first of all, let’s know about zANTI then we will know what we can do using zANTI /Modules of zANTI.
What is zANTI ?
zANTI is a penetration testing toolkit developed by Zimperium Mobile Security for cyber security professionals. Basically, it allows you to simulate malicious attacks on a network. With the help of zANTI, you will be able to perform various types of operations such as MITM attacks, MAC address spoofing, scanning, password auditing, vulnerability checks and much more. In short, this android toolkit is a perfect companion of hackers. Today I’m going to give you a step by step guide on How to use zANTI for Hacking
Before we know how to use , let’s know
what can you do using zANTI ?
- Change device’s MAC address.
- Create a malicious WiFi hotspot.
- Hijack HTTP sessions.
- Capture downloads.
- Modify HTTP requests and responses.
- Exploit routers.
- Audit passwords.
- Check a device for shellshock and SSL poodle vulnerability.
Note: before you install this app your device must be rooted check this : How To Root Android Device
How To use zANTI
6. Tap on “Finish”. You will see a screen as shown below:
Now, let’s talk about the program modules……
Mac changer allows you to change your WiFi Media Access Control (MAC) Address.
How To Use Mac Changer:
It allows you to create a WiFi hotspot and control your network traffic.
How To Use ZTether:
Moving onto the next program module….
How To Use zPacketEditor:
First, tap on “zPacketEditor” and then turn on the module. You will see the live requests and responses there (1). If you want to edit a particular request or response, swipe it to the right (2). After the edit, you can tap on “Send” button (3).
SSL Strip is a type of Man In the Middle Attack that forces victim’s browser into using HTTP instead of HTTPS (SSL Strip is turned on by default).
Note: Websites using HSTS (HTTP Strict Transport Security) are immune to SSL Strip attacks.
It allows you to redirect all HTTP traffic to a site or server. For example, If you turn on the “Redirect HTTP”, it will redirect all HTTP traffic to Zimperium servers (default configuration). But if you want to forward all the traffic to a particular site, tap on the settings icon, you will see an area to enter a URL , Enter a URL in the field and then again tap on the settings icon.
It enables you to replace website images (victim’s web browser) with your own image. In order to replace images, first, tap on the settings icon and then tap on “Select Image”:
After selecting an image from your device, tap on the settings icon (see the image below):
Now, the users will see the selected image everywhere on the web!
Moving onto the next one…..
It allows you to intercept and download all specified files to the SD card. For example, if you want to capture pdf files, you have to tap on the settings icon and then select the .pdf from the menu. Then turn on “Capture Download”.
How To Use Routerpwn.com:
How To Scan a Target Device?
First, select a device on your network (just tap on it). You will see a screen as shown below:
How to Establish Connection to a Device?
Password Complexity Audit
Note: You cannot change the cracking method on the free version of zANTI.
Turn off the “Automatic Mode” to audit a particular protocol. In the Automatic Mode, you should tap on the “Go” button to start the audit.
How To Perform MITM Attack?
- From the view of the Router – Attackers machine is the user’s machine.
- From the view of victim’s computer – Attackers machine is the router.
How To Check a Target For “ShellShock” Vulnerability?
First, select the target device. Then tap on “ShellShock”. It will start scanning the target (see the image below):
Wait for some time. After scanning the target device, it will display the result.