Book Image

Learning zANTI2 for Android Pentesting

By : Miroslav Vitula
Book Image

Learning zANTI2 for Android Pentesting

By: Miroslav Vitula

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Learning zANTI2 for Android Pentesting
Miroslav Vitula
Aug, 2015 | 134 pages
No titles found
Table of Contents (12 chapters)
Learning zANTI2 for Android Pentesting
Learning zANTI2 for Android Pentesting
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Introducing Android Pentesting with zANTI2
Introducing Android Pentesting with zANTI2
Penetration testing
zANTI2
Zetasploit
Summary
2
Scanning for Your Victim
Scanning for Your Victim
Network discovery
Open or closed?
Scan types
Run script
Intense scan
Device type
Running
OS CPE
OS Details
Network distance
Uptime guess
TCP sequence prediction
IP ID sequence generation
Ping scan
Quick scan and OS detection
Quick traceroute
Slow comprehensive scan
IP/ICMP scan
Script execution
Brute-force scripts
Summary
3
Connecting to Open Ports
Connecting to Open Ports
Open ports
Connecting to open ports
Cracking passwords
Microsoft-DS port connection
A remote desktop connection
Summary
4
Vulnerabilities
Vulnerabilities
A vulnerability
Reverse engineering
Shellshock
SSL Poodle
Zetasploit exploits
Summary
5
Attacking – MITM Style
Attacking – MITM Style
Man in the middle?
MITM attacks through zANTI2
Summary
Index
Index

Cracking passwords

THC Hydra is one of the best-known login crackers, supports numerous protocols, is flexible, and very fast. Hydra supports more than 30 protocols, including HTTP GET, HTTP HEAD, Oracle, pcAnywhere, rlogin, Telnet, SSH (v1 and v2 as well), and many, many more. As you might guess, THC Hydra is also implemented in zANTI2 and it eventually becomes an integral part of the app for its high functionality and usability. The zANTI2 developers named this section Password Complexity Audit and it is located under Attack Actions after a target is selected:

After selecting this option, you've probably noticed there are several types of attack. First, there are multiple dictionaries: Small, Optimized, Big, and a Huge dictionary that contains the highest amount of usernames and passwords.

To clarify, a dictionary attack is a method of breaking into a password-protected computer, service, or server by entering every word in a dictionary file as a username/password. Unlike a brute force attack...

Previous Section
End of Section 4
Next Section