OS fingerprinting

What is OS fingerprinting?
OS fingerprinting can be defined as the process of pinging a device and detecting which OS it is running. This can be don't using various tools on various operating system.



Why you need to do this?
 By detecting the OS running on a system you can filter and use the exploits which have the higher probability to give you access of the system and maintain it with ease. It also helps you save time as you need to try the vulnerabilities which the system is patched.

How to?
  •  For android:- The best tool which you can use for OS fingerprinting on an android device is Dsploit. The time required for OS detection is mostly dependent on device's RAM. To detect the OS first you need to select the device o which you what to do the OS detection. After that you need to select the inspector and then hit start. After a few minutes you will see the results.
  • For Kali liunx:- Kali Linux has 2 tools to do this task:- 
Nmap is a port scanning tool which can be used for OS fingerprinting. There are various parameters which can be used to detect different details about the system. The one which we used was "nmap -sV -n -T4 -O -F --version-light 192.168.1.* "(without quotes). The * helps you to detect all the devices and  their OS on the network. You can experiment with different parameters for help you can type "nmap -h" (without quotes) for help or you can refer the official site

Armitage is an GUI tool which is mostly used for network exploitation. This tool comes with an host scan option which can help you to scan an detect the OS. There is an quick scan(OS detection) option under host scan which can be used for OS fingerprinting. And after the scan ends the result is displayed in and graphical format which can be changed as per your wish. You can observe that it runs the nmap command in the command line. The main advantage is that you need not to type the command and the graphical format is easy to understand.










Note:-
In our tests we found that this methods were unable to detect the phone's operating systems like android, Blackberry OS,etc.
If you are unable to detect the exact system then you can use the guess command in nmap to find out the probabilities of the system running different operating systems.   

Kick Off with Dsploit

What you need?
For this attack you will only need a rooted android phone and of course the app Dsploit.

How to??
  1. Open the app Dsploit on your phone.
  2. It will show you all that devices connected to the wireless network. If not then hit the refresh symbol on the left hand side of the screen.
  3. Now select the specific target which you would like to kick out of the network. If you want to attack the entire wireless network then select the router.
  4. Now select MITM(man-in-the-middle) from the list.
  5. Now it will open a new list. Select kill connections to kick the target which can be a single devices or all of them from the network. 
  6.  After a few seconds you will see that your devices will be unable to connect to the net through the browser.

  7. Select it once again to stop it...
Note:-
You can also select the other options like redirect, replace images, etc. We will advice you not to try on corporate networks. If caught you could be sent to jail. You can still use it to annoy your siblings or friends. 
If you are using an android phone with android 4.0+ then you can use Zanti 2 which is an updated version of Dsploit.

 

How to select a phone to build a bad phone?

Why you need to hack from a phone???
 Phones are devices which were made to be portable. Since the 1990's hacker have been trying to use the networks for malicious purpose. As time passed the phones become more smarter and smarter as the number of features were added to them. And and and the best thing about these devices that you can enter and exit without getting into trouble..


Which operating system you need???
Phones come with various operating systems. But now most phones have android or ios this is mostly dependent on the phone which you buy for example you buy a Sony, Samsung, Motorola, etc then the OS is android and if you buy an apple product you might be having ios. There are other operating systems which are good but the development for these operating systems is not sufficient and coding your own exploits for these systems can be an headache. Let's compare ios and android as these operating systems are the major operating systems in the smartphone market. ios is a good operating system and has a significant development. But this is a little secured OS and hence it is a little hard to work in such an locked system. This as far as hacking is concerned the best operating system is android. It is obvious that we need to get the root access of the system to perform some hardcore hacking...

What hardware you need in your phone??
  1. processor:- Most android phones have snapdragon or Intel or ARM. The only difference between them is that snapdragon is a high graphics processor and ARM & Intel are good utility processor which support most of the apps. We would personally advice you to use ARM as it is stable and most apps work on it as some apps like Dsploit require an ARM processor. You can check this with apps like AnTuTu benchmark app and similar apps.
  2. NFC:- NFC(Near field communication) is an new feature which has been added in a few smartphones this feature can be use for RFID hacking and some smart credit card skimming. This feature was added for easy and fast data sharing over short distance.You can check if your phone has NFC or not from nfcworld.com.
  3. USBOTG compatibility:- This is also a new feature which allows you to connect USB devices to your phone through a connecting wire. This can be used to connect with devices like SDR, drives, antennas, wifi dongles,etc which might be used for a wide range of attacks over different types of networks. You need to check your user manual to find out if it compatible or not. You can also Google search for this answer..

Conclusion:-
We would advice you to buy a phone in your budget which has as many features as possible so that you can experiment with it. There are various apps you can download and have fun with them.....