Pentesting with Android using dSploit

Security has always been a concern. The
only truly secure system is the one that is
stored in a lead-lined, locked bunker 100
feet underground. And turned off.
Otherwise, you will be open to the
potential of abuse. And with the ubiquity
of wireless networks, these prove to be a
very tempting and rather large target for
the bad guys. If you maintain a wireless
network, then you need to be sure that it
won’t be abused. One of the better ways
to secure your systems is to try to break
them through penetration testing.
The usual way in which this is done is by
using either a desktop machine or laptop
connected to the network. This means that
you are tied down to a desk. But
sometimes, being able to rove around is
helpful. To this end, having an Android
tablet or smartphone handy will let you
test any wireless network that you have
access to. If your Android device is
rooted, you can install an app called
dSploit. This app will give you all of the
tools you will need to do a thorough test
of your system defences.
Step by Step
Step 01
Downloading
The first step is to get a copy of dSploit
onto your Android device. You should be
able to download a copy directly from
whatever browser you use on your device.
If you have a USB port on your device,
you can download it on your desktop and
transfer it with a USB drive.
Step 02
Permissions
You will need to do things in terms of
permissions on your device. The first
requirement is that it needs to be rooted.
This gives dSploit root access to your
wireless interface so that you can put it in
promiscuous mode. The second is that you
need to allow sideloading of apps, since
dSploit is not on the Play Store.
Step 03
Copying and installation
Once you have the APK copied, or
downloaded, you will need to install it.
The easiest way is to use a file manager of
some kind, navigate to where the file
exists, and select it. The file manager
should start up the installer.
Step 04
Starting
When you start up dSploit, it will
immediately start listening on the wireless
network you’re connected to. Depending
on the hardware available, this may affect
the responsiveness of your device. You
can tap on the menu and then on “Stop
Network Monitor”.
Step 05
Wi-Fi cracking
You can tap on the Wi-Fi signal icon to see
which networks are visible. You can click
on a network to connect. If it is a
‘secured’ network that is vulnerable to one
of the cracking techniques available, it will
be flagged as green, identifying it as such.
Clicking on that network offers you the
options of either connecting or cracking.
Step 06
Trace
One thing you may want to check on is
how packets are being routed within your
own network. Clicking on a target machine
will bring up a menu of applicable tools.
You can click on the Trace tool to follow
how packets move around within the
network.
Step 07
Port scanning
The first step when a ‘bad guy’ tries to
compromise your system is to knock on
your virtual door with a port scan. In
dSploit, you can do this by tapping on the
Port Scanner tool after selecting a host to
test.
Step 08
More port scanning
Once you get the list of open ports, you
can click on them to try to connect. If it
is a port used for web traffic, it will try to
open it in a browser. Otherwise, it will try
to open a connection using Telnet.
Step 09
Inspector module
The Inspector module does some further
probing to get an idea what operating
system is running on the host, along with
what kind of services are running on the
open ports. This may take several minutes
to complete, so be patient. In this
example, we can see that the author’s TV
box is running Linux.
Step 10
Vulnerability Finder
Now that you know what the OS is, and
which ports are open to connections, you
need to check to see what problems may
be affecting this particular system. Again,
these checks can take several minutes, so
be patient. The total list is ordered
according to severity.
Step 11
More vulnerabilities
The original list provides a short
description of the vulnerability, but often
this is not enough. Clicking on the
vulnerability of interest will open the
associated webpage from the National
Vulnerability Database, hosted by the NIST
(nvd.nist.gov). Here you can get more
information on just how serious it may
really