Hi,
I am looking for andriod application that doesn't require root and have close resemblance like Wireshark for windows. There are many packet tracer avaliable but please suggest me which one is recommended and give output like wireshark
The second application that I am searching for is to get all radio messages from mobile antenna, like TEMPS. I should be able to see all abis RF messages how my samsung s4 phone is contacted with BTS. There are some RF applications avaliable for andriod, but they are just giving basic details, like Cellid/LAC or signal strength info. etc. Is there any application out which can log all radio messages with details.
Thank you.
My friends any idea about that?
Sent from my GT-I9500 using xda app-developers app
To capture network traffic, I think the only decent solution (like Shark for Root) will be for rooted device.
About capture wireless traffic, you will need a custom module (driver) and firmware (wireless firmware), like you can find in "http://bcmon.blogspot.com.br/", depending on your device, you might have to make one, which is extremely complicated
Related
Hello all,
Its been a long time no speak on this forum for a while, I have finally made the jump from WM (HTC LEO/SE X1) to Android on a Dell Streak. Admittedly I am still waiting on a stable o2 sanctioned version of Froyo to put SENSE UI on!
My question here relates to Firesheep, an add on for Firefox that allows packet capture on public WiFi networks. I was wondering if anyone could port this application to android as a stand alone App, or if anything else similar had been developed?
I hope someone can give me an answer at least to the feasibility of this request.
+1
I too would love to know hehe
Sent from my Desire HD using XDA App
It would require drivers for the wireless chipset in the phone to be put in promiscious/monitor mode to capture packets, as far as I know, neither is possible, unfortunately.
timekeeper said:
It would require drivers for the wireless chipset in the phone to be put in promiscious/monitor mode to capture packets, as far as I know, neither is possible, unfortunately.
Click to expand...
Click to collapse
Couldn't it run in firefox mobile
monitor mode in galaxy S
There is an app available in market called pixie who get the promiscuous mode for the wifi interface. I'm able to capture packets in Samsung Galaxy S (GT-I9000) with the app installed.
Now we're waiting for firesheep realease for android... it's impossible to install the XPI in Firefox mobile beta...
Yeah, I tried porting the XPI over to firefox mobile, but it wont work without a packet capture utility, like WinPcap, which is used with the normal Firefox Win version.
I would be definately interested in seeing where this goes though...
vit_mar said:
Yeah, I tried porting the XPI over to firefox mobile, but it wont work without a packet capture utility, like WinPcap, which is used with the normal Firefox Win version.
I would be definately interested in seeing where this goes though...
Click to expand...
Click to collapse
It is also working in OSX so I guess libpcap should be enough to use it. By reading this http://seclists.org/tcpdump/2010/q1/98 it seems that there is support for Android. However you will need root access to use it.
This thread, discussing Shark for Root app, refers to a lot of functions that firesheep uses: http://forum.xda-developers.com/showthread.php?t=725692
Perhaps using libpcap/tcpdump (as janfsd suggested), we can port this over. Root is a must though, true...
any updates?
i need this for my N1
Tanks
Bumping for an update on this project!
Found this thread in google. Try http://faceniff.ponury.net/ I've wrote it yesterday I wrote it to sniff only facebook accounts but it can be easily modified to other services.
Hello!!
This is awesome! wooow! I don't mean the fact that you can steal web session profiles,
but the fact that an Android application can open an interface e.g. WIFI and realise sniffing -
network monitoring without being run as root or system. To do so, an application should be
signed with the platform's key : http://stackoverflow.com/questions/6010796/run-secure-api-calls-as-root-android
How is this possible?? I am really wondering about that. Some time ago I tried to port
jNetPcap, so as to use it in an Android application for monitoring the WIFI. I successfully
ported it but I couldn't read the list of Android interfaces from its API and realise web
monitoring.. (see here for details: http://stackoverflow.com/questions/5966603/jnetpcap-on-android-problem-with-findalldevs-method,
http://jnetpcap.com/node/792)
I am really wondering how faceniff faces this problem??
e.g. Shark for Android runs an instance of libpcap in the background and derives the
appropriate information from the pcap traces..
What faceniff do to get the information it wants, e.g. the web sessions?? I am
really curious about that.. Any ideas?
faceniff runs as root....
