Some Android apps achieved to manage sniffing packets, like Shark for root, but that will let you gather only your device's packets data. So, what is needed next, is, an app that can induct ARP poisoning to re-direct packets from the network to your device; few applications succeeded in to bringing this to reality like FaceNiff and DroidSheep. I tried DroidSheep and it worked very well, it even has the ability to capture packets that look interesting such as login information and cookies and then present it to you. It still doesn't work with https, unless one day the developer decides to add SSL spoofing to it.
The only way to download DroidSheep is from its maker's site, since Android Market had it removed for breaking its rules.
Finally, you need to be cautious if you wanted to do ARP poisoning on networks that are not yours, since lots of them are protected against that attack and they warn users if it happens. Adding to that DroidSheep maker had created another application to test the network for ARP poisoning, that application is called DroidSheep Guard, the developer claims it works on non-rooted devices; I haven't tested DroidSheep Guard yet, but I think if you are paranoid about using public WiFi-s you may give it a try.
Labels: Android, Android Sniffer, DroidSheep, Shark for root
Smilar pages