[TOOLS] UPDATED 2703-2013 Network tools (Pentest) for N9 (PR1.1, PR1.2 & PR1.3)
 

I compiled some different, useful, penetration test tools for our N9.

UPDATE: ETTERCAP is now with ncurses
(simple GUI) support, invoke with ettercap -C ....

Tested on PR1.1, PR1.2 and PR1.3 - working both.

Tools available:

• nmap 5.61 beta 4 unstable:
• nmap 5.51 stable:
• THC Hydra 7.2:
• ettercap 0.7.4.1
• ettercap is now with ncurses support
  Ncurses support is a 'simple' tex-based GUI, looks nice
  start this mode with ettercap -C (or use ettercap -T if it is too annoying)
  
• Screen 4.0.3
  Usefull when more shells are needed :)

(This is command-line-fu only, so you might want to add "export PATH=$PATH:/usr/local/bin:/usr/local/sbin" to your /home/user/.profile)

Download from my 4shared http://www.4shared.com/folder/49pVE4hh/_online.html and install with

ettercap :
Now working with modules, files on 4shared are updated with pcre_3.8.12_armel.deb to support this.

Hint: edit /usr/local/etc/etter.conf and change "remote_browser = "mozilla -remote openurl(http://%host%url)"" to "remote_browser = "invoker -s --type=e /user/bin/grob http://%host%url""

First, download 'ettercap-files.tar.gz' from above 4shared link

Complete ettercap installation is now available, including launch from homescreen-icon!
DOWNLOAD ETTERCAP+HOMESCREEN ICON

UPDATE:
DOWNLOAD NAT ENABLED KERNEL !!!

Screen:
First, download 'screen-files.tar.gz' from above 4shared link

Also, have a look at other tools submitted by dadaniel

Re: [TOOL]nmap portscanner for N9 (PR1.1 & PR1.2)
 

Can you prepare it for the apps.formeego.org please?

Re: [TOOL]nmap portscanner for N9 (PR1.1 & PR1.2)
 

Is there sone guidelines for how to do this?

Re: [TOOL]nmap portscanner for N9 (PR1.1 & PR1.2)
 

Just go here:

http://wiki.meego.com/MeeGo_Apps/Submit

Re: [TOOL]nmap portscanner for N9 (PR1.1 & PR1.2)
 

Thanks. Will do so :)

Re: [TOOL]nmap portscanner for N9 (PR1.1 & PR1.2)
 

Works like a charm! Thank you!

Re: [TOOL]nmap portscanner for N9 (PR1.1 & PR1.2)
 

great work!!

if you can compile the new Ettercap v 0.7.4.1 for the N9 you will be my hero!!

http://ettercap.sourceforge.net/

Re: [TOOL]nmap portscanner for N9 (PR1.1 & PR1.2)
 

Will give it a try, for now, THC Hydra is added to link in first post

Re: [TOOLS] Network tools (Pentest) for N9 (PR1.1 & PR1.2)
 

Can you shed some light on how to do meego ports - Do you use Make? How do you package dependencies? There's a couple things I'm interested in trying to compile (pianobar) and any advice you can give would be appreciated.

Re: [TOOLS] Network tools (Pentest) for N9 (PR1.1 & PR1.2)
 

maybe post a little quide for using hydra on n9 :)

figured its located in /usr/local/bin

sh hydra

hydra: line 1 Syntax Error: unexpected word (expecting ")")

Re: [TOOLS] Network tools (Pentest) for N9 (PR1.1 & PR1.2)
 

How do you use nmap?

# nmap: not found
# nmap -sP 10.0.0.0/24: not found

Re: [TOOLS] Network tools (Pentest) for N9 (PR1.1 & PR1.2)
 

/usr/local/bin/

This is the default folder for most self-compiled shezz ;)

(use: find / -name nmap, or whichever ;)

Re: [TOOLS] Network tools (Pentest) for N9 (PR1.1 & PR1.2)
 

Not in scope for these tools, as their are plenty of docs around, but here you have a short wrap-up

HOW TO USE
----------
Type "./hydra -h" to see the command line options.

$ hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e ns]
[-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-f] [-s PORT] [-S] [-vV]
server service [OPT]

Options

-R
restore a previous aborted/crashed session
-S
connect via SSL
-s <PORT>
if the service is on a different default port, define it here
-l <LOGIN> or -L <FILE>
login with LOGIN name, or load several logins from FILE
-p <PASS> or -P <FILE>
try password PASS, or load several passwords from FILE
-e <ns>
additional checks, "n" for null password, "s" try login as pass
-C <FILE>
colon seperated "login:pass" format, instead of -L/-P options
-M <FILE>
server list for parallel attacks, one entry per line
-o <FILE>
write found login/password pairs to FILE instead of stdout
-f
exit after the first found login/password pair (per host if -M)
-t <TASKS>
run TASKS number of connects in parallel (default: 16)
-w <TIME>
defines the max wait time in seconds for responses (default: 30)
-v / -V
verbose mode / show login+pass combination for each attempt
server
the target server (use either this OR the -M option)
service
the service to crack. Supported protocols: telnet ftp pop3[-ntlm] imap[-ntlm] smb smbnt http[s]-{head|get} http-{get|post}-form http-proxy cisco cisco-enable vnc ldap2 ldap3 mssql mysql oracle-listener postgres nntp socks5 rexec rlogin pcnfs snmp rsh cvs svn icq sapr3 ssh2 smtp-auth[-ntlm] pcanywhere teamspeak sip vmauthd firebird ncp afp
OPT
some service modules need special input

SPECIAL OPTIONS FOR MODULES
---------------------------
Via the third command line parameter (TARGET SERVICE OPTIONAL) or the -m
commandline option, you can pass one option to a module.
Many modules use this, a few require it!

To see the special option of a module, type:
hydra -U <module>
e.g.
./hydra -U http-post-form

The special options can be passed via the -m parameter, as 3rd command line
option or in the service://target/option format.

Examples (they are all equal):
./hydra -l test -p test -m PLAIN 127.0.0.1 imap
./hydra -l test -p test 127.0.0.1 imap PLAIN
./hydra -l test -p test imap://127.0.0.1/PLAIN

Re: [TOOL]nmap portscanner for N9 (PR1.1 & PR1.2)
 

Compiled and added to the first post. Did some testing, but not complete, so no promises that everything is good with ettercap!

Re: [TOOL]nmap portscanner for N9 (PR1.1 & PR1.2)
 

Hi nieldk, thanks for your work. I've downloaded the packages and gonna test them.
If it is not too difficult for you - could you please also compile stable release of nmap? I talk about ver 5.50 because v.5.61-1 is buggy and many features do not work!

Also is it possible to compile wireshark? It is available for n900

Re: [TOOL]nmap portscanner for N9 (PR1.1 & PR1.2)
 

nmap is no problem, wireshark, possibly I can do.
I would like to finish ettercap more complete, eg at the moment it is command line only (-T switch), but I hope I can get some GUI going.
First step, is though, to make sure it is fully functional from command line interface.

Will do nmap-stable later and add this to the first post once its done.

Re: [TOOLS] Network tools (Pentest) for N9 (PR1.1 & PR1.2)
 

thanks for the quide, seems to be working :) time to start learning this stuff, no really knowledge with linux so there is much work to be done.

also would it be possible to get yamas for n9 ?

edit.

Nmap seems to be working too.

thanks alot dk!

Re: [TOOL]nmap portscanner for N9 (PR1.1 & PR1.2)
 

thanks for ettercap much appreciated.

I have one good notice and a bad one:

first the good: Our beloved N9 network card support promiscous mode :D i have sniffing with the version of ettercap nieldk compiled and works pretty stable and fast, at least works much better ettercap do on N900.

the "only" problem is plugins dont work i have tried autoadd plugin and it doesn't activate. this is major problem because without the autoadd plugin you can't be sure you are poison all the network, all new ip with enter the network will escape from the MITM attack.

- I installed succesfully sslstrip on the N9... but here the BAD NEWS when i try to set the iptables to work ettercap with sslstrip i get the following error:

/sbin # ./iptables - t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000

iptables v1.4.8: can't initialize iptables table 'nat' : Table does not exist ( dou you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.


very crucial problem if we can't make work iptables sslstrip don't work and without sslstrip, ettercap and dsniff serve for little.

