zanti android wireless pentesting guide ().pdf
TRANSCRIPT
![Page 1: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/1.jpg)
Hack Wireless from Mobile Phone
usingZANTI
--mobile pentesting toolkit--
~
Written by
puupuu@deb~lab
~
I am blogger !
www.kyawzinhein.net
![Page 2: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/2.jpg)
Requirement....
1.Aroid Phone or Tablet
2.Internet Connection
3.zAnti mobile pentesting toolkit
![Page 3: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/3.jpg)
zANTI ကဖြငပါ၊ Root Access ေတာငးရင Allow ေပးပါ၊
![Page 4: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/4.jpg)
ပြငလာရင ရတEmail Address တစခထညပါ၊
accept Zimpremium's EULA ကအမနျခစေပးပါ၊
ျပးရင Start Now ကႏပပါ။
![Page 5: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/5.jpg)
Skipt ကႏပပါ၊
![Page 6: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/6.jpg)
အ၀ငးစလညပါမယ ေခတေစာငပါ၊ :P
လငးမေကာငးရငေတာ ၾကာမေပါ ၊
![Page 7: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/7.jpg)
အ၀ငးလညလ ၀ျပဆဒလေပၚလာမယ ၊
ညာဘကအေပၚဆးက Skipကႏပပါ၊
![Page 8: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/8.jpg)
I am fully authorized to perform
penetration testing on network.
ကအမနျခစပါ၊
Finish ကႏပပါ
![Page 9: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/9.jpg)
ဘယဘကက ZANTI ကႏပ၊
![Page 10: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/10.jpg)
zTether ကႏပပါ၊
![Page 11: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/11.jpg)
Tether Control ထေရာကပါလမမယ၊ ဒထက tool ေတြက
အျကမးဖဥးေျပာရမယဆရင
![Page 12: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/12.jpg)
1. Logged Request
ဆတာက viticam ဆက network traffic ေတြအကနလးကျပေပးမယေနရာပါ၊
2. Logged Images
ဆတာက viticam ေတြျကညေနတ website ေတြ messenger ေတြက ပေတြကျပေပးမယေနရာပါ၊
3.zPackage Editor
ဆတာမာကေတာ HTTP request တစခခငးဆက ျပငဆငႏငမာပါ၊
4.SSL Stript
ဆတာကေတာ https လငးက http ျဖစေအာငလပေပး
တာပါ၊ ဒေကာငကအဓကကပါတယ ၊ ဘာလ ဆ https ကြနနကရငက ကၽြနေတာတ ၾကားျဖတယလ မရပါဘး၊ဒါေၾကာင viticam က https access မရေအာင လပထားပါမ viticam
![Page 13: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/13.jpg)
ရအငတာနကကြနယကက ၾကားျဖတယလ ရပါမယ၊
5.Redirect HTTP
ဒါကေတာ ရးရငးပါတယ ။ viticam က www.bing.comက browser ကေနသြားတယဆရငwww.bing.comကမေရာကပ ကယေရာကေစခငတေနရာ eg.www.kyawzinhein.netကေရာကသြားေအာင
လပတာပါ၊ www.bing.comတငမဟကဘးေနာ သဘယလပစာ
ကပ request လပလပ ေျမာကဒဂသား blog ကပေရာကပါမယ။
6.Replace Image
နာမညအတငးပ ပအစားထးတာပါ၊ ဥပမာ www.xvideos.comမာဂလတယဆပါစ အမာေပၚေနတ 18+ videos ေတြပရ ပေတြေနရာ
မာ အစားထးလကတပ တစပတညးကသြားေပၚေနမာပါ၊
![Page 14: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/14.jpg)
viticamဆမာတကသမပေတြအကနလးက
သငအစားထးလကတ (eg.၀ကပဆ) ၀ကပေတြၾကးေပၚေနမာပါ၊
ဘယပမဆ သငတငထားတ၀ကပၾကး ပေပၚေနမာပါ၊
7.Capture Download
viticam ကဘာပေဒါငးလဒဆြဆြ သငဖနးမနမရထကပါ တစခါတညး
ေဒါငးလဒကးယေပးမာျဖစပါတယ၊
8.Intercept Download
ဒါလညး replace image လပါပ ၊ viticam ဘာပေဒါငးလဒဆြဆြ
သင အစားထးထားတ ဖငကပဆြသြားပါလမမယ ၊
eg . downတာက 18+အစားထးထားတာက anime :P
ဂြမးေလသတညး၊
![Page 15: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/15.jpg)
9.Insert HTML
ဒါကေတာမသးတကရငေတာ ၾကကမာမဟကဘး script injection လပတာပါ ၊ www.bing.comကသြားတယဆပါစ ကယက
<script>alert(''Hacked by PuuPuu”)<script>ဆျပး inject လပထားရင viticam ဆမာ Hacked By PuuPuu ဆျပးသြားေပၚေနမာပါ ၊
![Page 16: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/16.jpg)
How To Hack in Real World……
1. လစညကားရာေနရာတစခကသြားပါ၊
2. Tether Control ကဖြငပါ ၊ ၀ငဖင hotspot တစခလႊငပါမယ၊
3. သငေထာငထားတhotspotထက၀ငလာတသက hack ႏငပါတယ၊
Tether Control က On ပါ၊
![Page 17: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/17.jpg)
အခဆရင ငါးမားခတခလကပါျပ သားေကာငက ေစာငပါ၊ မပပါန
၀ငဖငအလကားရတငး သးတာ
ကၽြနေတာတစေယာကတညးမဟကပါဘး မားမား၀ငေစခငရငေတာ
Free Internet Access ဆျပး Access Point SSID: မာေရးလကေပါ
က တစေယာက၀ငလာျပပထား ကၽြနေတာ ျပမယ ၊ ေအာကမာ show
![Page 18: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/18.jpg)
Logged Request ထက၀ငလကပါ၊
Logged Request ဆတာက အေပၚမာေျပာခသလပ
network traffic ေတြအကနလးကျပေပးမယေနရာပါ၊
![Page 19: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/19.jpg)
Logged Host ဆတာကေတြ ပါမယ ဒထမာဘာေတြကေတြ ရမလဆရင
Viticam ေတြဆက Request လပေနတ host ေတြကေတြ ရပါမယ၊
ဥပမာ viticam က www.google.comလ browser
ကေနရကလကမယဆရင ဒထမာ www.google.comဆျပးလာေပၚမာပါ၊
Link ေတြအမားၾကးေတြ လ viticam က browser
မာေလာကရကေနတယမထငပါန viticam ရ ဖနး၊ကြနပတာ ေတြမာ
သြငးထားတ app ေတြ software ေတြကေန request
လပေနတာျဖစပါတယ၊ ကယတငဖနးႏစလးန စမးၾကညပါ ပျပး
နားလညလြယမာပါ၊
--------------------------------------------------------------------------
![Page 20: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/20.jpg)
Password Hacking…..
