DroidSheep is an Android app to protect devices from unwanted harm while browsing the internet over wifi. DroidSheep is a set of Apk files and works only on rooted devices.
Developed by Corsin Carmichael, DroidSheep works as an open-source android application. This apk app is an online protector for your android device. It checks security holes on your internet browsing and advises you to fill them accordingly.
What is DroidSheep App?
DroidSheep works on the behalf of Secure Sockets Layer Certificate, if you own a website and exchange information with others then the DroidSheep app is a very useful tool for you. DroidSheep checks all the intercepts on receiving files.
If you have an SSL Certificate on your website so you don’t need to have the DroidSheep App.
There are lots of such open source applications like DroidSheep but what makes it different from others is its simplicity and reliability. It is like a threat on your network and you find the vulnerability to identify and solve them.
- Droidsheep provides session cookies pieces of information all the time
- It doesn’t require permissions as it is an open-source application
- You can save and share cookies information via email
- You can in and out from any network easily, blacklist any profile to be entered into your network
- You can hijack the profiles over wifi network.
System Requirements for DroidSheep –
If you want to use the DroidSheep app on your android phone then you should have a rooted device and The Busybox installed to provide additional Linux commands.
You will need the following system requirement for the DroidSheep app –
- Apk file for DroidSheep application
- Android device
- Wifi network
- Root permission
For Android devices sometimes you face difficulty with newer versions. In these situations, you only need to switch back to the older version of the app.
How to Download and install the DroidSheep App –
After getting the root permission for your device you will need the following steps to have the DroidSheep app on your device –
- First, download the apk file for the DroidSheep app on your android device. You can find the apk file on the official website of droidsheep.
- Now open the downloaded apk file to install it.
- As you click on install it will ask for root permission. According to your root manager, you give the root permission
- For the next step, it will ask to install the BusyBox. You can download the busybox from the google play store. You can also download busybox by its apk file.
- After having the busy box. Again go to the DroidSheep app and click to install.
- Now click on the next checkbox and click on Ok.
- It will take a few seconds and you would have the DroidSheep App Installed.
DroidSheep Interface and how to use the app –
The user interface of DroidSheep is very simple and easy. As you open the home screen of the app you will find two checkboxes called ARP-Spoofing and Genetic Model.
- ARP-Spoofing is for indicating to other parties on your network that you will be a router and they all transferred to DroidSheep.
- Generic Mode is for testing cookies in your network.
- You can choose any of the options and also go with both the options checked.
- Along with these two options, you will find a switch on/off button and a status indicator on the left side of the switch button.
For the next step, check both the options and click on the start button.
DroidSheep captured the network sessions and analyzed them for security reasons. It gets complete control of the session it captures and could analyse sessions of other parties.
As the session hijacking tools, DroidSheep allows users to hack the session cookies of others on the network. You can capture the profile of the person interacting with you and become a hacker too.
So, along with security analysts, DroidSheep is an Android app for Hackers which could run on all the websites and services.
Droidsheep can read the HTTP codings and extract the session id that we call the sidejacking or the Web Session Hijacking.
To hijack a session you need to follow below steps –
- Check both of the options; ARP Spoofing and Generic Mode, on the home screen and click on the start button
- Now, you will get the active profiles of other users on your network.
- You will get the profiles in two different colors, Green and Yellow. Green indicates that the site is known and the hijacking is possible and Yellow indicates that the genetic cookies are found and the hijacking might be possible.
- As you select any of the profiles you will get some options; open site, Remove from List, Add host to Black List, Export Via eMail, and Save Cookies.
- Each option has different uses. With the open site, you can use the user’s account and the Add host to BlackList option allows you to prevent certain users from saving cookies. With the Save Cookies option, you can save cookies for later use.
- The Open Site option allows you to hack the available account and use it as the owner.
Other Options on DroidSheep app –
In the app, you will find a menu with the following options –
- Clear list – To clear captured cookies
- Clear Blacklist – To Clear blacklist servers
- Debug – To collect running errors and solve them
- Choose WiFi – To select a target network
- Help – To get help
Alternatives App for DroidSheep –
Droidsheep has all security and hacking options but there are some more apps like droidsheep that have more advanced features.
Let look at some of them –
zANTI is a very good alternative app for Droidsheep and the best thing about it that it could run on any android version.
The zANTI has more advanced features than the Droidsheep and you can use it on PC and Laptop too. The user interface is a little bit complex but you will find more options with the zANTI.
Another open-source application can perform with all features like Droidsheep and zANTI. The source code for cSploit is available on GitHub for public use so you can use the app and make productive changes to it.
This is another freely available tool for hacking and security. Android and Remote Administrative Tools ( AndroidRAT) allows users to fetch information from the networks.
As a user, you can collect information like contacts, call logs, messages, and location, etc. with the AndroiRAT.
FaceNiff can work on any private network and can hijack web sessions over wifi.
Developed by Bartosz Ponurkiewicz FaciNiff is well known for hijacking social networking profiles like Facebook. Along with Facebook, FaceNiff can work on Twitter, YouTube, Amazon, Tumblr, etc. FaceNiff is a good alternative for DroidSheep but could run only selected websites.