Pentesting with Android using dSploit
The best way to secure your network is to try to tear it down, through penetration testing. With dSploit, you can now do it on the move
Security has always been a concern. The only truly secure system is the one that is stored in a lead-lined, locked bunker 100 feet underground. And turned off. Otherwise, you will be open to the potential of abuse. And with the ubiquity of wireless networks, these prove to be a very tempting and rather large target for the bad guys. If you maintain a wireless network, then you need to be sure that it won’t be abused. One of the better ways to secure your systems is to try to break them through penetration testing.
The usual way in which this is done is by using either a desktop machine or laptop connected to the network. This means that you are tied down to a desk. But sometimes, being able to rove around is helpful. To this end, having an Android tablet or smartphone handy will let you test any wireless network that you have access to. If your Android device is rooted, you can install an app called dSploit. This app will give you all of the tools you will need to do a thorough test of your system defences.
An Android smartphone
Step by Step
The first step is to get a copy of dSploit onto your Android device. You should be able to download a copy directly from whatever browser you use on your device. If you have a USB port on your device, you can download it on your desktop and transfer it with a USB drive.
You will need to do things in terms of permissions on your device. The first requirement is that it needs to be rooted. This gives dSploit root access to your wireless interface so that you can put it in promiscuous mode. The second is that you need to allow sideloading of apps, since dSploit is not on the Play Store.
Copying and installation
Once you have the APK copied, or downloaded, you will need to install it. The easiest way is to use a file manager of some kind, navigate to where the file exists, and select it. The file manager should start up the installer.
When you start up dSploit, it will immediately start listening on the wireless network you’re connected to. Depending on the hardware available, this may affect the responsiveness of your device. You can tap on the menu and then on “Stop Network Monitor”.
You can tap on the Wi-Fi signal icon to see which networks are visible. You can click on a network to connect. If it is a ‘secured’ network that is vulnerable to one of the cracking techniques available, it will be flagged as green, identifying it as such. Clicking on that network offers you the options of either connecting or cracking.
One thing you may want to check on is how packets are being routed within your own network. Clicking on a target machine will bring up a menu of applicable tools. You can click on the Trace tool to follow how packets move around within the network.
The first step when a ‘bad guy’ tries to compromise your system is to knock on your virtual door with a port scan. In dSploit, you can do this by tapping on the Port Scanner tool after selecting a host to test.
More port scanning
Once you get the list of open ports, you can click on them to try to connect. If it is a port used for web traffic, it will try to open it in a browser. Otherwise, it will try to open a connection using Telnet.
The Inspector module does some further probing to get an idea what operating system is running on the host, along with what kind of services are running on the open ports. This may take several minutes to complete, so be patient. In this example, we can see that the author’s TV box is running Linux.
Now that you know what the OS is, and which ports are open to connections, you need to check to see what problems may be affecting this particular system. Again, these checks can take several minutes, so be patient. The total list is ordered according to severity.
The original list provides a short description of the vulnerability, but often this is not enough. Clicking on the vulnerability of interest will open the associated webpage from the National Vulnerability Database, hosted by the NIST (nvd.nist.gov). Here you can get more information on just how serious it may really be.