百度百科说:

dSploit是一款Android平台的网络分析和渗透套件,供IT安全研究人员/极客对移动设备进行专业的安全评估。 dSploit允许你分析、捕捉和发现网络包。你可以扫描网络中的设备,比如手机、笔记本,并且发现他们的操作系统、服务和开放端口进行更深层次的渗透测试。这些特点使得dSploit成为有史以来移动设备上最专业的安全评估软件。
但是吗。。dsploit就是一个黑客工具,从她的图标可以看出来。dsploit能干的事很多,比如中间人攻击/数据包伪造等。但今天主要介绍中间人攻击,因为这是最有趣的。。。

一、安装前的准备


 

①首先你要有一台有ROOT权限的安卓版本2.3以上的安卓手机

②你的手机要完全安装了BusyBox。

这里给出所需工具的下载:

BusyBox安装器: http://pan.baidu.com/s/1gvmG2

Dsploit主程序: http://pan.baidu.com/s/1pJyR5P5

首先在手机上安装BusyBox安装器。

[

Screenshot_2014-08-03-16-04-24-725](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-04-24-725-576x1024.png)
Screenshot_2014-08-03-16-04-24-725](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-04-24-725-576x1024.png)

 

启动安装器,给他ROOT权限,然后等待初始化完成

[

Screenshot_2014-08-03-16-04-53-778](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-04-53-778-576x1024.png)
Screenshot_2014-08-03-16-04-53-778](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-04-53-778-576x1024.png)

[

Screenshot_2014-08-03-16-05-10-20](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-05-10-20-576x1024.png)
Screenshot_2014-08-03-16-05-10-20](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-05-10-20-576x1024.png)

然后点“安装”等待其安装完成

[

Screenshot_2014-08-03-16-06-21-689](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-06-21-689-576x1024.png)
Screenshot_2014-08-03-16-06-21-689](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-06-21-689-576x1024.png)

[

Screenshot_2014-08-03-16-09-29-528](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-09-29-528-576x1024.png)
Screenshot_2014-08-03-16-09-29-528](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-09-29-528-576x1024.png)

到此,安装Dsploit准备工作完成!

二、安装Dsploit


 

没什么要说的。。。。

[

Screenshot_2014-08-03-16-25-00-695](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-25-00-695-576x1024.png)
Screenshot_2014-08-03-16-25-00-695](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-25-00-695-576x1024.png)

三、嘿嘿,开始干坏事


进入程序后列出的是局域网内的设备。最上面是本机的信息。第二个是路由器的信息,在下面就是局域网内的设备了

[

Screenshot_2014-08-03-16-27-15-329](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-27-15-329-576x1024.png)
Screenshot_2014-08-03-16-27-15-329](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-27-15-329-576x1024.png)

选择一个设备进入攻击,这里有好多功能,但最有趣最实用的就是下面的“中间人攻击”

[

Screenshot_2014-08-03-16-27-38-868](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-27-38-868-576x1024.png)
Screenshot_2014-08-03-16-27-38-868](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-27-38-868-576x1024.png)

进入中间人攻击。一个个介绍其中的功能。

[

Screenshot_2014-08-03-16-29-46-630](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-29-46-630-576x1024.png)
Screenshot_2014-08-03-16-29-46-630](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-29-46-630-576x1024.png)

首先是密码窃取工具,进入后点“开始”,然后目标设备登陆网络账号/FTP账号什么的密码都会被窃取到(但我没成功,打开后域名解析不了,FTP密码也没窃取到,大家试试,应该能行)

[

Screenshot_2014-08-03-16-30-05-163](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-30-05-163-576x1024.png)
Screenshot_2014-08-03-16-30-05-163](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-30-05-163-576x1024.png)

然后是会话劫持,它可以侦测目标设备上的会话并显示到本机上。比如,目标机正在访问百度,本机就已经劫持到了

[

Screenshot_2014-08-03-16-38-25-828](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-38-25-828-576x1024.png)
Screenshot_2014-08-03-16-38-25-828](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-38-25-828-576x1024.png)

点击就可以进入劫持页面:

[

Screenshot_2014-08-03-16-38-55-114](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-38-55-114-576x1024.png)
Screenshot_2014-08-03-16-38-55-114](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-38-55-114-576x1024.png)

下面是重定向,它可以把目标设备的所有http请求都重定向到指定网址,但大部分网站好像都不行,试了几个,uc的官网可以

[

Screenshot_2014-08-03-16-42-24-74](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-42-24-74-576x1024.png)
Screenshot_2014-08-03-16-42-24-74](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-42-24-74-576x1024.png)

上电脑上访问百度看看效果,果然被重定向到了uc.cn

[

360截图20140803163939773](https://cdn.aoaoao.me/wp-content/uploads/2014/08/360截图20140803163939773.png)
360截图20140803163939773](https://cdn.aoaoao.me/wp-content/uploads/2014/08/360截图20140803163939773.png)

[

360截图20140803164208983](https://cdn.aoaoao.me/wp-content/uploads/2014/08/360截图20140803164208983-1024x262.png)
360截图20140803164208983](https://cdn.aoaoao.me/wp-content/uploads/2014/08/360截图20140803164208983-1024x262.png)

 

接下来是替换图像,可以将网页中的所有图像替换成指定图像,可以是URL也可以是本地。从本地选一张图片:

[

Screenshot_2014-08-03-16-42-33-200](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-42-33-200-576x1024.png)
Screenshot_2014-08-03-16-42-33-200](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-42-33-200-576x1024.png)

然后访问网页看效果:大部分图像都被替换掉了

[

360截图20140803164415152](https://cdn.aoaoao.me/wp-content/uploads/2014/08/360截图20140803164415152.png)
360截图20140803164415152](https://cdn.aoaoao.me/wp-content/uploads/2014/08/360截图20140803164415152.png)

 

 

接下来是我最喜欢的 :-D 脚本插入,可以在所有网页中都插入指定js脚本。进入后选择“自定义代码”,然后输入js代码

[

Screenshot_2014-08-03-16-44-40-361](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-44-40-361-576x1024.png)
Screenshot_2014-08-03-16-44-40-361](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-44-40-361-576x1024.png)

[

Screenshot_2014-08-03-16-45-24-588](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-45-24-588-576x1024.png)
Screenshot_2014-08-03-16-45-24-588](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-45-24-588-576x1024.png)

在电脑上随意访问网站,js都成功插入,弹出对话框:

[

QQ截图20140803164535](https://cdn.aoaoao.me/wp-content/uploads/2014/08/QQ截图20140803164535.png)
QQ截图20140803164535](https://cdn.aoaoao.me/wp-content/uploads/2014/08/QQ截图20140803164535.png)

最后再介绍一个比较常用的非中间人攻击功能。暴力破解路由器密码。返回上一级目录,选择你的路由器,选择“端口扫描器”,等一会,如果下面显示有东西,就成功了,如果空白,那就是真没有。。

[

Screenshot_2014-08-03-16-52-41-517](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-52-41-517-576x1024.png)
Screenshot_2014-08-03-16-52-41-517](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-52-41-517-576x1024.png)

返回,进入登陆密码破解,选择密码词典,密码长度,等待他暴力破破解

[

Screenshot_2014-08-03-16-53-18-44](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-53-18-44-576x1024.png)
Screenshot_2014-08-03-16-53-18-44](https://cdn.aoaoao.me/wp-content/uploads/2014/08/Screenshot_2014-08-03-16-53-18-44-576x1024.png)

如果运气好真破解出来了,那这家Wifi就完全被你霸占了,如果没有,别的功能也够用了。