All posts by Spence

White hat in training, with some grey mixed in

Android Hacking apps

android hacking

 

Recently I have played a game called watchdogs and it has inspired me to make a phone with as many hacking features as I can.

The First thing you would want want to do is root your phone. That allows you to gain full control over the Android operating system.  This will allow you to run apps that aren’t  in the Play Store. Most older phones can be rooted and Rom’d straight from the phone thanks to Dev’s like http://www.kingroot.net/. I use a Galaxy s4 and was able to do so from that site. then from there I installed Cyanogenmods app and installed a custom ROM and recovery. (For recovery i used clockwork mod and ROM is 5.1.1, make sure you install busybox, most applications need that to run)

After you install the flavor of Android you want you’ll want to start looking for some android applications.

  1. zAnti 2.2 – is a Network scanner, mapper and has some basic pen-test features also allows a little bit of MiTM basics to test with.
  2. Wifi Wps tester – scans for networks and has some basic wps and WiFi testing applications
  3. dSploit- a small metasploit for your phone can do basic recon and analysis work
  4. Shark for root- network packet capture. best to use it and then upload the file to your computer so you can have it read through either wireshark on computer or my personal favorite network-miner
  5. BitShark – one more app for packet capture.

( I will update the apps page as i continue to test more apps, some of them dont do what is advertised to i will add the ones that are useful)

These are a few of the basic apps i use currently i will post my Gdrive link for some of the Downloadable APK’s

Disclaimer : im not responsible for what you use these with. Practice on your home network to see which of your devices may be vulnerable or needing some security updates. its a good mobile testing platform to show you what is out there and what phones are capable of these days

https://drive.google.com/drive/folders/0B3nVTmJNjhMuTHh5WThDd2J2S0U

Doxing info in .txt

aDoxEj7_700b

First of all, let us start at the very beginning. 'Dox' is short for 'docs', which as you probably know is short for documents. You want to find the information (documents) on somebody and that's how the name is made. To start off, we will need a small 'guide' to keep our findings together. If you have read a guide on how to dox before or have tried it in the past, you will have already used something similar. 
Quote:
Usernames:
E-mail:
Full Name:
City:
Zip/Postal:
State/Province:
Country:
IP address:
ISP:
Home Address:
Phone Numbers:
Social Networks:
Other:

Usernames/Screen Names
If you know of this user online, then they probably have some sort of username from where you found them. This is probably the main step as getting other information may be difficult without knowing things like email addresses and real life information, which, you probably may not know if you are trying to dox them.

Email:
There are lots of different ways for you to get hold of your slaves email address. If the user owns a Facebook account, their email address may be inside the 'info' section of their account. Another popular method is using the slaves screen name in a quick Google search. Not only would this return many other accounts online, but also possible email addresses containing the screen name. There are plenty of other examples, but the email address can lead you to some main information.

Address:
If you know the name of your slave then you can find other information such as their address. You can use some of the sites which I have listed at the end of this small guide. Using these websites you can also find out their phone numbers that are registered with the address. Another method you can use is using the Facebook/Twitter location feature. If their location is posted every post, you can trace back to their home and add more juicy information to your dox. 
A popular choice when doxing involves IP addresses. Using a site like http://www.ipaddress.com can get you far. There are hundreds of ways to get a users IP which I will go into in a different tutorial. Once you have the IP, you can reverse it to their home and get information about their ISP and more too. 

Social Networking:
Another extremely popular method is using Social Network Sites to your advantage. One persons life can rest within a single page so this can sometimes be your biggest tool. Let's take Facebook for an example. If you have the slaves email address, you can enter it into the search bar and it will link back to a user registered with it. You can also search for their name with a location you could have traced back from other social networking sites such as Bebo and Myspace.

Images:
Let's say that you have found some images on some social networking sites and you have added them to your dox, now what? You can find even more information by using something as easy to use as Tineye to reverse the image and find it on other sites. This can also help you find out if the user is real or fake. Google also provides a good image search, just drag the image in and let it do it's job. 
You may not always need an image of the actual user, you could also use their avatar and link it back to even more accounts. 

Useful Searching Sites

Misc. Search Sites:
http://www.spokeo.com
http://www.pipl.com
http://www.peekyou.com/
http://www.ipeople.com
http://www.yasni.com
http://www.skipease.com
http://www.peekyou.com
http://www.soople.com
http://Abika.com
http://freeality.com
http://radaris.com
http://wink.com/
http://www.isearch.com/
http://www.keotag.com/
http://yahoo.intelius.com/
25 Free People Search Engines to Find Anyone
http://www.192.com/ (UK) WhitePages Search: http://www.whitepages.com http://www.zabasearch.com/ Archives Search: http://aad.archives.gov/aad/series-list.jsp?cat=GS29 http://www.archive.org/web/web.php Social Network Searches: http://www.facebook.com/directory/people/ http://topsy.com/ http://monitter.com/ (Monitor twitter convos) http://socialmention.com/ http://knowem.com/ http://twoogel.com/ http://www.yacktrack.com http://www.samepoint.com/ http://www.whostalkin.com/ Phone Information & Lookups: http://www.freecellphonedirectorylookup.com http://www.numberway.com/ http://www.fonefinder.net Public & Criminal Records Search: http://publicrecords.onlinesearches.com http://www.jailbase.com/en/sources/fl-lcso/ Once you have obtained all the dox of your target there are several things you can do. You can use them as black mail, threaten to post them everywhere if you don't get what you want. You can just be an asshole and post them everywhere and send your target the link or use that information to gain access to something thats theirs such as a xbox live account. There are many different things you could do, some of which I'm not allowed to talk about.

DOX

how_to_dox_someone.

how_to_dox_anyone

A Valid SSL Certificate for Every IP Address

http://blog.pivotal.io/labs/labs/sslip-io-a-valid-ssl-certificate-for-every-ip-address

sslip.io enables developers to equip their servers with valid SSL certificates for free (on the downside, the server’s URI will be an awkward mash-up of the server’s IP address and the sslip.io domain, e.g. https://52-0-56-137.sslip.io). Two components make this possible: a custom DNS (Domain Name System) backend that resolves hostnames to an embedded IP address (e.g. 192-168-0-1.sslip.io resolves to 192.168.0.1), and an SSL key and wildcard certificate downloadable from GitHub.

DNSenum

dnsenum_1http://kalilinuxtutorials.com/ig/dnsenum/

Good tutorial on DNS enumeration, which is the process of locating all DNS servers and DNS entries for an organization. DNS enumeration will allow us to gather critical information about the organization such as usernames, computer names, IP addresses, and so on