DroidSheep, a packet grabber for Android
Sniffing networks It basically consists of analyzing the packets that are sent and received on a network. These programs can be used both by hackers and at the user level to simply learn more about our network. In the first case, they could use it to capture information that we send, such as passwords or important personal data. Hence, it is always very necessary to maintain security and not compromise our equipment.
DroidSheep is an application that we can use on Android, which is today the most widely used operating system on mobile devices. It allows us to sniff the wireless networks and capture certain types of data.
In our case we have tested DroidSheep 15. We can download the ZIP file and unzip it on our computer or directly send it to the mobile phone and download it there.
Get started with DroidSheep
To start using DroidSheep, the first thing to keep in mind is that we must have the power option enabled install apps of unknown origin. Otherwise we could not install it on the mobile and we could not use it.
This option can be activated from Settings in a simple way. It will depend on the exact version that we have installed. In general we will have to go to Settings, Lock screen and security and Unknown sources. There we will have to enable this option to be able to add applications without downloading them from Google Play.
Another very important point is that this program will not work on all mobiles. Not at least if we don’t have it rooted. Therefore, this is a requirement that must be taken into account. As standard, without have rooted previously, DroidSheep will not run properly on mobile.
Once we have done this that we mentioned, once we have the device ready to work properly, we simply have to install it. It is a simple process, as it would be with any other similar program.
Later it will ask us to accept the legal terms and the operation of the application. It is the first screen that will appear once we have started the installation. It is basically a warning that we should not use the program to steal third party data and that we simply use it on our own network, for personal use.
Once this is done, we will be ready to start using the program. We will have it correctly installed on our computer and we can start using it. We are going to find two options.
ARP-Spoofing and Generic Mode
When we start using DroidSheep we will find the option to ARP-Spoofing Y Generic mode. We simply have to check the box that interests us at the bottom and click Start.
The first option is to use the program on networks that are encrypted with a WPA or WPA2 password. If we uncheck this option we will only be able to use it in WEP networks, although we will not be able to be detected by third party programs.
We already know that today the WEP certificate is obsolete and can be easily exploited through the right tools and knowledge. Hence the importance of always having reliable passwords, which use stronger encryption such as WPA2.
From that moment on, the program will start capture traffic. When it receives packets that travel through the network, it will show them in the main window. So we can analyze them, obtain information about it, learn more about the connections and also see if there is something that may be affecting our security on the network.
Keep in mind that this program would even allow you to capture cookies from web pages and be able to log in as if you were another user. Of course, for this to happen it must be through unencrypted traffic, something that is less and less widespread today.
Why we must take care of the connections in public networks
The fact that there are programs like DroidSheep is very useful for us to be aware of how data travels and how it could be intercepted and compromise our security. But this can especially get complicated when using public Wi-Fi networks.
If we are connected to a public network, open and available to anyone, such as an airport or shopping center, we must at all times avoid accessing pages that are not encrypted by HTTPS. Otherwise, through programs of this type they could extract information, steal personal data and even passwords.
We can achieve this using VPN programs. They are very useful tools that help us in our day to day to encrypt connections, also circumvent any geographical restrictions, etc. A way to also combat that information can be intercepted when browsing Wi-Fi networks that are not completely secure.
In short, DroidSheep is a program that can act as a sniffer of packets that travel on the wireless network where we are connected. Something we can use to enhance the safety of our Wi-Fi and learn more about the protocols. But it could also be used, along with other similar tools, by hackers on a public network and steal information. Hence, we must maintain security at all times.
We must always count on programs that protect us, like a good antivirus, as well as having the equipment updated correctly. But without a doubt, when it comes to wireless network connections, security must be even more present. We must not leave loose ends that can be exploited by cybercriminals and steal information or infect systems in any way. There are many programs that can be used for bad purposes and we must always keep our networks properly secure, with passwords and good encryption to keep cybercriminals away.