zANTI is very infamous when it comes to hacking apps for Android. This is because various people confuse it to be such an app. It was primarily developed for penetration testing purposes and is a toolkit. Originally developed by a company called Zimperium Mobile Security it has since not been kept updated has seen various unofficial changes to the source code.
This article will show you step-by-step how to use zANTI for various purposes such as to hack wifi passwords. The best part about our guide is that it will work without root.
- 1 zANTI Features covered in this tutorial
- 2 How To Use zANTI (A Step-by-step guide)
- 3 Configure and Setup zANTI
- 4 zANTI Modules Setup
- 5 Conclusion: Do you use zANTI?
zANTI Features covered in this tutorial
- Hacking WiFi: This is a popular topic asked and searched a lot by users online. This simple app can let you guess someone’s password using the built-in tools that it provides you.
- Change Device address: This allows you to change the physical MAC address of any devices, you could use this to bypass any Mac-filtration in place on routers or switches.
- Password audit: This allows you to check the strength of passwords on the networks, tools such as Fern Wifi cracker can help for this task on Ubuntu and Windows.
- Malicious WiFi Hotspot: You know that all of us are looking for free internet when needed. However, not everything free is good and the same goes for wireless access points. These can be maliciously created using zANTI so that you can track/capture the traffic of any device connected to your device.
- Capture any HTTP traffic: You will be able to see any website they have visited or what they are doing in their browser.
- Search for vulnerabilities: You can look for famous bugs in Linux servers including the popular Linux Shellshock. This allowed you access to the (root) user of bash so that it can be compromised further.
- SSL Poodle MiTM Attack: This was a vulnerability discovered in SSL 3.0. This vulnerability allows attackers to see encrypted messages. An example would be of seeing WhatsApp messages similar to how the WhatsApp crash code works.
How To Use zANTI (A Step-by-step guide)
Below is the ultimate zANTI how-to that works without root and can allow you to hack WiFi.
Configure and Setup zANTI
Step #1: Downloading zANTI (Latest Release)
First of all, you will need to have a clean and safe version of zANTI to download so that you can later go on and install it on your device. This can be either Android, Linux, or Windows.
Step #2: Install zANTI (The Easy Way)
Once you launch the app, you will be prompted with installing apps from unknown sources, please accept that. Once it has been installed a root access prompt will appear mostly from SuperSU which you will need to grant.
Step #3: Sign up for an account
Now you will need to enter your details. This includes your email address and accepts Zimperium’s terms and conditions. This will help you join their zNetwork community. This is optional and you do not have to join and can also skip if wanted. Joining the zNetwork allow you to share vulnerability and other such information with their intelligence teams.
Step #4: Penetration testing
Now you can start pentesting on the network. First, you will need to confirm if you have all the correct permissions and are authorized to perform such scanning on the network.
zANTI Modules Setup
How to use zTether
zTether is a module that allows you to create your own malicious wireless hotspot on the go. Why would you do that? Well, this is so you can capture network traffic.
To turn it on please follow the steps below:
- Click on the “Tether Control” slider on the top-right and turn it to “On”.
- Now you have started your own “free” wireless network. This will allow users to connect to your network.
- To view their traffic click on “Logged Requests”. This will display all the active and real-time HTTP requests being served. This can include any sensitive passwords if they are on an insecure login page.
How to use Mac Changer
People have been changing Mac Addresses on their devices for quite some time now. However, this process is very technical, dangerous, and requires skill. To use zANTI’s built-in Mac Changer feature is very easy and anyone can use it.
The uniqueness of this tool is that it generates random addresses which are valid. You can do so by selecting “Set new Mac Address”. You can also manually type in the Mac Address you prefer but I would not advise you to use this option.
How to use zPacketEditor (Recommended Feature)
This feature is only for professional security and ethical hackers. You can use this for editing HTTP request packets on the network.
To use it:
- First, you will have to turn the module on from the app.
- Now you will start seeing live traffic on the wifi network you are connected to or the hotspot you created above using zTether.
- These will mostly be URL addresses all starting with “HTTP”. To send one you will need to swipe-right and to edit it will be to swipe-left.
HTTP Redirect and Image Replacement
If you want to change the destination of a website a user is visiting you can do so. This can be for purposes such as phishing. You could redirect a user trying to visit the official Gmail page to a phishing page. By default, this feature redirects to a number of Zimperium servers. You will have to manually specify the specific site where you want the traffic to go by entering in the “URL” field.
The “Replace Images” feature allows you to do the same but with images. This allows you to change a particular image in a webpage that a user is trying to visit. You can select one of your choices from your Gallery or from the web such as Google Images.
Capture all downloads
As you can intercept simple HTTP traffic, you can also intercept what other users are downloading. These can be either important PDF files or Word Documents. You can specifically tell zANTI that you would only like to capture PDF or Word files and it will only scan the network for any requests being made for a PDF or Word file. You can later choose to save it to your device storage locally or save it to an SD Card.
Routerpwn and HTML Insertion
Routerpwn.com is a site that holds a database of router vulnerabilities. It contains exploits from various router companies including Netgear, TP-Link, Asus, and Linksys. These work and integrate solely very easily with the feature of zANTI. Once you exploit it you can use our list of default router logins to access the administrative dashboard.
If you want to insert HTML into an HTTP request that a user has done on your network you can do so easily. For this to work, you will need to turn on the module and insert your code. This can either be any malicious code or even an XSS code you are trying to inject on the site or even an SQL Injection. Alternatively, you can download tools such as Havij to perform such tasks.
Perform Password Complexity Tests
You can also try to crack passwords with this tool. It is very simple.
- Go to “Options”.
- Now select “Password Audits”.
- Now you will need to select a “Cracking Method”.
- Select Go.
You cannot use any other password dictionaries apart from the default one available to you. However, I would recommend trying RockYou 2021 (txt) which is over 100GB of credentials.
Conclusion: Do you use zANTI?
We are always looking for interesting and exciting hacking apps to install on our devices but never tend to properly learn them. This guide is all about knowledge on how to use zANTI. You can then use these methods for hacking WiFi or even cracking passwords all without root access. Isn’t that great? Do let me know if you want to learn about any other apps.