zANTI is a penetration testing toolkit designed for computer security experts by zimperium mobile security. It essentially helps you to simulate malicious network attacks. You will be able to execute different forms of attacks with the use of zANTI, including MITM attacks, MAC address spoofing, scanning, password auditing, vulnerability checks, and several more.
Today I'll show you how to use zANTI.
Before diving into the tutorial, take a look at what you can do with zANTI:
- Change device's MAC Address
- Create a malicious Hotspot
- Hijack HTTP Session
- Capture Downloads
- Modify HTTP request and responses
- Exploit Routers
- Audit Passwords
- Check a device for shellshock and SSL poodle vulnerability
NOTE: Before downloading this app, make sure your smartphone is fully rooted and that you have SuperSU installed.
How to Apply zANTI:
- [ Official Link ] Download zANTI 2.2
- Install it on your computer, launch the app, and allow root access.
- You'll see something like this:
- Enter your email address and check the "I approve Zimperium's EULA" box before clicking "Start Now." A pop-up window will now open.
- If you want to enter zNetwork, click enable; otherwise, click skip and wait a few seconds.
- Tap "Skip," then allow zANTI (check the "I am completely allowed to conduct network penetration testing" box):
- Select "Finish."
Let us now discuss the software modules.....
Mac Changer
You can update your WiFi Media Access Control (MAC) Address using Mac changer.
Mac Changer: How to Use It:
- Use the arrow keys to navigate (or swipe from the left).
- Select "MAC Changer" from the drop-down menu.
- Select "Set new MAC Address." Wait a few seconds and you will receive a new MAC address!
If you choose to use a custom MAC address, uncheck "Generate Random" and then enter the desired MAC address. Then choose "Set new Mac Address."
Now for the next one.....
zTether:
It enables you to build a WiFi hotspot and manage network traffic.
Hot to use zTether :
Note: Please keep in mind that you must turn off your device's WiFi before using zTether.
- Select "zTether."
- Enable users to bind to your network after turning on "Tether Control." You should begin experimenting with traffic until you have at least one user on your network!
- If you have a user on your network, click the first (Logged Requests) "View" button to show all HTTP requests made by the user(s) on your network. It may include passwords and other classified details.
You can get more information about any logged operation (sessions, keys, questions, and user agents) by tapping on it:
Simply tapping on a session will allow you to hijack an HTTP session. It will launch the victim's session on your computer.
To see all of the files sent on your network, use the second "View" (Logged Images). This covers any photos that users have submitted.
Moving onto the next program module....
zPacketEditor is a packet editor:
It gives you the ability to change HTTP requests and replies on your network. It is essentially an immersive mode in which you can edit and submit each request and answer.
zPacketEditor's Operation:
First, select "zPacketEditor" and then enable the module. (1) There will be live questions and answers there .(2) Swipe to the right if you want to edit a specific request or comment. (3)After you've finished editing, click the "Send" button.
Moving on to the next feature....
SSL Strip : SSL Strip is a form of Man in the Middle Attack that causes the victim's browser to use HTTP rather than HTTPS (SSL Strip is turned on by default).
Note: Websites that use HSTS (HTTP Strict Transport Security) are not vulnerable to SSL Strip attacks.
Moving onto the next one...
HTTP redirection
It enables you to redirect all HTTP traffic to a specific website or server. For eg, if you allow "Redirect HTTP," all HTTP traffic will be routed to Zimperium servers (default configuration). If you want to direct all traffic to a specific location, tap on the settings button, and you'll see a field where you can insert a URL. Enter a URL in the field and then press the settings button again.
Both http requests should be redirected.
Now we'll go on to my favourite MITM module....
Images can be replaced.
It allows you to overwrite website icons (in the victim's web browser) with your own. To substitute a file, first tap on the settings icon, then on "Select Image":
Images zANTI should be replaced
After you've chosen a picture from your computer, click the settings button.
Image has been substituted.
Users will now display the chosen picture all over the internet!
Now for the next one.....
Download Capture
It enables you to intercept and download any files you specify to the SD card. For example, if you wish to grab pdf files, you must first tap on the settings icon and then choose the.pdf option from the menu. Then choose "Capture Download."
Download Interception
You may use Intercept Download to overwrite a downloaded file with a specific file. You must first tap on the settings icon in order to intercept and replace the victim's downloaded data. Then, tap "Pick File" to choose a file:
After you've selected the file, go back to the settings menu and allow "Intrecept Download."
