Former Writer · Jun 18, 2012 at 06:30 pm

DroidSheep Undresses Network Security and Shows How It’s Done

Typically on XDA, we feature modifications and “hacks” for users to flash and enjoy. Every now and then, though, there’s an application that pops up that’s capable of actually hacking—at least to some extent. Not long ago, we brought you a network spoofing application that allowed people to mess with a computer while it was actively using a network. As a step up from that, there’s now an application to expose network security vulnerabilities from the comfort of your Android-powered device.

Before continuing, please keep in mind that this application is for educational purposes only, and and XDA does not condone information network intrusion on any network other than your own. The application was designed to test the security of social networking profiles over a network. The application was written by Security Researcher Andreas Koch and posted on the forums by XDA Forum Member virus786. As virus786 writes:

…information is not only transfered to its receiver but also to any other party in the network within the range of the radio waves. Usually nothing special happens because the WiFi users discard packets that are not destined to themselves. DroidSheep does not do this. It reads all the packets looking at their contents. Is a website sending a clear recognition feature within a message’s content, which can identify a user (“SessionID”), then DroidSheep is able to read it although it is not intended to external users. Moreover DroidSheep can use this token to use it as its own. The server can’t decide whether the authorized user or DroidSheep has sent the request.

While this sounds like some scary stuff, using HTTPS whenever possible limits the amount of useful information that applications such as DroidSheep are able to obtain.

Head over to the original thread to get started.

Want something on the XDA Portal? Send us a tip!

Former Writer

Former Writer is an editor on XDA-Developers, the largest community for Android users. View Former Writer's posts and articles here.
Mario Tomás Serrafero · Apr 25, 2015 at 11:00 am · 2 comments

XDA Picks: Best Apps of the Week (Apr 17 – 24)

Apps are at the front and center of any smartphone experience, and with over a million apps on the Google Play Store and new apps being submitted to our forums every day, staying up to date on the latest apps and games can be a hassle. At XDA, we don’t discriminate apps - if it’s interesting, innovative, original or useful, we mention them. The XDA Portal Team loves apps too, and we usually share and discuss the latest app releases...

GermainZ · Apr 25, 2015 at 10:24 am · 6 comments

Glimpse Notifications: Easier Lockscreen Notifications

Lollipop brought a revamp to the lockscreen, taking away custom widgets but showing your notifications instead. If you're a fan of that, you might want an easier way to check your notifications as they come in, without losing your current lockscreen. Glimpse Notifications by XDA Senior Member xrad offers just that. You'd normally have to turn your screen on manually to see your notifications. Instead, Glimpse Notifications will do it for you when a notification comes in. That doesn't mean...

Emil Kako · Apr 24, 2015 at 03:11 pm · 4 comments

What Are the Best Looking Apps on Android?

As more developers are updating their apps with Material Design elements, we're starting to see a plethora of beautiful new apps on the Play Store. But which ones are the best? Let us know what you think the best looking apps on Android are and why.

Share This