Yes, but how is it possible to make an application that runs as root?
There is no Android permission you can use in Android manifest to give you
such privileges.. Even other Android applications that run only in rooted phones
cannot open an interface an capture traffic, and for this reason they run in the
background a tcpdump and process the pcap traces it produces (e.g. Shark for
Android).
is anybody here that knows how faceniff can capture packets??
I know how it works because I wrote it
It has a binary file which lies in /data/data/net.ponury.faceniff/
Then the java app executes "su" (to gain root permissions) and executes that binary file. And it grabs results from the binary showing them on the screen. Hope it helps.
Hi all,
i am working for a german car manufacturer as test lead for telephone car kits.
I often have problems with testers reporting not enough data for network related problems/errors.
My idea is to supply them with any Android device with a little application recording the track they were driving and as additional info also gives me relevant data of the mobile cells they were booked in during the testdrive.
Recording the track data is the easy part with apps like "My Tracks".
There is also an app called "Antennas" in the market which give me basic cell infos.
Problem is I only need the cell data from cells in which i was registered, i dont need tons of data from neighbouring cells etc...
Since some very experienced devs are around here i'd like to ask how much effort it would be to develop such an app which i.e. generates a *kml file which i can overlay ontop of my track information (i.e. sets a flag everytime i change to a new mobile cell on my way with its relevant data (Cell-ID, network type, fieldstrength etc...))?
Or does anyone knows an app which already does this?
Sorry for my english
effort
prototype could be done fast (several days). but it will take you way more effort to create a stable app which runs on all android devices. does your department already have some experience in android development? some experience in java/eclipse/embedded programming would help a lot.
-didi
We have no one with particular android experience, but we have several ppl with much eclipse/java knowledge and experience.
I'll just ask them, they have to try it in their free time lol, because this app development is not covered by my project and far from official
The Vulnerability
In recent updates to some of its devices, HTC introduces a suite of logging tools that collected information. Lots of information. LOTS. Whatever the reason was, whether for better understanding problems on users' devices, easier remote analysis, corporate evilness - it doesn't matter. If you, as a company, plant these information collectors on a device, you better be DAMN sure the information they collect is secured and only available to privileged services or the user, after opting in.
That is not the case. What Trevor found is only the tip of the iceberg - we are all still digging deeper - but currently any app on affected devices that requests a single android.permission.INTERNET (which is normal for any app that connects to the web or shows ads) can get its hands on:
the list of user accounts, including email addresses and sync status for each
last known network and GPS locations and a limited previous history of locations
phone numbers from the phone log
SMS data, including phone numbers and encoded text (not sure yet if it's possible to decode it, but very likely)
system logs (both kernel/dmesg and app/logcat), which includes everything your running apps do and is likely to include email addresses, phone numbers, and other private info
Normally, applications get access to only what is allowed by the permissions they request, so when you install a simple, innocent-looking new game from the Market that only asks for the INTERNET permission (to submit scores online, for example), you don't expect it to read your phone log or list of emails.
But that's not all. After looking at the huge amount of data (the log file was 3.5MB on my EVO 3D) that is vulnerable to apps exploiting this vulnerability all day, I found the following is also exposed (granted, some of which may be already available to any app via the Android APIs):
active notifications in the notification bar, including notification text
build number, bootloader version, radio version, kernel version
network info, including IP addresses
full memory info
CPU info
file system info and free space on each partition
running processes
current snapshot/stacktrace of not only every running process but every running thread
list of installed apps, including permissions used, user ids, versions, and more
system properties/variables
currently active broadcast listeners and history of past broadcasts received
currently active content providers
battery info and status, including charging/wake lock history
and more
Let me put it another way. By using only the INTERNET permission, any app can also gain at least the following:
ACCESS_COARSE_LOCATION Allows an application to access coarse (e.g., Cell-ID, WiFi) location
ACCESS_FINE_LOCATION Allows an application to access fine (e.g., GPS) location
ACCESS_LOCATION_EXTRA_COMMANDS Allows an application to access extra location provider commands
ACCESS_WIFI_STATE Allows applications to access information about Wi-Fi networks
BATTERY_STATS Allows an application to collect battery statistics
DUMP Allows an application to retrieve state dump information from system services.
