zAnti – Fast & Simple Android Based Security Testing Platform

zImperium’s zAnti is a quick and simple Android based app that you can use to  test your network security. Want network scanning, Man-in-the-Middle (MITM) attacks, exploit capability and reporting features all from your Droid table or phone? Then look no further.

If you liked the previous version (called Anti) then you will love this update. zAnti seems to be smoother and easier to use than its predecessor. zAnti still comes with a token type credit system that allows you to access the more advanced features, but like the first one, you can still see the power of zAnti with the free version.

So how does it work?

Once you start the App, you will be asked to login. Then zAnti does a quick scan of available Wi-Fi networks and asks which one you want to test. Just select the network and zAnti does a quick scan and shows all the available hosts on the network.

Found a target that looks interesting? Just select it and with a quick swipe of the finger and you reach the Action menu. From here you can perform several different attacks including sniffing and exploit attempts. Swipe again and you come to the Nmap menu where you have the option to run several levels of nmap based scanning to attempt to detect OS version and service identification. Swipe once more and you will come to a comment page where you can write notes about the target.

In a test, I ran zAnti on my 7″ Polaroid Android Tablet. Within a few seconds I had a complete list of all the machines on my network. Selecting one of my Windows 7 systems from the menu I performed a deeper nmap scan. The scan found no open ports, and it could not provide much information about the client. But by switching to the Action menu I choose the sniffer option:

Within seconds I was viewing a list of all the webpages that my Windows 7 wired client was visiting, remotely on my droid tablet! Obviously some type of ARP (Address Resolution Protocol) cache poisoning was going on here.

A quick look at the Windows 7 client’s ARP Table showed that zAnti successfully performed a man-in-the-middle attack on the client. And sure enough, switched its MAC address for the client gateway. This effectively put the wireless Droid in between my router and the wired Windows 7 Client so it could sniff all the network traffic!

Even though you need to buy credits to do the more advanced attacks and Pentest reporting features, Free zAnti is a fun, sleek, uber-cool tool to add to the security toolbox. And if you need the advanced features, the support will help the company create even more feature rich programs in the future (zImperium is also working on some interesting looking mobile defense projects).

Did I mention they have a beta program from an iOS based version?  🙂

Check it out!

Advertisements

Hakin9: Exploiting Software Bible now Available

Exploiting Software Bible

Now Available Single Issue – Only $36.90 for our 200 + pages best of Exploiting Software

The Bible Includes:

·  Shellcode:
Exploiting Format Strings with Python

·  Reverse Engineering:
Reversing EXE with OllyDbg

·  Buffer Overflow: Smashing the Stack

·  Exploiting Client Software:
Hijacking Software Updates with Evilgrade

·  Defense Pattern:
Easy Network Security Monitoring with Security Onion

And much more inside

Get Hakin9’s single issue for only $36.90 or an annual subscription for only $221.40 (USD)

Learn best software exploiting and protection techniques!

Russian Authorities take down World’s Largest Banking Botnet

Russia’s Ministry of the Interior (MVD) announced on Friday that their special computer crimes “Department K” division took down what could be one of the largest botnets in the world. The botnet encompassed an approximate 6 Million devices with 4.5 million of them being computers.

After a 10 month investigation, Russian authorities arrested a 22 year old Russian who seemed to be the creator of the Botnet:

The operative and investigative activities conducted revealed that the criminal activities were committed by a 22-year-old young man who is widely known in the hacker community under the nicknames of “Germes” and “Arashi”.

The young man was not only developing bot-networks and massively distributing malicious programs but also personally took part in stealing funds from accounts of individuals and legal entities.

The suspect worked together with a group of partners and together stole over 150 Million Rubles ($4.5 Million) using Banking based Botnets:

The criminal’s target was computers with the software “Bank-Client” installed on them. To infest them and further steal funds, he used programs such as Carberp of various modifications. Having obtained logins, passwords and digital signatures in this way, he transferred money allegedly on behalf of citizens and organizations to accounts of shell companies. Further on, the funds were transferred to plastic card accounts and cashed in automated teller machines.

According to the report almost all of the infected devices were located within the Russian Federation.