How DroidSheep Works?

When users interact over the WiFi, other parties in the transmission range can also secretly listen to the event. DroidSheep works by reading all of the packets between the sender and receiver. This is ideal for checking any security vulnerabilities on your side. The only solution to avoid this is by using HTTPS. If you already have an SSL certificate implemented on your website, thus you do not need to use DroidSheep to check vulnerabilities because you're already encrypted and protected.

Why choose DroidSheep?

As opposed to other network utilities, DroidSheep is simple to use and very reliable for testing purposes. This enables you to simulate a threat and find vulnerabilities in your current network, so you can easily diagnose the issues and implement proper methods to avoid threats.

Requirements for Installing DroidSheep APK

In order to use DroidSheep for conducting tests, your device will require root permissions. If you do not have root permissions, then you cannot use this app. That's because, in order to work properly, DroidSheep requires Busybox to be installed on your device. Busybox provides your system with some additional and useful Linux commands.

When you implement an SSL certificate on your website, DroidSheep can still listen to your transmitting content, but DroidSheep cannot read the actual content because it is encrypted. Therefore, you have to decode it, in order to read the actual content. This is not practical and possible.

As of the time that I'm writing this guide, it doesn't work on Marshmallow. But I've used this successfully on Jellybeans and Kitkat and can confirm it's working.

  1. DroidSheep APK
  2. BusyBox
  3. Android Jelly Bean / KitKat
  4. Root Privileges
  5. WiFi Network

DroidSheep Installation Process

In this section, you will learn to install DroidSheep properly on your device. All DroidSheep installation steps are covered in this section, thus you do not need to search elsewhere. And please note that rooting is not covered in this guide and you have to search that on XDA forum.

You can download the Droidsheep apk from the link below. Once you downloaded the file, tap on install and it will begin installing. Once you've downloaded DroidSheep, open it. Now, it will ask you to grant root permissions in order to work properly. This message may vary, depending on which root manager you use. Once you granted root permissions to DroidSheep, it will now ask you to install Busybox.

Busybox

As I stated in the previous section, Busybox carries additional Linux commands for your device. DroidSheep needs to use these Linux commands to execute its tasks. Installing Busybox is quite simple. You have to go to Google Playstore and search Busybox on Playstore or you can use the following link.

Download DroidSheep

Now, tap on the downloaded Busybox file and install it. After that, the shortcut will be created on your menu and you have to open Busybox app. Then tap on the install button, and it will take few seconds to install it. Once the installation has completed, it will display a message like this. Now reboot your device and head back to DroidSheep app again.

Installation Successful

If you still get "Busybox not installed" on DroidSheep, then you have to check if your Busybox installed properly. If your installation was actually successful, you will only receive a disclaimer message from DroidSheep. In order to use DroidSheep, you have to accept it.

Disclaimer

How DroidSheep Works?

DroidSheep's interface is very simple and you will see two checkbox options and a start button. Next to the start button, on the left side, you will see a text field which shows DroidSheep's status. On top of the screen, you will see the spoofing address.

DroidSheep Interface

By selecting ARP checkbox, you tell other parties in your network that you're the router and they will transfer to DroidSheep. By selecting generic, DroidSheep listens to any cookie in the range. Now, all you have to do is select the option you want and start testing. You can use another device, visit any HTTP address and then DroidSheep will start to capture it.

DroidSheep Troubleshooting

When compared to other similar apps, DroidSheep is quite easy to use, but sometimes you might run in to some problems when using DroidSheep. The most common issue is its incompatibility with newer versions of Android. The only solution to overcome this is to switch back to an older version of Android temporarily. You can use an old phone of yours for this.

DroidSheep Guard

DroidSheep Guard was released with DroidSheep and it intends to protect from DroidSheep. This is more focused towards developers as it allows them to test the functionality of DroidSheep.

DroidSheep Alternatives

zANTI

zANTI is a great alternative for DroidSheep. zANTI is newer than DroidSheep and it supports almost any Android version. If you're looking for an advanced solution, then zANTI is for you. The only drawback of zANTI is that it's a little bit complex interface. But we recommend it to anyone who is looking for more advanced features.

cSploit

cSploit is an open-source application that serves the same purpose as zANTI. It's source code is freely available to public on Github. cSploit is ideal for anyone who wants to use the application and contribute to the application at the same time.

Developer Credits

Our sincere thanks to Corsin Camichel and all of the other people on Github who spent their valuable time contributing to develop DroidSheep.