Insert HTML here. Insert the specified HTML code into webpages
You may use it to inject specific HTML codes into web pages. Simply allow the "Insert HTML" module to view a warning box with the text "zANTI Test." However, if you wish to inject your own HTML codes into the web pages, you must first tap on the settings icon and then type the HTML codes. Then, press the configuration icon once more.
www.routerpwn.com
Router pwn is a software application that allows you to hack router vulnerabilities. It consists of a set of ready-to-run local and remote exploits.
How to Use Routerpwn.com: First, tap on "Routerpwn.com," which will open the www.routerpwn.com page. Then, choose your router provider from the list. There are several ready-to-run local and remote exploits there. Make use of them!
WiFi Tracker It helps you to monitor WiFi signal power, name, and MAC address. In a nutshell, nothing extraordinary!
HTTP Server is an abbreviation for Hypertext It gives you the ability to run an HTTP server on your Android smartphone. All you need to do is choose "HTTP server" and then enable the software module:
HTTP Server Log Entries
It should be noted that you can also build folders and store files on the disc.
It's time to return to the main window:
There are four functions visible at the top of the panel. The first displays the computers discovered on the goal network (history). The above is used to trace and remap the network. The third feature is a search tool that can be used to look up information on a specific device. The final feature is a "Add Host" function, which is used to add a specific host to the existing network.
What Is the Best Way to Scan a Target Device?
- First, use a network computer (just tap on it).
- Then press the "Scan" button
When scanning the unit, you have the option of changing the "Scan Type." You can also run a script when scanning the target; simply pick the script from the "Execute Script" menu. It also has a feature named "Smart Scanning" that detects vulnerabilities in the target system.
After configuring the scan options, tap "Go" to begin scanning the unit.
After configuring the scan options, tap "Go" to begin scanning the unit. When the scan is over, zANTI will show a message that says Scan done.
You will get the scan summary by selecting "Nmap Scans" from the menu.
Now for the next issue.....
How Do I Make a Link to a Device?
Follow the steps below:
Please keep in mind that the ConnectBot app must be activated on your smartphone. [ Official Website ]
- Choose the target computer, then click "Connect to Remote Port."
- ConnectBot can connect your computer to the host if you tap on any port.
Audit of Password Complexity It is a computer module that can be used to determine the strength of a password. That is, it will assist you in strengthening the stability of your device.
Here's how to do a login difficulty audit with zANTI:
Choose the system to be audited. Then choose "Password Complicated Audit."
The free version of zANTI does not allow you to adjust the cracking process.
To audit a certain protocol, disable "Automatic Mode." To begin the audit in the Automatic Mode, press the "Go" button.
How to Execute an MITM Attack
Using zANTI to do a Man In The Middle attack is better than anything else. To carry out an MITM assault, follow the steps below:
- Select the target and then tap on "Man in the Middle".
I don't think I can go through the same software modules again, so I'll discuss the "MITM approach."
The MITM Method The "MITM process" application module is used to pick your preferred MITM technique. There are two options: ARP (Address Resolution Protocol) and ICMP (Internet Control Message Protocol) (Internet Control Message Protocol)
"What is the difference between these two methods?" you can wonder. Here's the solution:
The ARP MITM attack operates by spoofing MAC addresses within the LAN. That is, the attacker's computer serves as both the target system and the router.
The Router - Attackers computer is the user's machine in the eyes of the Router.
From the perspective of the victim's screen, the attacker's rig serves as the router.
The ICMP MITM attack is carried out by spoofing an ICMP redirect message sent to the router. The forged message redirects the victim's traffic into an attacker-controlled router.
How to Test a Target for the "ShellShock" Vulnerability
First, choose the computer to which you want to send the data. Then choose "ShellShock." It will begin to search the target.
zANTI Shellshock Vulnerability Wait for a while. It will show the result after scanning the target screen.
How to Examine a Target for the "SSL Poodle" Vulnerability
Select the target device first, then tap "SSL Poodle," which will search the device and show the results.
So this ends my blog; I hope that this blog has provided you with the some valuable knowledge.
Learn Ethical Hacking & Penetration Testing With CyberTalk.
The link is given below, check it out..
If you are interested, then Enroll Now.
