Monday, June 13, 2011

FaceNiff

This is going on both of the blogs I can post on. 

I just found this really cool app for android phones called faceniff.  Basically what it does is monitor a network and whenever somebody logs in to facebook, twitter, youtube, or possibly other services, the app captures their cookie and makes it your own, so you get access to their account.  It can hijack a session even over an encrypted network whether its WEP WPA or even WPA2!  I tested it out and it worked great.  The free app gives you 3 session hijacks to start with and if you want more there's an option to buy an unlock code.  Or you can just use the cracked version found here: FaceNiff 1.9.4 cracked

Root is required for this app so if you don't have a rooted phone you'll have to do that first.  To unlock the app go to the unlock screen, don't put in any text and click unlock. Voila, unlocked.

Very simple interface to use, you click a big red button and it turns green and then you can check to see if it's captured anybody's sessions and when you click on their name it will open in the web browser and you'll be logged in.  Could be really fun at starbucks.  Like a mobile firesheep hack, but no laptop required now.




Screenshots:





BTW if the person is using SSL then this won't work, so if you wanna protect yourself turn on SSL I guess.

9 comments:

  1. I really need a smart phone now. lol.

    ReplyDelete
  2. damn faceniff sounds crazy. ill have to check it out. +1

    ReplyDelete
  3. Shitttt nice (: Gotta get my android back first -.- then I'm on it!

    trollopingabout.blogspot.com

    ReplyDelete
  4. as if my phone weren't too old for this....

    ReplyDelete
  5. That looks really neat. I saw a firefox extension for it once but didnt know there was a phone app capable ofbsuch shennanigans.

    ReplyDelete