Gmail ကဥပမာ ေပးျပးေျပာပါမယ ဒနညးလမးက Gmail မဟကပါဘး ၊
ဘယလ Login Process မးကမဆ ရကသြငးလကတ
username & password ကၾကားျဖတျပး ရယႏငမာျဖစပါတယ ၊
eg : Viticam က www.gmail.comမာ login ၀ငလကပါတယ၊
email န password ကထညပါတယ၊ Login ၀ငလကပါတယ၊ ဒါဆ
Logged Host မာ ဒလေပၚလာပါမယ၊
အ၀ါေရာငန ျပထားပါတယ ၊ 5 request, 1 passwords ပါ
![Page 21: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/21.jpg)
အ၀ါန ျပထားတာကႏပလကရင
username:password ထြကလာပါမယ၊
ေအာကမာၾကညပါ
![Page 22: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/22.jpg)
အမာျမငရျပေနာ ယဇာနမးက [email protected]
ပကစ၀ကက thisispassword
ကဗာ ဘယေလာကလြယလ
ေနာကထပ Sessions ဆတ Tab ထကေန viticam ၀ငထားတ Forum
ေတြန သloginျပးသးေနတ website အစရတာေတြက user,pass မလပ
၀ငၾကညႏငပါတယ၊ ကနတာကေတာ ကြကယၾကညေပါဗာ
![Page 23: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/23.jpg)
Logged Image....
ဒါကေတာ viticam ၾကညေနတပေတြက ယၾကညတာေပါ၊
ဥပမာ သက website တစခၾကညေနတယဆရင
အ website မာရတပေတြ ဒထမာေပၚလာလမမယ၊
အာက Logged Image လပတယေပါဗာ၊
![Page 24: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/24.jpg)
zPacket Editor.....
ဒါကဘယလသးလညးဆေတာ
သကဖြငထားမယ ဆရင viticam က www.xvideos.com
က request လပတယဆပါစ Zpacket Editor ထမာေပၚလာပါမယ၊
ကယက ခြငျပလကမ viticam ဘကမာ
xvideos.com တကလာမာပါ၊
တစခသတထားရမာက ကယက ခြငလညးမျပ
ဘာမလညးမလပဘးဆရင viticam ဘကမာwww.xvideos.comဆျပး
အ၀ငးပလညေနမာပါ ဘာမကလာမာမဟကပါဘး
![Page 25: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/25.jpg)
SSL Stript.....
SSL Stript ကေတာ မျဖစမေနOn ေပးရပါမယ၊SSL ဆတာက Safe Secue
Layer ကေျပာတာပါ၊တစနညးအားျဖငဆရင https ကေျပာတာပါ၊
ကၽြနေတာတ က webpage ေတြကၿကညတအခါhttps န ၾကညမယဆရင
ေတာရတနရ ၾကာျဖတရယဖ ခကခေစပါတယ၊SSL Stript က
On ေပးျခငးအားျဖင viticam ဘကမာ https ကသးလ မရေအာင
ျပလပလကတာျဖစပါတယ၊ဒါမသာလငကၽြနေတာတ ၾကားျဖတ
ခးယၾကညလ ရမာပါ၊
![Page 26: zAnti Android Wireless Pentesting guide ().pdf](https://reader035.vdocuments.mx/reader035/viewer/2022082211/5695d2471a28ab9b0299cc83/html5/thumbnails/26.jpg)
အစဆးဖတျပးျပဆေတာ ဖရး၀ငဖငေတြ
မ၀ငသငဘးဆတာသေလာကျပေပါဗာ
ဘာပျဖစျဖစ Educational Purpose Only ျဖစလ ျဖစေပၚလာသမ Risk
ေတြကတာ၀နမယပါေၾကာငး
Written by
puupuu@deb~lab
~
I am blogger !
www.kyawzinhein.net
ေျမာကဒဂသား