This is going on both of the blogs I can post on.
I just found this really cool app for android phones called faceniff. Basically what it does is monitor a network and whenever somebody logs in to facebook, twitter, youtube, or possibly other services, the app captures their cookie and makes it your own, so you get access to their account. It can hijack a session even over an encrypted network whether its WEP WPA or even WPA2! I tested it out and it worked great. The free app gives you 3 session hijacks to start with and if you want more there's an option to buy an unlock code. Or you can just use the cracked version found here: FaceNiff 1.9.4 cracked
Root is required for this app so if you don't have a rooted phone you'll have to do that first. To unlock the app go to the unlock screen, don't put in any text and click unlock. Voila, unlocked.
Very simple interface to use, you click a big red button and it turns green and then you can check to see if it's captured anybody's sessions and when you click on their name it will open in the web browser and you'll be logged in. Could be really fun at starbucks. Like a mobile firesheep hack, but no laptop required now.
Screenshots:
BTW if the person is using SSL then this won't work, so if you wanna protect yourself turn on SSL I guess.
I really need a smart phone now. lol.
ReplyDeletedamn faceniff sounds crazy. ill have to check it out. +1
ReplyDeleteShitttt nice (: Gotta get my android back first -.- then I'm on it!
ReplyDeletetrollopingabout.blogspot.com
as if my phone weren't too old for this....
ReplyDeletelol nice!
ReplyDeletethats awesome! followed
ReplyDeleteYep. You're never safe.
ReplyDeleteThat looks really neat. I saw a firefox extension for it once but didnt know there was a phone app capable ofbsuch shennanigans.
ReplyDeleteDead link.
ReplyDelete