GET_ACCOUNTS Allows access to the list of accounts in the Accounts Service
GET_PACKAGE_SIZE Allows an application to find out the space used by any package.
GET_TASKS Allows an application to get information about the currently or recently running tasks: a thumbnail representation of the tasks, what activities are running in it, etc.
READ_LOGS Allows an application to read the low-level system log files.
READ_SYNC_SETTINGS Allows applications to read the sync settings
READ_SYNC_STATS Allows applications to read the sync stats
Theoretically, it may be possible to clone a device using only a small subset of the information leaked here.
I'd like to reiterate that the only reason the data is leaking left and right is because HTC set their snooping environment up this way. It's like leaving your keys under the mat and expecting nobody who finds them to unlock the door. For a more technical explanation, see the section below.
Additionally, and the implications of this could end up being insignificant, yet still very suspicious, HTC also decided to add an app called androidvncserver.apk to their Android OS installations. If you're not familiar with the definition of VNC, it is basically a remote access server. On the EVO 3D, it was present from the start and updated in the latest OTA. The app doesn't get started by default, but who knows what and who can trigger it and potentially get access to your phone remotely? I'm sure we'll know soon enough - HTC, care to tell us what it's doing here?
Technical Details
In addition to Carrier IQ (CIQ) that was planted by HTC/Sprint and prompted all kinds of questions a while ago, HTC also included another app called HtcLoggers.apk. This app is capable of collecting all kinds of data, as I mentioned above, and then... provide it to anyone who asks for it by opening a local port. Yup, not just HTC, but anyone who connects to it, which happens to be any app with the INTERNET permission. Ironically, because a given app has the INTERNET permission, it can also send all the data off to a remote server, killing 2 birds with one stone permission.
In fact, HtcLogger has a whole interface which accepts a variety of commands (such as the handy :help: that shows all available commands). Oh yeah - and no login/password are required to access said interface.
Furthermore, it's worth noting that HtcLogger tries to use root to dump even more data, such as WiMax state, and may attempt to run something called htcserviced - at least this code is present in the source:
/system/xbin/su 0 /data/data/com.htc.loggers/bin/htcserviced
HtcLoggers is only one of the services that is collecting data, and we haven't even gotten to the bottom of what else it can do, let alone what the other services are capable of doing. But hey - I think you'll agree that this is already more than enough.
Patching The Vulnerability
... is not possible without either root or an update from HTC. If you do root, we recommend immediate removal of Htcloggers (you can find it at /system/app/HtcLoggers.apk).
Stay safe and don't download suspicious apps. Of course, even quality-looking apps can silently capture and send off this data, but the chance of that is lower.
Affected Phones
Note: Only stock Sense firmware is affected - if you're running an AOSP-based ROM like CyanogenMod, you are safe.
EVO 4G
EVO 3D
Thunderbolt
EVO Shift 4G? (thanks, pm)
MyTouch 4G Slide? (thanks, Michael)
the upcoming Vigor? (thanks, bjn714)
some Sensations? (thanks, Nick)
View 4G? (thanks, Pat)
the upcoming Kingdom? (thanks, Pat)
most likely others - we haven't verified them yet, but you can help us by downloading the proof of concept above and running the APK
HTC's Response
After finding the vulnerability, Trevor contacted HTC on September 24th and received no real response for five business days, after which he released this information to the public (as per RF full disclosure Policy). In my experience, lighting fire under someone's ass in public makes things move a whole lot faster, which is why responsible disclosure is a norm in the security industry. (This is where we come in.)
As far as we know, HTC is now looking into the issue, but no statement has been issued yet.
HTC, you got yourself into this mess, and it's now up to you to climb out of the hole as fast as possible, in your own interest.
The ball is in your court.
Credit
ANDROID POLICE
Huge thank you to Trevor Eckhart who found the vulnerability and Justin Case for working with us today digging deeper.
