iPhone May Be used For Wi-Fi Spoofing And Classic MITM Attacks
As you probably know, traditional device for hacking Wi-Fi networks is a notebook, because hacker will be able to use various specific wireless modules, transmitters and receivers and the fact that hacker will have lots of specific software for that. Also notebooks are powerful enough to commence all the needed calculations. That's why a “classical” Wi-Fi hacker is a guy with a notebook in a black car. But as you know, smartphones and mobile platforms are developing really fast and nowadays, all those hacking operations may be easily made with your smartphone.
Disclaimer: it is not a how to guide, it is a simple example, that is used to show that wireless networks are not really safe and a simple iPhone user may be able to crack any wireless network. We at Jammer-Store do not recommend you to do what's written here, because you will surely have problems and legal issues.
Banned apps
First of all we should mention that your iPhone must be jailbroken, because Apple Store simply bans all the apps, used for Wi-Fi spoofing. But you should know that jailbreak really lowers your smartphone's security. All the apps needed to do hack a wireless network are available at Cydia repository. And everything works perfectly on iOS 4 and higher. The first thing that will be used in that experimetn is “libcap” it is a special library for capturing packages sent with a wireless network. That library will enable hackers to use several popular apps for traffic interception.
Access to the console
You will also need access to the console of your smartphone. You can get it with OpenSSH or Terminal app from Cydia. Those app will requeire Berkeley DB libraries. They are available at a standard repository. Also, that app will be really helpful if you are an experienced user. Bu you should be really careful with that, because using those apps, you can easily let a malware to your smartphone.
Popular application
The most popular and functional application for Wi-Fi spoofing for iOS is Ettercap application, it is able to do all the work from it's interface. We should mention that if you will use that app with a local Terminal app, you won't be able to use graphical interface, just a console, but if you will use OpenSSH – simply run “ettercap -C” command to get a user-friendly intrface.
That app provides really reach options for Wi-Fi spoofing and attack. It is possible to gather and analyze traffic and acquire WEP keys for network access. If the targeted wireless net is using WPA or WPA-2 encryption protocol – you'll have to wait until somebody connects the net. At that moment the password he enters will be intercepted. The only disadvantage here is that it is really inconvenient to work with a console mode.
Traffic interceptor
There is another really popular app, that may be use for the same purposes. It is “pirni” app. That is a traffic interceptor, that was developed especially for iOS. That app is able to gather and analyze traffic, read it with filters for data mining and commence attack on ARP tables of one or multiple hosts. There are both free and commercial versions. The main advantage of the app is its intuitive interface, which enables you to hack wireless networks in one or two clicks.
As a conclusion we may say that wireless networks are not as safe, as we have used to think. They are hackable with smartphones and simple apps. That is why we always recommend to avoid that type of networking and use wired connections or, at least Wi-Fi jamming devices, at places, where Wi-Fi may be reached from outside your facility. We hope that this example will help you to avoid Wi-fi hackers and your private, or corporate information will be safe.