Re: Pentesting with IT 2008 OS
 

w3af seems to be mostly python, so it should be possible

Re: Pentesting with IT 2008 OS
 

Ok so w3af is running I just have to test it more to make sure it is fully working, there is a python2.5-pyopenssl that can be used an seems to work

Re: Pentesting with IT 2008 OS
 

Seems the CLI works like a charm

But the GTK user interface is broke, Cli for the win anyway

Re: Pentesting with IT 2008 OS
 

Great!
Could you upload a deb once you et the gtk working?
Thanx

Re: Pentesting with IT 2008 OS
 

I am not really a programmer so getting the gtk ui to work may be abit too much for me to do, but I don't see whats wrong with just useing the Cli insted?

Re: Pentesting with IT 2008 OS
 

we could always ask qwerty12

Re: Pentesting with IT 2008 OS
 

Could do, but im happy enough useing w3af's cli

Re: Pentesting with IT 2008 OS
 

:/ since the latest update w3af stoped working, I had reflashed an updated went to install the libs python needs an im getting

MiniDemon:~/WorkBench/w3af/extlib/pygoogle# python setup.py install
Traceback (most recent call last):
File "setup.py", line 2, in <module>
from distutils.core import setup
ImportError: No module named distutils.core

Any ideas?


I asm missing python2.5-sdk :|

Re: Pentesting with IT 2008 OS
 

Thanks to all for a great thread!

I'm having some trouble with netdiscover, it is having trouble fitting on the screen. Is there something I'm missing? Redirecting output to a file doesn't help, since the file still has the screen-formatting stuff in it.

Someone mentioned having trouble with nokismet.... I installed it on my N800 after re-flashing the OS (I'm at 4.2008.30-2 now) and it runs well. I had to install libpcap seperately and it still has the issue with leaving the WiFi card in limbo, but it is working fine otherwise.

Walt

Re: Pentesting with IT 2008 OS
 

On the subject of libpcap, I am not finding it anywhere. I was following the instructions someone left in another thread (red pill mode, install ncurses-base and libpcap prior to installing kismet) and was able to locate the listed nurses-base and kismet, but not libpcap. Where can I find it? How to install? Please bear in mind I am new to the tablet and just discovered the red pill mode, so the more detailed instructions, the better...

Re: Pentesting with IT 2008 OS
 

Google is your Friend :D

Googling for "libpcap n800" leads you to gronmayer's excellent site:
http://www.gronmayer.com/it/index.ph...&system=maemo3
There you will find all sorts of repositories for the N800. Enter "libpcap" into the search window (Be sure to click on your correct OS version first) and you will find a list of the repositories that have libpcap in them. If you are doing all this on the Nokia, then you can just click on the green "install" arrow and the repository will be added into the Application Manager for you. If not, you will need to manually enter the URL into Application Manager; select Tools/Application catalogue from the menu.

Once that's done you can install the package normally. You will need to be in Red Pill mode to see libpcap, I'm fairly sure.

HTH
Walt

Re: Pentesting with IT 2008 OS
 

Just wondering, whats the simplest way to go around pentesting with the latest diablo? that is simple to install and use... thanks. just so i don't start a new thread XD I tried a few of the debs in the first page, but non of the installed.

Re: Pentesting with IT 2008 OS
 

Can the aircrack-ng suite work on the N810? Specially airodump...

Re: Pentesting with IT 2008 OS
 

Im guessing nobodys willing to make a easy(read: for ppl that are new to linux) on how to get aircrack working on the newest os08 version? Because i get incompatible errors when i try to install any of the apps mentioned in the first post.

Re: Pentesting with IT 2008 OS
 

i got john the ripper 1.7.3 working on my n810 heres my compiled version nothing special it works it just runs slow =p

John

Re: Pentesting with IT 2008 OS
 

LinXitoW, other places list how to use them. It may be worth learning the tools tools on a safe full install before filling up the storage on a hand held.

Re: Pentesting with IT 2008 OS
 

Yes, airodump-ng works. The only thing that's not working is aireplay-ng since the driver doesn't support injection.

Airodump leaves the wlan unusuable for the tablet, though. You have to reboot to be able to connect to a WiFi again.

edit:
I stand corrected!
A simple "airmon-ng stop wlan0" makes the wi-fi usuable again.
Great that this has been fixed :)

Re: Pentesting with IT 2008 OS
 

p.s i loaded alot of the information about this post in my blog
http://b1ackdeath.blogspot.com/2008/...r-pentest.html

=p

Re: Pentesting with IT 2008 OS
 

Will any of these apps allow me to, on a wifi network, see the device names like "Johnskomputer" - (not the IP addresses) of the computers connected - or is that information never made available?

Update:

Using nmap I can see all IP addresses connected to the network
Using mtr-tiny I can see my tablet name and activity

Any app that combines both? :)

Re: Pentesting with IT 2008 OS
 

Autoscan will show you the computer name,

on my blog theres a link

Re: Pentesting with IT 2008 OS
 

@black
Thanks!
That works really well on my N810 - already proved to be useful this evening.

I find it to be much easier to use than nmap - but will keep nmap for the quick command line (uninstalled zenmap) check.

Questions:

1)In the lower right corner it tells me that there is an update available but I can't seem to find where that may reside.
Any ideas?

2) Is this by the way kept in a repo somewhere or just available from their homepage?

3) On the NIT screenshots on your blog you have an icon at top named 'View' which I don't have. It also seems like you can view the devices in a tree-form which I can't..
I got version 1.40.

4) Is there any app that can show me what is happening on a certain port. In particular, can I see what website is being active on 80 for instance?

(I tried using netcat but am never able to get any information to show. Maybe my parameters are wrong)

Update: Maybe I can use telnet for this. Will try tomorrow.

Thanks again, this is by far the best, simple to use network/intrusion detection tool I've seen on the N810.

Btw, you should post more on your blog (linked to in your post) there is some very good info there.

Re: Pentesting with IT 2008 OS
 

iv been very lazy, and my n810 has a broken power port so i haven't had alot of time to play with it.

1) if you have the latest one then theirs no new update . as long as you got it off the autoscan web site.

2) it may be but i'm not sure. i usual mirror the files in case they ever disappear.

3) i'm not positive what version you have if u don't have the view option. but all the verison's iv used all had them computer or ITT

4) like seeing if the port is open or getting like a html banner?
like some thing like these

since my n810 hasnt been working properly i havnt been able to do a whole lot with it.

heres an old video of my n810 and its apps

Re: Pentesting with IT 2008 OS
 

nice blog black-is-4-eternity.... bookmark!