DSploit

DSploit

After playing with the applications installed on the Pwn Pad, I found that the most important application (at least for me) was missing from the pre-installed apps. Namely, DSploit. Although DSploit has tons of features, I really liked the multiprotocol password sniffing (same as dsniff) and the session hijacking functionality.

The DSploit APK in the Play Store was not working for me, but the latest nightly on http://dsploit.net worked like a charm.

Most features require that you and your target uses the same WiFi network, and that's it. It can be Open, WEP, WPA/WPA2 Personal. On all of these networks, DSploit will sniff the passwords - because of the active attacks. E.g. a lot of email clients still use IMAP with clear text passwords, or some webmails, etc. 

First, DSploit lists the AP and the known devices on the network. In this case, I chose one victim client.

In the following submenu, there are tons of options, but the best features are in the MITM section. 

Stealthiness warning: in some cases, I received the following popup on the victim Windows:

This is what we have under the MITM submenu:

Password sniffing

For example, let's start with the Password Sniffer. It is the same as EvilAP and DSniff in my previous post. With the same results for the popular Hungarian webmail with the default secure login checkbox turned off. Don't forget, this is not an Open WiFi network, but one with WPA2 protection!

Session hijack

Now let's assume that the victim is very security-aware and he checks the secure login checkbox. Another cause can be that the victim already logged in, long before we started to attack. The session hijacking function is similar to the Firesheep tool, but it works with every website where the session cookies are sent in clear text, and there is no need for any additional support.

In a session hijacking attack (also called "sidejacking"), after the victim browser sends the authentication cookies in clear text, DSploit copies these cookies into its own browser, and opens the website with the same cookies, which results in successful login most of the time. Let's see session hijacking in action!

Here, we can see that the session cookies have been sniffed from the air:

Let's select that session, and be amazed that we logged into the user's webmail session.

Redirect traffic

This feature can be used both for fun or profit. For fun, you can redirect all the victim traffic to http://www.kittenwar.com/. For-profit, you can redirect your victim to phishing pages.

Replace images, videos

I think this is just for fun here. Endless Rick Rolling possibilities.

Script injection

This is mostly for profit. client-side injection, drive-by-exploits, endless possibilities.

Custom filter

If you are familiar with ettercap, this has similar functionalities (but dumber), with string or regex replacements. E.g. you can replace the news, stock prices, which pizza the victim ordered, etc. If you know more fun stuff here, please leave a comment (only HTTP scenario - e.g. attacking Facebook won't work).

Additional fun (not in DSploit) - SSLStrip 

From the MITM section of DSploit, I really miss the SSLStrip functionality. Luckily, it is built into the Pwn Pad. With the help of SSLStrip, we can remove the references to HTTPS links in the clear text HTTP traffic, and replace those with HTTP. So even if the user checks the secure login checkbox at freemail.hu, the password will be sent in clear text - thus it can be sniffed with DSniff.

HTML source on the client-side without SSLstrip:

HTML source on the client-side with SSL strip:

With EvilAP, SSLStrip, and DSniff, the password can be stolen. No hacking skillz needed.

Lessons learned here

If you are a website operator where you allow your users to login, always:

1. Use HTTPS with a trusted certificate, and redirect all unencrypted traffic to HTTPS ASAP
2. Mark the session cookies with the secure flag
3. Use HSTS to prevent SSLStrip attacks

If you are a user:

1. Don't trust sites with your confidential data if the above points are not fixed. Choose a more secure alternative
2. Use HTTPS everywhere plugin
3. For improved security, use VPN

Because hacking has never been so easy before.
And last but not least, if you like the DSploit project, don't forget to donate them!

