-232108.png

Within the MITM menu (Man in the Middle Attack), you can do many other things, such as killing the target’s connections, password sniffing, hijacking sessions, redirect traffic, insert custom javascript, and replace images/videos.

screenshot_20170128-224904

From the targets perspective, changes will be seen immediately.

Here is the Custom Javascript injection attack in action on a website. The popup was custom code that was written on the phone.

capture

This is the replace images attack, and the red geometric image was uploaded directly from the Android phone.

Capture2.PNG

These are the device information inspector and login crackers. Both are very powerful and have various features.

As you can see, phones are getting more and more powerful everyday, and many tasks that required a computer can now be done using your phone. In the future, even more features will be added to allow for complex things such as Wi-Fi password cracking.

 

What is a VPN?

“A Virtual Private Network (VPN) is a network technology that creates a secure network connection over a public network such as the Internet or a private network owned by a service provider.” Many companies, schools, and the government uses it so they can connect securely to remote private networks. By using VPNs, multiple remote sites can easily be networked into one and be accessed from anywhere. To gain access to these networks, the user inputs credentials to login. Often there is also a PIN token that changes based on a set frequency and it must be entered as well.

There are various VPN protocols that can be used to transfer data securely. The main 4 are IPSec, SSL/TLS, PPTP, and L2TP.

ic195069

IPSec stands for IP security and works by either encrypting individual pieces of data in packets or “tunneling” which encrypts the whole packet. IPSec is often referred to as a “security overlay” because it can be used as a layer for other protocols.

SSL/TLS stands for Secure Sockets Layer and Transport Layer Security. Both of them use a form of cryptography and “handshakes” for authentication. This process involves certificates, which are keys that are stored on the client as well as the server.

PPTP stands for Point-To-Point Tunneling Protocol and can be used in order to connect a remote client to a private server over the Internet. This is often one of the most used protocols due to its integration with the Windows OS and easy configuration.

L2TP stands for Layer 2 Tunneling Protocol and can be used to tunnel traffic between two sites on the internet. This protocol is usually used in conjunction with IPSec for a secure layer. Unlike PPTP however, a shared key or certificates must be used.

Until now, I have only mentioned the use of VPNs by various institutions. While it may seem complicated for the average user, it can be very beneficial to them. There are many free and paid VPN services that work with the press of a button to encrypt all your data and shield you from hackers. These services are often very useful on open WiFi networks, such as at your hotel or coffee shop.

Some services include Tunnelbear, Hotspot Shield, ZPN Connect, and the Tor Network. These can be used to secure your traffic or access content designed to be viewed in another region. An example would be using a VPN to connect to the USA from China in order to watch a movie on Netflix.

captureAs you can see, there is no excuse for not using a VPN due to how widely available they are to all users. Without a VPN, your traffic can be easily looked at in public places, which is a huge privacy risk. By using a Virtual Private Network, you can easily connect securely, no matter what conditions the network poses.

Evaluating your Network and Internet Behaviour

In order to properly evaluate someones home network, online habits, and device security, you need to follow a checklist or steps to rate it properly. The checklist below is basic and can be expanded on to fit your needs as one who evaluates or just a consumer who wants to protect themselves better.
Personal Credential security

  • Do they use a password manager?
  • Are the passwords long enough?
  • Do you use different passwords ?
  • Do they have all the security updates for their computers?
  • Do they store their passwords in easy to find places?
  • Do they store sensitive data in plaintext?

Network and Computer Security

  • Are there any unnecessary open ports?
  • What kind of router you are using, does it have default admin password ?
  • Do they have an antivirus software?
  • Do they use an ad blocker on their browser?
  • Do they use a DNS filtering service?
  • Do they have adware on their computer
  • Do they backups computers and devices often?

Wifi Security

  • What security do they have for their WiFi?
  • Is the WiFi password long enough?
  • Does it have a good combo of letters and numbers
  • WPA ? WPA2 ? WEP? Hidden network?
  • Is there WPS setting locked or unlocked
  • Try to hack into their network
  • Do scanning for available networks and demo how it is easy to get on.
  • Do they have a guest SSID?

Internet Browsing Behavior

  • Do they use public WiFi for sensitive data transfer?
  • How to use VPN services to connect securely from public WiFi.
  • Do they know about attacks such as phishing?
  • Do they use HTTPS for all websites?
  • Are their browsers up to date?
  • Does it have latest patches ?
  • Do you have 2 factor authentication ?

By using this checklist, you can fix whatever is wrong and stay protected from hacks and having your personal data stolen.

capture

Have a secure new year!

Have a very happy New Year and make sure to have strong cybersecurity practices! You should set a resolution to do security checkups on all you devices and accounts just to be safe. As technology is getting more advanced in 2017, you should do your best to prevent yourself from getting hacked and to follow good online practices. Hope that 2017 is going to be a great year for all 🙂

Loading 2017