Piik - Android Network Traffic Image Extractor

Piik is a navite app for the Android platform that performs a Man in the Middle attack against a network in order to analyze the network traffic and extract all images running across the network. The images are then displayed on the android device, giving you a real time look at the image based traffic on your network. You can find more information on the app as well as the download link here:

Proof of Concept:

The Attack:

This attack is performed by first poisoning the ARP cache on the router. This directs all network traffic (both wired and wireless) that runs through the victim router through the android device first.

Next, Piik analyzes the traffic in real time for img tags which it then displays on the android device.

Clicking on an image will show the image, the image source, and the host who requested the image.

Preventing this Attack:

This attack is not something that can be performed without first gaining access to the network. If your wireless network traffic is unencrypted, then you are vulnerable to a similar attack, but Piik relies on being authenticated to the router to perform the ARP poisoning.

Anyone who is able to receive an IP Address via DHCP, or who is able to clone the identity of an existing client, will be able to perform this attack.

Be careful what you do on public networks, and make sure you are careful with who you give your home wireless router password to.