An Android Device (Android 4.4.2 or later).
The users who connected to the same wifi network can hack their devices through Faceniff apk app. Some basic requirements to use this app:. Here are some things you required to start the hacking network sessions. You have to get the apk package from the third party source. So, it is not available in the play store. As it has the hacking tool, it violence the terms and conditions of the play store.
But you have to download the apk file of the application on your device.
It is available freeware on the internet. It is very easy to use for the users who don’t know about the hacking. If you want to hijack someone’s sessions which connected to the same wifi then you get this application on your Android device. Faceniff apk is very easy to use and user-friendly. It can sniff and intercepts the sessions of the other devices connected to the same network. It seems that it uses ARP spoofing internally (I noticed some mentions of ARP in FaceSniff's changelog).Faceniff apk is an Android app which available on the internet to hack the session of the other users who connected to the same wifi network with which you are connected as well. From your note about it using arp spoofing, you can figure that the Hole 196 factor is involved. See Is WPA2 WiFi protected against ARP poisoning and sniffing?. The attacker can then choose to forward the traffic to the actual gateway of the network, so that the victim Wi-Fi clients do not see any abnormal behavior and continue their communication. Because all traffic reaching the attacker (from the AP) is encrypted with the attacker's PTK, the attacker can decrypt the traffic (including login credentials, emails and other sensitive data). The AP will decrypt the traffic and forward it to the attacker, now encrypting it using the attacker's PTK.
All clients that receive this message will update their ARP table - mapping the attacker's MAC address with the gateway's IP address.Īll "poisoned" Wi-Fi clients will send all their traffic, encrypted with their respective private keys (PTKs), to the AP, but with the attacker's MAC address as the destination. The ARP Request has the IP address of the actual gateway, but the MAC address of the attacker's machine. In the ARP poisoning exploit, the insider can include for instance an ARP Request message inside the GTK-encrypted packet. One example of an exploit that can be launched using GTK is the classic ARP poisoning (man-in-the-middle) attack (demonstrated at Black Hat Arsenal 2010 and Defcon18). In a WPA2 network, a malicious insider broadcasts fake packets (with the AP's MAC address as the transmitter's address) encrypted using the shared group key (GTK) directly to other authorized Wi-Fi clients in the network. AirTight has an article that does a great job of explaining exactly what Hole 196 is, and (pasted below) how it can be exploited so that Eve can sniff WPA2 traffic as if it were in the clear. So, for WPA2 networks, FaceNiff is most likely exploiting "Hole 196". An attacker would have to know the security password, however.
The app works even on networks protected by WPA and WPA2 encryption schemes by using a technique known as ARP spoofing to redirect local traffic through the attacker's device.
The packets are now effectively cleartext to Eve.Īccording to an article at The Register, it would seem that ARP poisoning is indeed involved.