We can use different tools to capture traffic through wireless networks. This is something that allows us to have more control over the security of our Wi-Fi, see if there are any vulnerabilities that we must correct or simply learn more about the protocols. One of the programs that we can use is DroidSheep . It is for Android and offers different options to users to analyze the wireless network. We are going to explain how to use it and what this program can bring us.
DroidSheep, a packet grabber for Android
Sniffing networks basically consists of analyzing the packets that are sent and received on a network. These programs can be used both by hackers and at the user level to simply learn more about our network. In the first case, they could use it to capture information that we send, such as passwords or important personal data. Hence, it is always very necessary to maintain security and not compromise our equipment.
DroidSheep is an application that we can use on Android, which is currently the most widely used operating system on mobile devices. It allows us to sniff wireless connections and capture certain types of data.
In our case we have tested DroidSheep 15. We can download the ZIP file and unzip it on our computer or directly send it to the mobile phone and download it there.
Get started with DroidSheep
To start using DroidSheep, the first thing to keep in mind is that we must have the option to install applications of unknown origin enabled. Otherwise we could not install it on the mobile and we could not use it.
This option can be activated from Settings in a simple way. It will depend on the exact version that we have installed. In general we will have to go to Settings, Lock screen and security and Unknown sources. There we will have to enable this option to be able to add applications without downloading them from Google Play.
Another very important point is that this program will not work on all mobiles. Not at least if we don’t have it rooted. Therefore, this is a requirement that must be taken into account. By default, without having previously rooted, DroidSheep will not run correctly on mobile.
Once we have done this that we mentioned, once we have the device ready to work properly, we simply have to install it . It is a simple process, as it would be with any other similar program.
Later it will ask us to accept the legal terms and the operation of the application. It is the first screen that will appear once we have started the installation. It is basically a warning that we should not use the program to steal third party data and that we simply use it on our own network, for personal use.
Once this is done, we will be ready to start using the program. We will have it correctly installed on our computer and we can start using it. We are going to find two options.
ARP-Spoofing and Generic Mode
When we start to use DroidSheep we will find the option of ARP-Spoofing and Generic Mode . We simply have to check the box that interests us at the bottom and click Start.
The first option is to use the program on networks that are encrypted with a WPA or WPA2 password. If we uncheck this option we will only be able to use it in WEP networks, although we will not be able to be detected by third party programs.
We already know that today the WEP certificate is obsolete and can be easily exploited through the right tools and knowledge. Hence the importance of always having reliable passwords, which use stronger encryption such as WPA2.
From that moment on, the program will begin to capture traffic . When it receives packets that travel the network, it will show them in the main window. So we can analyze them, obtain information about it, learn more about the connections and also see if there is something that may be affecting our security on the network.
Keep in mind that this program would even allow you to capture cookies from web pages and be able to log in as if you were another user. Of course, for this to happen it must be through unencrypted traffic, something that is less and less widespread today.
Why we must take care of the connections in public networks
The fact that there are programs like DroidSheep is very useful for us to be aware of how data travels and how it could be intercepted and compromise our security. But this can especially be complicated when using public Wi-Fi networks .
If we are connected to a public network, open and available to anyone, such as an airport or shopping center, we must at all times avoid accessing pages that are not encrypted by HTTPS . Otherwise, through programs of this type they could extract information, steal personal data and even passwords.
We can achieve this using VPN programs . They are very useful tools that help us in our day to day to encrypt connections, also circumvent any geographical restrictions, etc. It is also a way to combat that information can be intercepted when browsing Wi-Fi networks that are not completely secure.
In short, DroidSheep is a program that can act as a sniffer of packets that travel on the wireless network where we are connected. Something that we can use to enhance the security of our Wi-Fi and learn more about the protocols. But it could also be used, along with other similar tools, by hackers on a public network and steal information. Hence, we must maintain security at all times.
We must always have programs that protect us, such as a good antivirus, as well as having the equipment updated correctly. But without a doubt, when it comes to wireless network connections, security must be even more present. We must not leave loose ends that can be exploited by cybercriminals and steal information or infect systems in any way. There are many programs that can be used for bad purposes and we must always keep our networks properly secure, with passwords and good encryption to keep cybercriminals away.