Intercepter-NG es una de las herramientas más poderosas para Espiar conversaciones de Mensajería Instantánea Microsoft Windows Live Messenger (MSN chat). Es de origen Ruso, totalmente gratuita, sin restricciones de funcionalidad y bastante universal: existen versiones para Windows, Linux, Mac OSX, iPhone, iPad y Android (muy pocas herramientas en el mundo pueden presumir este nivel de soporte).
Puede espiar conversaciones de Microsoft Windows Live Messenger / MSN, JABBER (Google Talk, Facebook Chat), YAHOO, ICQ, AIM, IRC y MRA.
En este tutorial explicaré la instalación y uso de Intercepter-NG en un iPhone. El procedimiento para instalarlo en iPad es exactamente igual.
El enorme beneficio de emplear un dispositivo móvil para efectuar el monitoreo, es que obtenemos una gran portabilidad y discreción durante las actividades de Espionaje. Por supuesto, este tipo de técnicas sofisticadas requieren que su dispositivo móvil ya tenga aplicado el “jailbreak“.
PROCEDIMIENTO DE INSTALACIÓN
1. Abra Cydia. Busque e instale las aplicaciones libpcap, OpenSSH, wget y unzip.
Although we cannot get more robust applications loaded onto the iPod touch, such as Core IMPACT or HP WebInspect, there are still some good applications available. For example Nikto open-source (GPL) Web server scanner version information; Nikto is a Perl application available for download at http://cirt .net/nikto2.
Ranked #12 of the top 100 network security tools by Insecure.org, Nikto will scan a server for configuration files, cgi applications, outdated version information, and a multitude of other bits of data that can be useful in a penetration test. Although most of the work done by Nikto focuses on information gathering, it does a pretty good job of identifying potential vulnerabilities when found.
Unfortunately, the iPod touch’s wireless chip cannot be placed into promiscuous or monitor mode, meaning we cannot obtain wireless data necessary to conduct brute force attacks against wireless access points using encryption. There are other mobile devices that can be set for promiscuous or monitor mode, so if a brute force attack is an absolute necessity, there are options available. However, there is an application that can intercept traffic on a wireless network called “Pirni,” written by Axel Moller also available through Cydia.
The program is configured to intercept all traffic intended for the default router (192.168.1.1 in this particular network) through ARP spoofing. Based on the Berkley Packet Filter (BPF) values, the only traffic that will be collected is TCP segments leaving the network, destined for port 80. The BPF can be modified to capture whatever type of traffic we are after. The Regex Options are used to immediately capture interesting packets, such as usernames and passwords.
To understand the true capabilities of idevices, let us look at some of the different stages conducted during a professional penetration test and see how we can use mobile devices in each stage. Although availability of tools will vary with each
mobile device, we will examine those tools available to the iPod touch.
To gather information about a target network, we can use functionality already built into most mobile devices. An Internet Web browser is a natural starting tool to gather information on corporations, employees, and networks. However, a browser can only give us so much information – additional tools we can install include Nmap and Telnet, which allows us to scan a target system or network and connect with discovered systems.
The advantage of using a repository like Cydia is that the program has already been compiled and can be installed on the iPod touch with no more than a click of a button. In fact, the number of applications available for the iPod touch through the Cydia repository are so numerous that very few hacker applications need to be compiled separately – the work has almost been entirely done for us.
Mobile phones and personal data assistant (PDA) appliances used to be limited in their functionality; however, today there are wireless devices that operate using advanced operating systems and support applications that are incredibly useful for conducting clandestine activities. As an example, Apple’s iPod touch runs on the UNIX-Darwin kernel, which is open source,2 POSIX compliant, and single UNIX specification version 3 (SUSv3) compliant. Because of this, advanced hacker appli- cations can be built and installed onto the device, making the iPod touch a powerful hacking platform.
Regardless, there are some interesting trends that we can examine and use to our advantage.
The first trend is the use of open-source operating systems. As already mentioned, the iPod touch and the iPhone, both products of Apple Inc., uses the Darwin operating system. Additional proprietary applications, including graphic interface software, have been added to these portable devices; however, the core system is undeniably UNIX based.
The second trend is the increase in computing power and memory. Although the iPod touch does not have the processing capabilities of desktops or even laptops, they are quite capable of processing large amounts of data rapidly. As a benchmark test, the iPod touch (first generation) was able to process 577 MD5 hashes per second using the password cracking tool “John the Ripper.” In comparison, the MacBook Pro with a 2.8GHz Intel Core Duo processor was able to process 7674 per second. Although about one-twelfth the capability of the MacBook Pro, the iPod touch results are still impressive for what many consider as simply a fancy MP3 player.
The method of obtaining applications needed for penetration testing or covert audio and video communication will vary, depending on the mobile platform. In the case of the Droid and Palm Pre, access to the underlying operating system is avail- able by design. However, in the case of the iPod touch, access to the operating system can only be achieved by “jailbreaking” the phone, which circumvents protection mechanisms installed by Apple.
The actual method of jailbreaking varies, depending on the generation of the iPod touch and the version of the installed software (HOW TO jailbreak is explained in another post -same hack section). Once jailbroken, we can place applications on our device through different repositories – the most notable is called “Cydia.” More information on Cydia can be found at http://cydia.saurik.com/.
It is a well-known fact that almost any version of the Apple proprietary operating system, also known as iOS can now be jailbreaked, and that after the jailbreak procedure is complete, third part app platforms can now be installed. One of the well-known and efficient is Cydia. Lots of users install it, but then they hit a psychological wall: what apps, games and tweaks they can install, and more importantly, where can they get it from? Just add some cydia sources in the manage section and your are ready to search and download the desired cydia app.
BigBoss – No.1 Cydia Repo/Source
First of all you need to know that in order to download and install cracked Cydia apps, you need to have configured repositories that are actually a sort of online hubs where developers can post their content. Finding the right repositories for your device, is a different matter, since not all app sources can be trusted to provide you with the best content out there, and choosing the wrong content for your device may have dramatic consequences that could end up with bricking your gadget.
Make your iOS 6 look like iOS 7 – Cydia Apps
I’ve taken the liberty to compile a short list of Cydia repositories for you to read and choose from according to your needs. Remember: adding all the repositories you can find can and will slow down your Cydia app, making its use harder and slower.
1. SiNful iPhone is one of the Cydia repos that has a growing community of no less than 3000k users, provides with forums and support for its users and is becoming the leading source for high quality cracked Cydia apps. Simply put is the actual best free source for high quality Cydia apps. To add this repository, enter Cydia/APT URL: http://sinfuliphonerepo.com.