How secure is a wifi network "> sniffing the pc network and seeing visited sites, searches and passwords and the same thing can be done anywhere using an Android mobile phone. There is even an application, very easy to use, which can modify and redirect the browsing of others on the Internet, without having to make any intrusion or password discovery.
You can therefore play bad (but funny) jokes on friends when they come home and try to connect to the wifi or when you go to a shopping center with the wifi network open.
READ ALSO: App to find passwords of protected Wifi networks
1) Network Spoofer is an Android app for phones unlocked with Root (attention that is reported as a virus because it actually is) (see how to root on Android). It allows you to make jokes to other people connected to the same wireless network as, for example: turn the web pages, always redirect them to the same site, change the writing font or always display the same image. You can use Network Spoofer in a fun way or by making an improper or illegal use to annoy people you don't know each other. Really not recommended to make improper experiments since you can also risk a complaint or in any case to make great bad figures if you are caught.
The first time you start Network Spoofer, you need to click on the Install & Setup button to download the program to your mobile phone. The download is 450 MB so you will need an SD card with enough space. Once ready, you can choose which joke to play from a predefined list.
You can therefore make sure that other users connected to the wifi network are always redirected to a specific site, you can blur the images or change the font. You can also make sure that they can only ever see a single video on Youtube or always the same image. Practically their connection passes from the mobile phone that is running Network spoofer as if it were a proxy and their browsing on the internet can be influenced and modified as you wish. When you click on one of the hacks, you must then select the network to which you are connected or choose the passive option if you use the Android hot-spot function. Once connected, you must also choose the IP address of the terminal to which you want to play the joke. It can be a computer or a mobile phone whose IP address must be known. You can also choose to make the joke to all those connected to the wifi but this will strain the hardware of the phone a lot by quickly draining the battery.
The simplest trick is to re-direct each site visited by the victim to another address . To give it a try, you can enable Network Spoofer on your Android phone and try applying the hack on the network used by your computer.
If desired, you can also sniff the network traffic of others by combining Network Spoofer with another application called Packet Capture .
2) DSploit is an application to try, not to annoy others, but to learn how to protect yourself .
You can try DSploit by installing it on your Android smartphone (it is absolutely not a virus or a malicious program) or on the tablet connected to the same Wifi network as the computer. dSploit can be installed from Aptoide (store similar to Google Play), authorizing apps from unknown sources in the application settings on Android.
At the first start, the IP addresses of the devices connected to the same wifi network and to the router appear immediately. You can locate your computer connected to the network or the tablet, by IP address (taking into account that the IP address that ends with 1 is the router and that your device is recognized by name, the third will be the target). The various options appear which will have more or less effectiveness depending on the internet traffic generated by the spied device and the protections it has. An inspection can be carried out on the open network ports on the device and any vulnerabilities. The most interesting and also the easiest and most fun to use part is the MITM section which contains various tools including: the sniffer to see which sites are visited, a password stealer, a cookie sniffer called Session hijacker. You can then make jokes like: terminate the internet connection on that device, divert internet traffic so that, whatever site you want to visit, the browser opens a site chosen by us, change all the images found on the internet with one of your choice or show it a video instead of the ones you choose.
Redirect could be the most harmful function if this app was used by a bad and capable hacker who wants to hijack the navigation of unsuspecting victims on a scam website, identical perhaps to Facebook or Google, asking them to enter the access password, or redirect them to a site asking to download some virus program. There is also a Script Injection to load a javascript on the web page that is visited and a tool called Custom Filter to make some words appear instead of others. This means that the victim of these hacks, whatever site they go to, will see what we want .
I recommend that you do not abuse these applications for illegal use.
The hijacking tools of internet browsing, sniffing and the one to steal passwords however only work with unprotected websites, those that can be accessed without HTTPS . The good news is that most websites use HTTPS by keeping the data you send and upload to those pages safe from hackers and those who use applications like dSploit. Facebook, Twitter, Google, all banking sites, e-mail and online stores use HTTPS so even if someone listens and tries to steal passwords, they will remain dry-mouthed. However, other simpler, unprotected sites remain vulnerable, where you must always use passwords other than those of the main sites. The first thing a hacker will do is try on Facebook or other sites that password found to access any forum.
The best way to protect yourself from these applications and take into account all the recommendations that you make when surfing using public or unsecured wifi networks where you do not know who is connected. In fact, the main precaution to avoid problems is to enter and write passwords only on HTTPS sites. All normal sites can be read and browsed normally, however avoiding to write sensitive data or passwords that pass unencrypted over the network.
