Microsoft Announces Windows 10 BlackBerry Launches Passport in India for Rs. 49,990 The World's Slimmest SmartPhone : Gionee Elife S5.1 iOS 8 Has Finally Arrived Apple Unveils iPhone 6 and iPhone 6 Plus

Dangerous Hacks Come In Small Packages

Posted by : Cyber Freak Sunday, 7 August 2011

Android App Turns Smartphones Into Mobile Hacking Machines

When an app called Anti, or Android Network Toolkit, hits the Android market next week. The program, which Israeli security firm Zimperium revealed at the Defcon hacker conference in Las Vegas Friday and plans to make available to Android users in coming days, is designed for penetration testing--in theory, searching out and demonstrating vulnerabilities in computer systems so that they can be patched. Anti aims to bring all the hacking tools available to penetration testers on PCs to smartphones, with an automated interface intended to make sniffing local networks and owning remote servers as simple as pushing a few buttons.

"We wanted to create a penetration testing tool for the masses, says Itzhak "Zuk" Avraham, founder of Tel-Aviv-based Zimperium. "It's about being able to do what advanced hackers do with a really good implementation. In your pocket."

Anti, a free app with a $10 corporate upgrade, will offer a wi-fi-scanning tool for finding open networks and showing all potential target devices on those networks, as well as traceroute software that can reveal the IP addresses of faraway servers. When a target is identified, the app offers up a simple menu with commands like "Man-In-The-Middle" to eavesdrop on local devices, or even "Attack"; The app is designed to run exploits collected in platforms like Metasploit or ExploitDB, using vulnerabilities in out-of-date software to compromise targets.

"Hacking is not for the chosen few," reads one description in the app's documentation, formatted in Star Wars-style scrolling text. "Anti is your perfect mobile companion, doing it all for you. Please remember, with great power comes great responsibility. Use it wisely."

Even in its current form, the app raises the possibility of dangerous, stealthy attacks. A hacker could, for instance, walk into a coffee shop or a corporate office with his phone and start sussing out machines for data theft or malware infection. But Avraham says Zimperium will ask users in its terms of service to limit their hacking to "white hat" penetration testing.

Penetration testers who saw the app at Defcon were impressed. "It's just sick," says Don Bailey, a researcher with security firm iSec Partners. "The way it populates the screen with vulnerable targets...it's really elegant."
Another professional penetration tester for a defense contractor firm who asked that his name not be used called the app a "quick and dirty Swiss army knife for mobile pen testing." "It's so polished it's almost like playing a video game," he says, comparing it to penetration testing suites that cost thousands of dollars.

Leave a Reply

Subscribe to Posts | Subscribe to Comments

Categories

Designed by Cyber Freak

News Flash


Blog Archive

Powered by Blogger.

Copyright © Cyber Era News. All rights reserved.- Powered by Eravations - Designed by Shantanu Chauhan -