Hi there, I need help, someone is consistently hacking into my phone, htc evo 4g, they are penetration testers and pc savvy, currently I cant login to the phn for trying to do a factory reset. They kept intercepting me and now my password does not work. Who knows maybe they changed it on their side. I wrote down everything I saw. I was seeing all these process running for the same app. in my applications. My phone was getting hot, freezes but its people that live in my apt complex and at work. can you help?
zzm5 said:
Hi there, I need help, someone is consistently hacking into my phone, htc evo 4g, they are penetration testers and pc savvy, currently I cant login to the phn for trying to do a factory reset. They kept intercepting me and now my password does not work. Who knows maybe they changed it on their side. I wrote down everything I saw. I was seeing all these process running for the same app. in my applications. My phone was getting hot, freezes but its people that live in my apt complex and at work. can you help?
Click to expand...
Click to collapse
Is your device rooted?
I used root explorer and removed the HtcLoggers.apk and other than the forced close loop that removing it caused (requiring me to remove the battery), after rebooting all seems to be working fine.
EDIT: Actually I didn't just delete HtcLoggers.apk but moved it to a safe location on the SD Card in case there was a problem and it needed to be restored. I highly suggest you do this instead of just deleting it, or better yet, a nandroid backup.
there are a few good ROMS out there that have the ICQ loggers removed already.
Do we really need three threads on the front page about the same thing?
Hi,
I'm new to this forum and after having a solid look around the site I have been unable to find anything that comes close to what I have in mind.
I am currently a student at Edinburgh Napier University and I am looking into the possibility of creating a local Intrusion Detection System on a Smartphone. One capable of informing a user that an intruder is currently attempting to gain access to their device and carry out malicious activities.
Has anyone managed to find anything I have not as I am under the impression that no such software exists for any type of Smartphone device. My main consideration is with Windows Phone but I would like to hear about anything that is out there that relates to this.
Any help would be amazing.
Thanks in advance :highfive:
I have no input, but this is interesting stuff. Will the hardware be robust enough to support it?
I know people have gotten Ubuntu running on various mobile devices, but it'd be interesting to see how SNORT (or similar) plays with mobile hardware.
The problem you are going to have (not unsurmountable) is that if you ignore the infosec/marketing what you have out there is primarily black box IDS devices, with capabilities to also run as an IPS.
However only the most nieve such as UK Gov & Local Gov have( certainly none of the Tier 1 Inv.Banks I have worked for) have switched IPS on for fear of backlash. It would be something if developed I would be interested in seeing, certainly if it could act as an IDS on a Ad-Hoc VPN there is commercial opportunities there....
So ask yourself - are you REALLY wanting to BOTH Detect and Prevent or merely Detect and Acknowledge. The latter a more easy task, less of a hit on functionality.
Perhaps there is an old Cybertrust source code now opensource....as a thought for you, but it would need reengineering as was a custom image.
In the meantime if what you actually want is Single IP/MAC/Hardware protection - why not root the device, install Synodroid (to control who or what has SU equivalent access) & DroidWall (firewall to limit traffic) & do an audit of the Apps you have downloaded of the rights requested. Perhaps setup a VPN to your university network or local broadband router (if you trust who manages them) so at least there is another layer to go through. However if you someone who opens zip's//tars on the device with install privileges elevated then your accepting the consequences. (Above Android related)
There is bound to be an IP traffic audit tool app - so you could use to Record a 24/26/48 hour period of the address ranges and what process linked back. But as you then start moving down the completely pain in the neck Firewall Rule analysis piece and SIEM world, don't!
Thanks finlaand
Thanks finlaand that is a lot to go on I really appreciate your thoughts.
I will be sure to keep you all up-to-date on how things are going.
Many thanks again :good:
I'd like to develop an application for a smart watch which will periodically turn on & off sensors on the watch/band, ala microphone/camera/etc, record their activity, do minimal processing and store the result on the watch/band. This result will be uploaded to the mobile phone when a bluetooth connection is established.
To my best understanding, this can only be done with Tizen/WearOS/FitbitOS, not with other watch operating systems such as Huami's ones (Amazfit/Xiami MI/etc). This also means that it's a (big) watch and not a (small) band that is suitable for the above.
Is this correct and how to do this otherwise if it's wrong?
How much of a hassle it is to do this in WearOS for a seasoned professional programmer who is a complete noob in WearOS/smartwatches/mobile devices?
Can we develop a headless app that runs constantly?
Are there any tutorials on the subject?