|
Pentesting with IT 2008 OS
I thought I'd start a list of pentesting tools fro the Nokia N-series, specifically using the 2008 OS.
Here's the compilation so far: The Aircrack-ng suite (Thanks to Collin Mulliner): http://www.mulliner.org/nokia770/fee..._0.5-1_arm.deb (wireless tools is also available from his site: http://www.mulliner.org/nokia770/fee...s_28-1_arm.deb ) Kismet http://www.internettablettalk.com/fo...ghlight=Kismet Nmap http://daveblank.com/nmap_4.50-1_armel.deb http://www.internettablettalk.com/fo...highlight=nmap Dsniff http://www.mulliner.org/nokia770/fee...b1s2-1_arm.deb (Thanks again to Mr. Mulliner. I would suggest you download his repository: http://www.mulliner.org/nokia770/mul...hinook.install) Metasploit http://mfresh-n800.blogspot.com/2007...work-3-on.html (Thanks to Paul Rubens. Check out his excellent blog here: http://mfresh-n800.blogspot.com/) Wifizoo http://www.freedomcoder.com.ar/node/95 Ettercap http://www.gronmayer.com/it/dl.php?id=205 (This is an excellent searchable list of repositories: http://www.gronmayer.com/it/index.ph...&system=maemo4) If anyone has version updates or more to add to the list please say so. Thanx |
Re: Pentesting with IT 2008 OS
Great!
What's pentesting? |
Re: Pentesting with IT 2008 OS
|
Re: Pentesting with IT 2008 OS
Here's an addendum to the Wifizoo listing: http://www.freedomcoder.com.ar/node/100
|
Re: Pentesting with IT 2008 OS
Quote:
|
Re: Pentesting with IT 2008 OS
Quote:
a mundane and monotonous job, but someone has to do it. |
Re: Pentesting with IT 2008 OS
Nice thread! :)
Did anyone try to compile/run Yersinia on the NITs? I haven't seen a show-stopper in the dependencies so far.... |
Re: Pentesting with IT 2008 OS
Try it and see. Post how iit turns out.
|
Re: Pentesting with IT 2008 OS
There is an arm and armel version for debian. Can anyone port this?
http://packages.debian.org/unstable/admin/yersinia |
Re: Pentesting with IT 2008 OS
Quote:
I thought it was: |
Re: Pentesting with IT 2008 OS
Quote:
Well there is a ncurses-based console version. That should run. I'll try and post my results once I'm home. |
Re: Pentesting with IT 2008 OS
Well, I'd just try installing the armel Debian package first (maybe with --force-depends-version, or whatever it is; our libc is older than Lenny, but most everything works...); if that doesn't work, it's always possible to install Debian, but it's probably pretty easy to at least build the ncurses version. And they say it is ahead, not behind, the GUI version, which is good...
|
Re: Pentesting with IT 2008 OS
1 Attachment(s)
Not much point going to the SVN for this one.
@Nokia Please take the time to be arsed to upload a libpcap-dev package. That way I don't have to compile it from your source. Thank you for listening. |
Re: Pentesting with IT 2008 OS
Great, Thanx for that, qwerty!
This is one of the reasons for the thread. |
Re: Pentesting with IT 2008 OS
Np :)
I haven't tested it however :/ The ncurses interface should work for sure though imho, I got some gtk warning while compiling. |
Re: Pentesting with IT 2008 OS
I'm having python problems with wifizoo. I need BaseHTTPServer, SimpleHTTPServer, and CGIHTTPServer. Are these modules available for maemo. (I checked gronmayer and did not find them but don't know if they are part of another file)
|
Re: Pentesting with IT 2008 OS
http://www.internettablettalk.com/fo...ghlight=winexe
http://www.internettablettalk.com/fo...ight=smbclient http://www.internettablettalk.com/fo...&highlight=pft http://www.internettablettalk.com/fo...021#post189021 (Not really pentesting though but may be useful). I'll update this post with some new software I plan to compile later. |
Re: Pentesting with IT 2008 OS
Quote:
Anyway, [sbox-CHINOOK_ARMEL: ~/32/PHoss] > ./PHoss PHoss (Phenoelit's own security sniffer) (c) 1999 by Phenoelit (http://www.phenoelit.de) $Revision: 1.13 $ ./PHoss [-Ppv] [-l XXXX] [-i interface ] [-f filter] -P Don't use destination ports for protocol identification -p Don't use pattern matching for protocol identification -v verbose (more increase information) -l XX Set capture length to this value (default 1525) -i int Use this interface -f xx Set packet filter. See tcpdump(1) for more -L make output linebuffered Quote:
Enjoy. Save and chmod +x. (pcap needed): http://www.mediafire.com/?ykgygzeysmm Also, Quote:
That repo has netcat on it. Also telnet is here: http://maemo.daylessday.org/repo/dis...telnet-1.5.deb |
Re: Pentesting with IT 2008 OS
Great!
Thanx for the useful post, qwerty! Got the wifizoo to stop giving me those errors by installing the python daemon. Who'd a thunk? |
Re: Pentesting with IT 2008 OS
How do I run PHoss?
I did the chmod -x |
Re: Pentesting with IT 2008 OS
Make sure you aren't trying to run it off a memory card. (Use the file manager to move it to a folder on the flash).
And it's chmod +x (- would remove an executable permission, not what we want to do here :)) |
Re: Pentesting with IT 2008 OS
It's good to list programs that have been compiled for IT2008, but because the kernel is missing NAT iptables, dsniff and ettercap are less than useful for pentesting.
|
Re: Pentesting with IT 2008 OS
apt-get source kernel-source-rx-34 and you can compile your own.
|
Re: Pentesting with IT 2008 OS
Here's another addition: Hydra!
