How to install a sniffer in Termux without root?

Termux is an increasingly popular tool, as it is accessible to almost any user interested in programming and has a lot of complementary tools. This time, ethical hacking experts from the International Institute of Cyber Security (IICS) will show you how to create a sniffer in Termux without requiring root user permissions.

As usual, we remind you that this article was prepared for informational purposes only, so IICS is not responsible for the misuse that may be given to the information contained herein.

For those users unfamiliar with the term, remember that sniffer refers to a computer program capable of intercepting information and capturing traffic from the target system. According to experts in ethical hacking, this software captures any data flow and, if necessary, decodes the information and stores it sequentially.

The sniffer will create a fake SSDP device (UPnP) with which they can trick the target system into sending the desired information to the malicious location, keeping a detailed record of the victim’s activities. Let’s see how to use the tool presented on this occasion.

Installation

pkg update
pkg upgrade

Next, we install the packages we need: Git and Python.

apt install git -y
apt install python -y

Now we balance the instrument itself

git clone https://github.com/initstring/evil-ssdp
cd evil-ssdp

Next we will launch the tool:

python evil_ssdp.py eth0

The installation process will continue. In case you require help to use the tool, experts in ethical hacking recommend using these commands:

usage: evil_ssdp.py [-h] [-p PORT] [-t TEMPLATE] [-s SMB] [-b] [-r REALM]
                    [-u URL]
                    interface

positional arguments:
  interface             Network interface to listen on.

optional arguments:
  -h, --help            show this help message and exit
  -p PORT, --port PORT  Port for HTTP server. Defaults to 8888.
  -t TEMPLATE, --template TEMPLATE
                        Name of a folder in the templates directory. Defaults
                        to "office365". This will determine xml and phishing
                        pages used.
  -s SMB, --smb SMB     IP address of your SMB server. Defalts to the primary
                        address of the "interface" provided.
  -b, --basic           Enable base64 authentication for templates and write
                        credentials to log file.
  -r REALM, --realm REALM
                        Realm when prompting target for authentication via
                        Basic Auth.
  -u URL, --url URL     Redirect to this URL. Works with templates that do a
                        POST for logon forms and with templates that include
                        the custom redirect JavaScript (see README for more
                        info).[example: -r https://google.com]
  -a, --analyze         Run in analyze mode. Will NOT respond to any SSDP
                        queries, but will still enable and run the web server
                        for testing.

These are all the commands needed to familiarize you with the tool. Ethical hacking experts recommend trying them out for a better experience. 

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.