DroidSheep – android hijacking tool

DroidSheep is a primar Android tool for web hijacking (sidejacking). It will listen at HTTP packets that are sent through a wireless (802.11) network connection and it will pull the session id from the packets so it will reuse them.

DroidSheep can discover sessions using the libpcap library and it has suport for: OPEN Networks WEP encrypted networks WPA and WPA2 encrypted networks (PSK only). The software used by DroidSheep is libpcap and arpspoof.

DroidSheep’s main purpose is to show how EASY it is to take over almost any internet account. Using the DroidSheep any user, even if it is not an experienced user, can check if his web session can be compromised or not. For these users it is hard to determine, if the data is sent using HTTPS or not, specially while running apps.

Here’s two demonstrations of what DroidSheep can do: