Feeling evil lately? Have a roommate that likes to hog the bandwidth on your network? Or even repeat intruders on your unsecured wifi because you are too lazy to set security? All is well, all is well. While browsing through the GetJar app store a couple days ago, I came across a very sinister app. Please, it is best you stop reading now if you do not have the stomach for evil-capable apps.
Still there huh? Then let me introduce WiFiKill, an ad-supported Android App capable of wreaking havoc across all open wireless networks. This app allows the user to scan the wireless network he/she is connected to and sever connections for specific devices. A program like this would be useful for monitoring an open wireless network for unwanted intruders, or to temporarily stop a sibling from hogging all the bandwidth. However, it is also very black hat capable and that is why it is removed from the official Android Market.
Suffice to say, I am only reviewing this app for the purposes of knowledge and encourage you to use it responsibly. If you decide to use WiFiKill around public facilities and start killing people’s connections, you CAN get caught. According to someone from the XDA-Developers Forum, two college students recently caught using this app on campus with ill-intents were suspended.
Suffice to say, I am only reviewing this app for the purposes of knowledge and encourage you to use it responsibly. If you decide to use WiFiKill around public facilities and start killing people’s connections, you CAN get caught. According to someone from the XDA-Developers Forum, two college students recently caught using this app on campus with ill-intents were suspended.
Setting up WiFiKill
Now that we got the legalities out of the way, let’s get cooking.
- We want to do all this directly on your phone, so whip it out.
- First visit the xda-developer’s WiFiKill page and download the WiFiKill.apk file (it is at the end of the first post under “Attached Files”).
- Install on your phone after download is finished (just open that .apk file).
- Launch it and wait for the loading to complete. You should see similar to the following:
- Touch the ON button and it will start scanning your network for connected devices.
- From here on out, it is pretty self explanatory. Mark a check on whichever device you want to disrupt the connection.
- (Unnecessary) If you press your phone’s menu key and touch Settings, it will bring up:
- Under “Killing rules,” the developer recommends disabling the use of iptables if your device does not support it.
- Right under that, if you do enable iptables, touch “Reject method” and you will get:
The following describes each of the types of Rejecting Methods, and is taken from the developer’s website:
*****
There are 4 options to kill the connections coming through the phone:
1) Don't use iptables
- this will only put 0 in the /proc/sys/net/ipv4/ip_forward, which will drop each packet from the client point of view the browser will try to load the page indefinitely like having a 1kbps internet connection each connection will just time out. This is the best way if your device don't have iptables!
2) Use iptables + DROP policy
- this has similar effect to the previous but the packets are dropped in the iptables
3) Use iptables + REJECT target
- this will reject packets sending either RST packets for each tcp connection or icmp-port-unreach for udp connections, from client POV this will kill all connections pages will just look like they are temporarily down, browser won't load long it will instantly go off, REJECT target support is needed in order for this to work.
4) Use iptables + redirect to 127.0.0.1:1
- this should have similar effect to the 3rd option but if your device don't have reject target, all tcp connections are redirected to your device and port 1 which is mostly unused and this also will send RST for each connection.
1) Don't use iptables
- this will only put 0 in the /proc/sys/net/ipv4/ip_forward, which will drop each packet from the client point of view the browser will try to load the page indefinitely like having a 1kbps internet connection each connection will just time out. This is the best way if your device don't have iptables!
2) Use iptables + DROP policy
- this has similar effect to the previous but the packets are dropped in the iptables
3) Use iptables + REJECT target
- this will reject packets sending either RST packets for each tcp connection or icmp-port-unreach for udp connections, from client POV this will kill all connections pages will just look like they are temporarily down, browser won't load long it will instantly go off, REJECT target support is needed in order for this to work.
4) Use iptables + redirect to 127.0.0.1:1
- this should have similar effect to the 3rd option but if your device don't have reject target, all tcp connections are redirected to your device and port 1 which is mostly unused and this also will send RST for each connection.
*****
It is not that important to know any of this, but it is interesting information nonetheless. You do not have to tweak with the settings at all. Leaving it at default should work for most, if not all phones.
Conclusion
One thing I noticed was that the phone had to be on at all times for the wifi disruption to continue working. The app does not cut off device connections in one hit, which means WiFiKill has to be constantly running for the connection to be disrupted. Putting the phone on standby will enable the connection again. Also, the wifi connection is not completely disabled (which is why I keep using the term “disrupted”), because at times I can still manage to load a page or two, even though it takes centuries.
You can chuckle at him and remark, “All your bandwidth are belong to me.”
Developer: Ponury
Version reviewed: WiFiKill 1.4
Download size: under 1 MB
Platform: Android 2.1+ (rooted)
Price: Free, Ad-Supported
Project Homepage: http://forum.ponury.net/
XDA-Developers Page: http://forum.xda-developers.com/showthread.php?t=1282900
Donation Version Ad-Free: http://slideme.org/application/wifikill
Thanks for the download links. I couldn't find this anywhere since Google took it down from the Android Market.
ReplyDelete@Sam: Yep, xda is full of wonders. Enjoy!
ReplyDeleteI hv a situation=i work at a warehouse dat hv wifi con for the company but som of us manage to get the password and it seems dat the ITs didnt cared much. I also know dat they knew we're using it. But the real problem is there is a guy who also sharing wifi con like everyone else, then start using this app like he own the wifi that can be very irritating. Wht im worried about if the owner of wifi noticed about dis they might cut off or restrict of wifi. Dat is a problem to everyone. This guy was too dumb to think dat no one is noticed. Why cant he juz share fairly n nicely without being too selfish. Is there a way to counter this bug dat took a shape of a man?
ReplyDelete