Did you root your Android-based smartphone or tablet, or are you thinking about it? Well, here are seven free network-related apps that take advantage of the superuser permissions. In this list, you'll discover apps that help with the network configuration and security of your device, apps to do sharing and sniffing on networks, and apps that demonstrate network hacking and security risks.
DroidSheep by Andreas Koch
Heard of the Firefox add-on called Firesheep that can hack people's accounts? Well, this Android app provides similar web session hijacking (sidejacking) on social networking and other sites that don't fully secure logins and cookies with SSL encryption. It works on Wi-Fi networks secured with WEP or the Personal (PSK) mode of WPA or WPA2, in addition to unsecured or hotspot networks. Like other session hijacking tools, it doesn't work on WPA/WPA2-Enterprise networks using 802.1X authentication, which isn't vulnerable to user-to-user eavesdropping.
You can use DroidSheep to demonstrate to yourself or others of how easy it is to take-over other user's unsecured web sessions. You just open the app, agree to their disclaimer, and tap Start. You'll start seeing the list populate once users on the network login to unsecured sites, displaying their URLs and session IDs. Then you can tap on an entry to open the site in full or mobile view, save the cookies, or export the cookies via email.
Seeing just how simple session hacking is may prompt you or others to better secure your web sessions. Some websites, such as Facebook and Twitter, let you optionally enable HTTPS/SSL encryption. Remember, the URL of SSL-encrypted web sessions begin with https instead of http. So before logging onto any site on a public or untrusted network, you might just try adding an s to the http of the URL to see if SSL encryption is supported.
Samba File Sharing by funkyFresh
This is a Samba file sharing server that lets you access your Android's SD card on the Wi-Fi network you're connected to. You can access the password-protected file share via Windows and other operating systems that support Server Message Block (SMB), such as Mac OS X and Linux. Like other file shares, you can copy/paste and drag/drop files between your Android and other computers. You can customize the username, password, Windows workgroup name, and share (NETBIOS) name.
Before you can start sharing, you must create a password by tapping Menu > Settings > Password. You can also optionally change the default settings: username (SDCARD), workgroup (WORKGROUP), and netbios name (ANDROID).
Once configured, you simply have to tap the Samba logo on the main screen to start sharing. Then it will display the IP address and share name you can use to access the Android via other computers on the network. Like with other shares, you can type these directly into the browser (followed by two backslashes), input them into a SMB client, or browse the network to find the share.
Set DNS by Mytechie
This app lets you easily define the name servers used by your Wi-Fi and mobile network interfaces. You can speed up browsing, enable content filtering, or bypass DNS-based filters by using a third-party DNS service. Android lets you natively change the DNS server addresses for just the Wi-Fi interface and is only available if you define static IP information. However, Set DNS lets you change both interfaces and can work when using DHCP.
When you open Set DNS, you can easily select input custom DNS addresses, or select from some popular free DNS servers: Google DNS, OpenDNS, OpenDNS Family Shield, and FoolDNS. Then to activate, you'd simply tap Menu > Preferences and then choose the Locations (interfaces) you'd like to enable it for.
The Pro version of Set DNS ($1.58) lets you set a password in the app to lock down the name server settings and preferences. It also includes widgets that you can add to a home screen to quickly view and change the DNS state.
Shark for Root by Elviss Kuštans
This network sniffer is based on tcpdump and is basically a simple version of the popular WireShark application. It captures packet information from the Wi-Fi or 3G interfaces and automatically saves them to a .pcap file on the SD card. You can input tcpdump parameters to customize the sniffing sessions. You can view the dumps on your Android if you install another app (Shark Reader) or transfer the .pcap file to another computer to open in an application such as WireShark.
Once you open Shark for Root, you'll see it has the basic parameters preset (-vv ñs 0), which you can optionally change or add to. To begin capturing on the network you're connected to, you simply tap Start. You'll then see the location and filename of the .pcap file, along with its running size and number of packets captured.
SSH Tunnel by Max Lv
This app helps you surf the web privately and securely, for instance, to encrypt your traffic from local eavesdroppers at Wi-Fi hotspots or to bypass filters and geographic restrictions. It's a SSH client that can proxy the Internet connections for the entire Android system or individual apps through a SSH server. Its DNS Proxy feature can also solve the DNS pollution problem in places such as China by using the pre-defined HOSTS information from the developer's site to counteract any DNS tampering by the authorities or ISPs.
Keep in mind, this app doesn't come preconfigured with a SSH server or service. You must input connection details, login credentials, and your private/public key for a SSH server you have access to at work or home. After you configure these, the app is straightforward to use.
Wi-Fi Key Recovery by alt236
Android lets you modify the settings for Wi-Fi networks you've saved, but doesn't show you the existing passwords, similar to Windows XP. However, this simple app reveals the login credentials for Wi-Fi networks stored on your device, useful if you forget the password to a network. It also demonstrates one of the security risks if you're Android gets lost or stolen; someone can potentially get the credentials to log onto your home or work network.
After you open the app, it does a quick scan of the Android's wpa_supplicant file and lists the info for each stored Wi-Fi network. You'll see the SSID, PSK or WEP key, and the security or algorithm type. It also works for enterprise networks, showing you the extensible authentication protocol (EAP) type, identity (username), and password. You can also export a text file of the details to your SD card or share via email and other the standard Android methods.
Wireless Tether by Müller, Lemons, Buxton
This lets you share your Android's Internet connection with other computers or devices equipped with Wi-Fi or Bluetooth. It's great if your Android version or mobile service provider doesn't support tethering. For most Android devices, this app's Wi-Fi sharing creates an ad-hoc (peer-to-peer) network. Some devices support the regular infrastructure-mode, which appears to look like a real Wi-Fi router or access point to the other devices. For either mode, it takes care of handing out IP addresses to clients via DHCP.
For the Wi-Fi access, you can customize the SSID, channel, and transmit power. You can also choose the IP address range for client connections by selecting from a list of predefined subnets. In addition to supporting WEP and WPA/WPA2 encryption, you allow/deny clients before they're granted access.
Once installed, you can open the app and start the Wi-Fi tethering with just one simple tap. If you want to customize the wireless settings or use Bluetooth tethering instead, you can tap Menu > Settings.
This story, "Seven Free Network Apps for Rooted Androids" was originally published by ITworld.