Related word

1. Pentest Tools Kali Linux
2. Pentest Reporting Tools
3. New Hack Tools
4. Hacker Tools 2020
5. Hacker Techniques Tools And Incident Handling
6. Hacking Tools Hardware
7. Hacking Tools Kit
8. Physical Pentest Tools
9. Hacker Tools For Mac
10. Hack Tool Apk No Root
11. Hacker Tool Kit
12. Hacker Tools Software
13. Termux Hacking Tools 2019
14. Install Pentest Tools Ubuntu
15. Hacker Tool Kit
16. Hacking Tools For Kali Linux
17. How To Make Hacking Tools
18. Hacker Tools Free
19. Pentest Tools Apk
20. Hacker Tools For Mac
21. Pentest Box Tools Download
22. Pentest Tools Linux
23. What Are Hacking Tools
24. Hack Tools 2019
25. Hak5 Tools
26. Hacking App
27. Hack Tools Github
28. Pentest Tools Free
29. Github Hacking Tools
30. Pentest Tools Android
31. Hacker Tool Kit
32. Pentest Tools Alternative
33. Hacking Tools Software
34. Hacker Tools For Windows
35. Blackhat Hacker Tools
36. Pentest Tools Port Scanner
37. Hack Tools Online
38. Pentest Tools Download
39. Hacker Techniques Tools And Incident Handling
40. Hacking Tools For Pc
41. Bluetooth Hacking Tools Kali
42. Hacker Tools Mac
43. Hack Tools For Ubuntu
44. Termux Hacking Tools 2019
45. Top Pentest Tools
46. Hacker Tools Linux
47. Hack Website Online Tool
48. Pentest Tools Windows
49. Termux Hacking Tools 2019
50. Free Pentest Tools For Windows
51. Hacker Tools List
52. Pentest Tools For Mac
53. Hacking Tools Usb
54. Hacking Tools For Beginners
55. Hack Tools
56. Hack Tools Mac
57. Hacking Tools Name
58. Hak5 Tools
59. Pentest Tools Framework
60. Pentest Tools Linux
61. Hacker Tools Online
62. Hacker Tool Kit
63. Nsa Hacker Tools
64. Hacking Tools Online
65. Best Hacking Tools 2019
66. Growth Hacker Tools
67. Hack Tools 2019
68. Hacking Tools 2019
69. Tools Used For Hacking
70. Hack Tools For Ubuntu
71. Blackhat Hacker Tools
72. Pentest Automation Tools
73. Hacking Tools Github
74. Best Pentesting Tools 2018
75. Hacker
76. World No 1 Hacker Software
77. Hacking Tools For Windows
78. Hacking Tools Online
79. Pentest Tools Alternative
80. Hack Rom Tools
81. Nsa Hack Tools Download
82. Bluetooth Hacking Tools Kali
83. Hacking Tools Name
84. Pentest Tools Bluekeep
85. Pentest Recon Tools
86. Hacking Tools Hardware
87. Beginner Hacker Tools
88. Hacking Tools 2019
89. Hacking Tools Usb
90. Hack Tools Download
91. Tools For Hacker
92. Pentest Recon Tools
93. Physical Pentest Tools
94. Hacking Tools 2020
95. Blackhat Hacker Tools
96. Hacking Tools Kit
97. Black Hat Hacker Tools
98. Android Hack Tools Github
99. Pentest Tools Find Subdomains
100. Pentest Recon Tools
101. Beginner Hacker Tools
102. Pentest Tools Review
103. Beginner Hacker Tools
104. Hacks And Tools
105. Tools Used For Hacking
106. Hack Tool Apk No Root
107. Pentest Tools Github
108. Hacking Tools Pc
109. Beginner Hacker Tools
110. Pentest Tools Port Scanner
111. Hacker Tools For Ios
112. Tools For Hacker
113. Hacking Tools For Pc
114. Pentest Tools Github
115. Hacker Tools For Ios
116. Pentest Tools Open Source
117. Hack Tools
118. Pentest Tools Windows
119. Pentest Tools Subdomain
120. Hacking Tools For Beginners
121. Hacking Tools Usb
122. Hacker Hardware Tools
123. What Is Hacking Tools
124. Free Pentest Tools For Windows
125. Usb Pentest Tools
126. What Are Hacking Tools
127. Hacker Tools Hardware
128. Hacking Tools
129. Underground Hacker Sites
130. Hack Tools For Windows
131. Hacking Tools Hardware
132. Pentest Tools Windows
133. Hacker Tools Free
134. Hacking Tools For Kali Linux
135. Hacking Tools Usb
136. Pentest Tools Port Scanner
137. Pentest Tools
138. Hack Tools For Ubuntu
139. Hack Tools Pc
140. Hacker Tools Online
141. Pentest Tools Online