zANTI overview
zANTI is a penetration testing tool under the Android platform, which supports sniffing connected networks, man-in-the-middle attack testing, port scanning, cookie acquisition, and routing security testing, as shown in Figure 1.1. This tool is very powerful, starting from 2.0, all advanced features are open.
Figure 1.1 zANTI function
Most users are familiar with an Android penetration testing tool called Dsploit. However, users who like to use Dsploit tools need not worry. Because, Dsploit has been merged with the zANTI tool. Also, the zANTI tool is more powerful than the Dsploit tool. Therefore, users can use the zANTI tool to perform penetration testing very well.
Install zANTI tools
After users understand the zANTI tool, they can install and use the tool. Therefore, this section will introduce the installation method of the zANTI tool.
Get the zANTI installation package
In some Android app stores, there is no download of zANTI package available. Therefore, users must download from the official website of the zANTI tool. Its address is:
After visiting the above address in the browser, the interface shown in Figure 1.2 will open.
zANTI download page
Click the Download zANTI 2.2 (APK) command on this interface to start downloading the zANTI installation package. After the download is successful, its package name is zANTI2.apk.
Tip: Because the official website of the zANTI tool is a foreign website. Therefore, when the user accesses the above address, there will be an error message that the page cannot be accessed. In this case, users can use a VPN proxy to solve it. However, an installation package for the zANTI tools will be provided when purchasing this tutorial.
Install zANTI tools
After the user obtains the zANTI package, the tool can be installed. Since most app stores do not provide downloads of the software, users cannot install it directly. At this point, users can use the following two methods to install.
Tip: Before installing the zANTI tool, it is best to root your mobile device. Otherwise, some features of the zANTI tool will not be available.
1. Copy the downloaded installation package to the Android device
Copy the downloaded zANTI installation package zANTI2.apk to the Android device. The following will take a tablet Android device as an example to demonstrate the installation method of the zANTI tool.
(1 ) After copying the installation package to the Android device, you can view it in the “Explorer”, as shown in Figure 1.3.
Figure 1.3 Resource Manager
(2 ) From this interface, you can see the copied installation package zANTI2.apk. At this point, clicking the package will start installing the zANTI tool. After clicking the installation package, the interface shown in Figure 1.4 will be displayed.
(3 ) The interface prompts some permissions that need to be obtained to install the zANTI tool. Click the “Install” command here to start the installation. After the installation is complete, the interface shown in Figure 1.5 will be displayed.
Figure 1.4 zANTI installation interface Figure 1.5 zANTI installation completed
(4 ) From the information displayed on this interface, you can see that the zANTI tool has been installed. At this point, click the “Finish” command to return to the application interface. In the application interface, you will see that a new program named zANTI has been added, as shown in Figure 1.6.
Figure 1.6 Installed zANTI program
As you can see from this interface, the newly installed zANTI program. Next, users can use the tool to perform penetration testing.
2. Use ADB tools
ADB (Android Debug Bridge) is a general debugging tool provided by the Android SDK. Using this tool, you can manage the status of Android devices and Android emulators, and you can perform many operations, such as installing software, system upgrades, and running Shell commands. The following will introduce the use of ADB commands to install and install the zANTI tool. Among them, the syntax format is as follows:
- adb install [apk package]
The apk package in the above syntax is the name of the installed package. So, the command executed here looks like this:
- C:\Users\Administrator>adb install zANTI2.apk
After executing the above command, the display effect is shown in Figure 1.7.
Figure 1.7 zANTI tool installed successfully
From the output information, you can see that the prompt information is Success, indicating that the zANTI tool is successfully installed.
Hint: ADB tools are not the focus of this book, so I won’t go into details here. If the user does not understand the use of this tool, you can refer to the “Android Penetration Testing Getting Started Tutorial” tutorial.
This article is excerpted from: dSploitzANTI Penetration Testing Basic Tutorial University Ba internal information, please indicate the source, respect technology and IT people!
zANTI is a penetration testing toolkit under the Android platform created by Zimperium. For some unknown reason, the zANTI APK is taken by the Google Play Store. zANTI supports a variety of attacks such as Middle Attacks (MIMT), MAC address spoofing, session hijacking, vulnerability checking, password auditing, network scanning, SSL stripping and more.
zANTI requirements
1. Your Android device must be rooted.
2. Your Android device must have an ARM CPU
3. You must have an Android device with an operating system of at least 2.3 Gingerbread version.
4. To enjoy all the features of zANTI, please install Busy Box on your Android device
zANTI installation
1. Launch the Unknowns source
Go to Settings > Security > Enable Unknown Sources (This will allow you to install 3rd party apps.)
2. Download zANTI
Install zANTI on your device. and grant root privileges. Then a window will pop up like this.
Click on “I have full authority to perform penetration testing on the web”
3. Click Finish. You will see the screen shown below.
Now you have successfully installed zANTI on your Android. Now to see what zANTI can do. With zANTI, you can perform various types of attacks.
· Hijack HTTP sessions.
· Audit password
·MIMT
· Network scanning.
· Capture downloads.
·Using a router
· MAC address spoofing.
· Create a fake wifi hotspot.
· Modify HTTP requests.
How to use zANTI APK
1. MAC replacement
With the help of MAC Changer, you can easily change the MAC address on your Android device. So let’s talk about how to use it.
Swipe from the left and you’ll see a screen like this.
Browse and click on MAC Changer.
Turn off “Generate Random” if you want to use a custom MAC address, then type in the MAC address you want to use. Otherwise, click “Set New MAC Address” and wait a few seconds, and you will get a new MAC address.
2. zTether
zTether is the most interesting module of zANTI. zThether is also known as MIMT”. It creates a network of malicious hotspots, which means all traffic goes through your device (you are becoming a human in the middle) so that you can easily view and modify traffic requests.
If you successfully acquire users on a malicious network. Click on the first recorded request to see all the activities of the victim as shown in the image below.
You can click on any recorded activity to get more details..
Allows each HTTP request to use the zPACK editor, by swapping to the left you can easily modify the request and send it to the victim.
in conclusion
Now that we have learned the basic tutorial of zANTI, we can play happily, but please do not attack illegally.
