File under Y for “Yikes.”
A programmer, showing off his work at the DEF CON hackers conference in Las Vegas this week, has created an Android app that takes all the technical know-how and computer wizardry out of hacking – and he’s making it available for free on Android devices to anyone who wants it.
PCWorld has the story, which explains Itzhak “Zuk” Avraham’s new Android app, the “Android Network Tool Kit,” or Anti. Here’s a quick explanation from the PCWorld story of what the Anti app will do:
“... offer a Wi-fi-scanning tool for finding open networks and showing all potential target devices on those networks, as well as traceroute software that can reveal the IP addresses of faraway servers. When a target is identified, the app offers up a simple menu with commands like 'Man-In-The-Middle' to eavesdrop on local devices, or even 'Attack;' The app is designed to run exploits collected in platforms like Metasploit or ExploitDB, using vulnerabilities in out-of-date software to compromise targets.”
Basically, it’s potentially push-button hacking. But Avraham wants users to limit the use of the app to “white hat” hacking, or the ethical, harmless testing of networks to check up on their security. Essentially, for pulling pranks and showing people their technological weaknesses and increasing security awareness, not for ruining their lives by stealing social security numbers. These include entering a vulnerable system and then ejecting the disc drive, opening the calculator or snapping off screen grabs in order to prove a hacker was there, without actually doing any damage. Avraham includes a provision about white hat hacking in the app’s terms of service, for whatever that’s worth.
Avraham is releasing Anti in the Android Market this week, so consider this fair warning to add security to your Wi-Fi network and come up with some passwords that are stronger than your pet’s name. The app received some praise from other security experts at the conference, and Avraham said he’ll be porting it to Apple’s iOS platform before long as well. It’s probably doubtful that the app will make it through Apple’s app screening process, but you never know, especially with Apple’s app-approval track record.