I quite enjoyed installing Android x86 on my Dell Inspiron 15 a few years ago. After logging into Google and going into the Play Store, I realized how many apps I have accumulated over the years of being an Android user. One of those apps was called dSploit: "The most complete and advanced IT security professional toolkit on Android." That it was, and my favorite feature to toy with at the time was MITM. Performing Man-in-the-Middle attacks on my family was amusing to me.
Some of what I was able to accomplish was:
- Kill all network connections.
- Listen for cookies on your network for potential highjacks.
- Sniff passwords.
- Redirect all HTTP traffic to another site.
- Redirect targeted traffic through your device.
- Replace text on webpages with specific ones.
- Replace images with a specific one.
- Replace all YouTube videos on web pages with a specific video.
- Inject Javascript on every visited webpage.
Note that...
- These only work on networks you're logged into.
- This will not work on HTTPS.
- This does work on open networks
- Because you are the MITM, performing these tasks will slow your IP/users fetching and receiving of these pages.
- You need ROOT access on your device for dSploit to work.
I once re-routed my uncle's traffic while he was watching a YouTube video. "I don't understand what's happening! What?" YouTube led him to a website I'd auto-redirected him to. I almost broke out laughing before confessing my nerdy secret. Hmm... if I was a kid in school remote learning, "I'm sorry, professor, my network kept redirecting me away from the school website, I couldn't finish my homework!" Wouldn't that have been smart?
I no longer have old screenshots of the app and from what I know, the development of dSploit has since ceased, but you can still use it. here are web images I found of the app.