Hijacker is a Graphical User Interface for the penetration testing tools Aircrack-ng, Airodump-ng, MDK3 and Reaver. It offers a simple and easy UI to use these tools without typing commands in a console and copy&pasting MAC addresses.
This requires an ARM android device with a wireless adapter that supports Monitor Mode. Cyber security experts said that a few android devices do, but none of them natively. This means that you will need a custom firmware. Nexus 5 and any other device that uses the BCM4339 chipset will work with Nexmon. Devices that use BCM4330 can use bcmon. An alternative would be to use an external adapter that supports monitor mode in Android with an OTG cable.
The required tools are included for armv7l and aarch64 devices as of version 1.1. The Nexmon driver and management utility for BCM4339 are also included. Data security professional comments that root is also necessary, as these tools need root to work.
- View a list of access points and stations (clients) around you
- View the activity of a specific network, by measuring beacons and data packets, and its clients
- Statistics about access points and stations
- See the manufacturer of a device (AP or station) from the OUI database
- See the signal power of devices and filter the ones that are closer to you
- Save captured packets in .cap file
- Deauthenticate all the clients of a network, either targeting each one or without specific target
- Deauthenticate a specific client from the network it’s connected
- MDK3 Beacon Flooding with custom options and SSID list
- MDK3 Authentication DoS for a specific network or to everyone
- Capture a WPA handshake or gather IVs to crack a WEP network
- Reaver WPS cracking, pixie-dust attack using NetHunter chroot and external adapter
- Leave the app running in the background, optionally with a notification
- Copy commands or MAC addresses to clipboard
- Includes the required tools, no need for manual installation
- Includes the nexmon driver and management utility for BCM4339 devices
- Set commands to enable and disable monitor mode automatically
- Crack .cap files with a custom wordlist
- Create custom actions and run them on an access point or a client easily
- Sort and filter Access Points with many parameters
- Export all the gathered information to a file
- Add an alias to a device (by MAC) for easier identification
A data security professional said that you have to make sure: you are on Android 5+, you are rooted, SuperSU is required, if you are on CM/LineageOS install SuperSU, and also have a firmware to support Monitor Mode on your wireless interface.
When you run Hijacker for the first time, you will be asked whether you want to install the nexmon firmware or go to home screen. If you have installed your firmware or use an external adapter, you can just go to the home screen. Otherwise, click ‘Install Nexmon’ and follow the instructions. Keep in mind that on some devices, changing files in /system might trigger an Android security feature and your system partition will be restored when you reboot. After installing the firmware you will land on the home screen and airodump will start. Make sure you have enabled your WiFi and it’s in monitor mode.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.