viernes, 27 de septiembre de 2013

How to make pishing using an smartphone

Hi everybody:

I want to show you how share your internet connection of your smartphone and take all passwords of the clients who use it

This is the way how it works
Minimum Requirement

Android 4.0.4 or less (after 4.0.4 change the way of tetthering in android 4.1.2 so all this tool is useless after this version)
Rooted Smartphone dual core or +


1) Root your device (it must have dual core)
2)Download complete linux installer from google play
3)Dowload console from google play
4)Download Mobile Fisherman and uncompress it into your external sd of your smartphone


1)Start Complete Linux installer

2)Run it

3) Select the image downloaded of Mobile Fisherman

Choose a Name for example Mobile Fisherman

Choose the image downloaded of our Ubuntu Mobile Fisher
When the following image are displayed save everything

We are ready to run it so do it

Runing the attack

 This is the screen when its starting ubuntu

When Ubuntu is starting it let you choose wich GUI you want but its not important. Just  press enter

Run ./

 Wellcome to menu
If you select 1 you will start ssl strip attack 

 Start tettering on your smartphone (it's teorically posible start tettering from ubuntu but iwconfig don't let me use master mode and i was trying to use airbase-ng but it's not working)
You must enter in Wi-Fi Zone and modem USB

Choose a name of your fake access point. Use for example something like link$y$. You know what i mean. (:P) or use the name of your "laboratory"  for example some attacker could use the same ssid of the wifi of the place where he is right now to  take credentials of the attracted clients to his fake access point


Start the access point

Now you can press any key to start the attack you must just wait

 In this capture you can see the many mac address asking to our evil dhcp

When the victim login into a web application and send his credentials it will be logged into our smartphone in /external_sd/atlogs/sslstrip/

If you open the log i will see something like this

2 comentarios:

  1. Muy bueno el taller de la eko!!! Vas a publicar los programas que usaste en el taller?

  2. Never used this but this this ceratinly a great idea the method seems interesting.

    Silvester Norman

    Change MAC Address