DroidSheep is an open-source Android application made by Corsin Camichel that allows you to intercept unprotected web-browser sessions using WiFi. DroidSheep APK is a software developed only for testing security vulnerabilities and it is not made for harming any person. It works on Android platform and in order to use DroidSheep you need to have your device rooted. DroidSheep is bundled as an APK file, but if you want the source code, you can get it from original author's Github repo. This is not managed by Corsin Camichel and the content of this website should be used only as instructions.
The use of DroidSheep is done at your own discretion and risk. You will be solely responsible for any results from such activities.
When users interact over the WiFi, other parties in the transmission range can also secretly listen to the event. DroidSheep works by reading all of the packets between the sender and receiver. This is ideal for checking any security vulnerabilities on your side. The only solution to avoid this is by using HTTPS. If you already have an SSL certificate implemented on your website, thus you do not need to use DroidSheep to check vulnerabilities because you're already encrypted and protected.
As opposed to other network utilities, DroidSheep is simple to use and very reliable for testing purposes. This enables you to simulate a threat and find vulnerabilities in your current network, so you can easily diagnose the issues and implement proper methods to avoid threats.
In order to use DroidSheep for conducting tests, your device will require root permissions. If you do not have root permissions, then you cannot use this app. That's because, in order to work properly, DroidSheep requires Busybox to be installed on your device. Busybox provides your system with some additional and useful Linux commands.
When you implement an SSL certificate on your website, DroidSheep can still listen to your transmitting content, but DroidSheep cannot read the actual content because it is encrypted. Therefore, you have to decode it, in order to read the actual content. This is not practical and possible.
As of the time that I'm writing this guide, it doesn't work on Marshmallow. But I've used this successfully on Jellybeans and Kitkat and can confirm it's working.
In this section, you will learn to install DroidSheep properly on your device. All DroidSheep installation steps are covered in this section, thus you do not need to search elsewhere. And please note that rooting is not covered in this guide and you have to search that on XDA forum.
You can download the Droidsheep apk from the link below. Once you downloaded the file, tap on install and it will begin installing. Once you've downloaded DroidSheep, open it. Now, it will ask you to grant root permissions in order to work properly. This message may vary, depending on which root manager you use. Once you granted root permissions to DroidSheep, it will now ask you to install Busybox.
As I stated in the previous section, Busybox carries additional Linux commands for your device. DroidSheep needs to use these Linux commands to execute its tasks. Installing Busybox is quite simple. You have to go to Google Playstore and search Busybox on Playstore or you can use the following link.
Now, tap on the downloaded Busybox file and install it. After that, the shortcut will be created on your menu and you have to open Busybox app. Then tap on the install button, and it will take few seconds to install it. Once the installation has completed, it will display a message like this. Now reboot your device and head back to DroidSheep app again.
If you still get "Busybox not installed" on DroidSheep, then you have to check if your Busybox installed properly. If your installation was actually successful, you will only receive a disclaimer message from DroidSheep. In order to use DroidSheep, you have to accept it.
DroidSheep's interface is very simple and you will see two checkbox options and a start button. Next to the start button, on the left side, you will see a text field which shows DroidSheep's status. On top of the screen, you will see the spoofing address.
By selecting ARP checkbox, you tell other parties in your network that you're the router and they will transfer to DroidSheep. By selecting generic, DroidSheep listens to any cookie in the range. Now, all you have to do is select the option you want and start testing. You can use another device, visit any HTTP address and then DroidSheep will start to capture it.
When compared to other similar apps, DroidSheep is quite easy to use, but sometimes you might run in to some problems when using DroidSheep. The most common issue is its incompatibility with newer versions of Android. The only solution to overcome this is to switch back to an older version of Android temporarily. You can use an old phone of yours for this.
DroidSheep Guard was released with DroidSheep and it intends to protect from DroidSheep. This is more focused towards developers as it allows them to test the functionality of DroidSheep.
zANTI is a great alternative for DroidSheep. zANTI is newer than DroidSheep and it supports almost any Android version. If you're looking for an advanced solution, then zANTI is for you. The only drawback of zANTI is that it's a little bit complex interface. But we recommend it to anyone who is looking for more advanced features.
cSploit is an open-source application that serves the same purpose as zANTI. It's source code is freely available to public on Github. cSploit is ideal for anyone who wants to use the application and contribute to the application at the same time.
Our sincere thanks to Corsin Camichel and all of the other people on Github who spent their valuable time contributing to develop DroidSheep.