Quote:
|
Re: Pentesting with IT 2008 OS
Ok, here is "SIPcrack - SIP login dumper/cracker"
I thought it would be fun seeing as we have inbuilt SIP client on OS2008. I'm trying to compile some other stuff atm so... :) http://www.mediafire.com/?3rhdcggfmdl |
Re: Pentesting with IT 2008 OS
2 Attachment(s)
Enjoy,
Netdiscover Netdiscover is an active/passive address reconnaissance tool, mainly developed for those wireless networks without dhcp server, when you are wardriving. It can be also used on hub/switched networks. Built on top of libnet and libpcap, it can passively detect online hosts, or search for them, by actively sending arp requests, it can also be used to inspect your network arp traffic, or find network addresses using auto scan mode, which will scan for common local networks. Amap is a next-generation tool for assistingnetwork penetration testing. It performs fast and reliable application protocol detection, independant on the TCP/UDP port they are being bound to. |
Re: Pentesting with IT 2008 OS
Great!
Here is a program (a part of the aircrack suite that I got from the Backtrack 3 beta disk) Could this be ported? I can get you the .c too if you need it |
Re: Pentesting with IT 2008 OS
Quote:
|
Re: Pentesting with IT 2008 OS
You know the BT chipset in the N800 is capable of functioning as a BT sniffer?
http://darkircop.org/bt has relevant source code... I'm gonna try a build in the next week or so. |
Re: Pentesting with IT 2008 OS
On that note, could carwhisperer be ported to OS 2008?
( http://trifinite.org/trifinite_stuff_carwhisperer.html ) |
Re: Pentesting with IT 2008 OS
Quote:
Quote:
Quote:
I wish we had J2ME at least, http://java.xor.sk/?x=ftp_bt&en=1 I have < installed on all 3 of my phones and it's fun to "hack" phones. A bluejack app would be nice. Anyway, I'm finishing packaging my latest port so I'll upload here when done. |
Re: Pentesting with IT 2008 OS
2 Attachment(s)
fast, parallel, modular, login brute-forcer for network services
Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. The goal is to support as many services which allow remote authentication as possible. The author considers following items as some of the key features of this application: * Thread-based parallel testing. Brute-force testing can be performed against multiple hosts, users or passwords concurrently. * Flexible user input. Target information (host/user/password) can be specified in a variety of ways. For example, each item can be either a single entry or a file containing multiple entries. Additionally, a combination file format allows the user to refine their target listing. * Modular design. Each service module exists as an independent .mod file. This means that no modifications are necessary to the core application in order to extend the supported list of services for brute-forcing. configure: ************************************************** ***** configure: Medusa Module Build Summary configure: configure: CVS Enabled configure: FTP Enabled configure: HTTP Enabled configure: IMAP Enabled configure: MSSQL Enabled configure: MYSQL Enabled configure: NCP ** Disabled ** configure: NNTP Enabled configure: PCANYWHERE Enabled configure: POP3 Enabled configure: POSTGRES ** Disabled ** configure: REXEC Enabled configure: RLOGIN Enabled configure: RSH Enabled configure: SMBNT Enabled configure: SMTP-AUTH ** Disabled ** configure: SMTP-VRFY Enabled configure: SNMP Enabled configure: SSH Enabled configure: SVN ** Disabled ** configure: TELNET Enabled configure: VMAUTHD Enabled configure: VNC Enabled configure: WRAPPER Enabled configure: WEB-FORM ** Disabled ** configure: configure: If a module is unexpectedly marked as disabled, check configure: above output and verify dependancies were satisfied. configure: configure: It should also be noted that, by default, not all of configure: the modules are built. Incomplete modules or modules configure: which have not been sufficiently tested may be configure: disabled. To enable non-default modules, use the configure: "--enable-module-MODULE_NAME" configure option. configure: ************************************************** ***** (If you really need a module enabled, let me know. Except for the POSTGRES stuff, I ain't trying to set up no SQL on my scratchbox) |
Re: Pentesting with IT 2008 OS
Quote:
easside-ng & wesside-ng (this is literally eastside and westside of gangster fame :P) Quote:
|
Re: Pentesting with IT 2008 OS
this is needed to run easside
Thanx for your work! |
Re: Pentesting with IT 2008 OS
dont have a clue why im following this thread... my town has a open wifi policy its neat however all the work being done...id like a bluejacker as well got it on my lifedrive ...kinda fun...
|
Re: Pentesting with IT 2008 OS
As the aircrack-ng on mulliner's repository is outdated (0.9.1)
Could this new version be ported? (I'd do it myself but have no experience in scratchbox; is there a good tutorial out there?) http://download.aircrack-ng.org/airc...1.0-rc1.tar.gz |
Re: Pentesting with IT 2008 OS
1 Attachment(s)
Quote:
w00t, I have to lengthen my message |
Re: Pentesting with IT 2008 OS
Quote:
Here is svn: http://www.internettablettalk.com/fo...941#post190941 (Even newer :P) |
Re: Pentesting with IT 2008 OS
Great!
This thread is turning out to be a great idea! Thanx to qwerty) |
Re: Pentesting with IT 2008 OS
Np, thanks for making this thread, I've always wanted to know where the hacking tools are and I've seen some ones which I'd never heard of before :)
|
| All times are GMT. The time now is 18:22. |
vBulletin® Version 3.8.8