FaceNiff -Android App Intercept web session profiles over WiFi Connection
FaceNiff – Hacking Tool: Faceniff is an Android app for hackers & users who are concerned about their security and want to test their networks for vulnerabilities. Faceniff allows an attacker to easily steal sensitive information such as Facebook, Twitter, Youtube Account Username & Passwords using Man-in-the-middle (MiTM) attack techniques. (FaceNiff will work on 80% of websites) some sites using HSTS (HTTP Strict Transport Security) will need a little extra work such as SSLStrip2 Integration.
Image Credits: Faceniff
Intercepting Web Sessions
- First download install Faceniff app
- Open Faceniff once it has installed
- Grant Faceniff Root Access
navigate to the top left button labeled “Offline” Turn Button to “Online”. Mode then tap on the label “START”.
If you are using HTTPS websites turn on SSLSniff
The FaceNiff application will then start to display the unencrypted sessions.
- Stealth mode
- SSL strip integration
- Export and import sessions
- Vibration alert when FaceNiff has found new profiles
- Filter the session ID cookies.
If you enjoyed this article please consider sharing it on social media and with your friends thanks for supporting HackingVision.