If you have read my previous articles on man in the middle attacks then you know how powerful they can be. But many people kept asking me if this could be done on their android phones without having to use kali Linux.
Well, luckily we have zanti which has automated almost all of the hacking process. Do note that this tool by no means is perfect however it works like a charm on all older versions of windows. However, after windows 10 it starts becoming a little tricky because it works only on certain websites.
Man in the middle attack:
This is a network-based attack where you become a proxy between the victim and the webpage they are trying to visit. With this setup, you can spy on the traffic on the target activities and network traffic. In this tutorial, we will use zanti to do a man in the middle attack using your android device.
So without further ado, let’s start MITM with zanti
Step 1: Download and install zanti
You can download zanti from their official website
Step 2: Scan the network
When you click on “scan the network” choose all the options if you want in-depth data about each target. Which OS they are using etc.
Step 3: Review this information
By reviewing the collected information we can get to know about the network and the devices on the network. Now we can identify the target and do a targeted man in the middle attack on the victim
Step 4: Now decide which options you want to use
While doing a man in the middle attack we need to select certain options. My recommendation is to go for https redirection only. The rest of them will not be that helpful since they will be easily noticed. However, the following combination will not be detected easily.
Step 5: Start MITM attack with zanti
Click on the start button to begin the MITM attack. As you can see requests will start getting captured.
Unfortunately for me my router was very secured and started blocking all connections. Even then I was able to capture some credentials as shown. On routers made before 2019, you will probably be able to capture a lot more information.
As you see my username and password were captured. This is all it takes to do a MITM attack. Zanti has automated most of the hacking commands making it very easy for anyone to do a man in the middle attack.
How can I be secure from MITM attacks?
- Use security add-ons like “ HTTPS everywhere ” in chrome and firefox browsers. HTTPS Everywhere (Mozilla Firefox) & HTTPS Everywhere (Google Chrome)
- Update your browser to the latest version
- Update your OS
- Use a good antivirus
- Use Vpn
- For android devices, you can update them directly from the play store.
Commonly asked questions about MITM with zanti
Q1. Is using this attack on public wifi legal?
No, it not. It is only for testing purposes. This article is an educational article; please use it with the same intent.
Q2. Can I hack anyone over the internet?
No, this attack words when both the attacker and the victim are on the same network. The same wifi to be more precise
Q3. Can I hack android devices with this attack?
Yes, if the victim is using websites that do not have https protection then yes you can hack them with this method.