Re: [TOOL]nmap portscanner for N9 (PR1.1 & PR1.2)
 

Thanks! A LOT for testing.

Auto add plugins (and plugins) and regexp in filters I need to compile libtool, libpcre
To support SSH and SSL decryption openssl should do it.

NAT, and sslstrip, you seem correct, I dont think this is compiled into kernel, and I still did not recieve kernel sources per request (would like to patch to open mode for adding packet injection also). So, this is possibly a no-go ATM.
I did try echo "1" > /proc/sys/net/ipv4/ip_forward which seem without any effect.

Re: [TOOL]nmap portscanner for N9 (PR1.1 & PR1.2)
 

- if you can get plugins to work in ettercap will be great, now that we know it works in N9 it will be awesome have the new ettercap tottally armed :D in our N9s

- without nat and packet injection we are ****ed, we have sniffers and airckrack castrated, we will have to wait for open kernel for PR 1.2, someone knows who was the guy who compiled it?? maybe we can contact him.

- I was thinking to install the iptables of N900 into the N9 and see what happens, do you think is a good idea? or is a kernel problem and it will be for nothing?

- ipforward gives not problem to me :

after:

echo "1" > /proc/sys/net/ipv4/ip_forward

cat /proc/sys/net/ipv4/ip_forward

1

anyway you don't need kernel ipforwarding with ettercap, ettercap itself fordwards the packets, in fact after launching ettercap the value of "ip_forward" returns to 0, that is maybe you think "echo "1" > /proc/sys/net/ipv4/ip_forward" command not work, because you check the value of ip_forward after launching ettercap.

Re: [TOOL]nmap portscanner for N9 (PR1.1 & PR1.2)
 

I am quite sure I can get (some) of theplugins to work.
I didnt compile ettercap with the 'optional' libraries in this first step.
From ettercap.sourceforge.net:
To enable plugins: libltdl (part of libtool)
To have perl regexp in the filters: libpcre
To support SSH and SSL decryption: openssl 0.9.7

I already am on this, but we need kernel sources before we can proceed. We are not completely f^^^ we have promiscious mode, but we need packet injection and to do this we need the kernel sources to compile compat-wireless.

I think it will not do anything, and maybe not needed since NAT forwarding is handled by ettercap. For other purposes, we might need to compile kernel to support NAT.

Right, I had that result also, just tried this to check if that would matter for the NAT functionality.

Well, that is good news then, for the missing NAT functionality in kernel :)

/N

Re: [TOOLS] Network tools (Pentest) for N9 (PR1.1 & PR1.2)
 

BTW.
To get openssl

/N

Re: [TOOL]nmap portscanner for N9 (PR1.1 & PR1.2)
 

- for me with the "autoadd" plugin will be enough other plugins are more for fun, but "autoadd" is very basic for a sucessfull MITM attack of all of the network.

- who provides the kernel sources? nokia itself?

- yeah at least with the stock kernel we can do MITM attacks with ettercap, but other tools who needs kernel ipforwarding like dsniff will not work :(

- Offtopic: tomorrow will be officially realeased Backtrack 5 R2 with the new kernel 3.2.6, for all pentesting lovers who are interested :D

Re: [TOOL]nmap portscanner for N9 (PR1.1 & PR1.2)
 

Plugins are working, including autoload, first post updated. Install one new file pcre_3.8.12_armel.deb should be enough since you have installed the previous libs and ettercap.

Yes, Sources are requested, and confirmed to be shipped by DVD :)

Re: [TOOLS] Network tools (Pentest) for N9 (PR1.1 & PR1.2)
 

OH! And I got screen working also (listed on first post)

Re: [TOOL]nmap portscanner for N9 (PR1.1 & PR1.2)
 

great work man!! you are doing a fantastic work for this community and really fast!! I am happy someone with your talent and expertise will work in the new open kernel, for sure will be posible in the future transform the N9 into the ultimate mobile pentesting device, even superior to our beloved N900.

Re: [TOOL]nmap portscanner for N9 (PR1.1 & PR1.2)
 

Thanks. Appreciate it. I hope we will end up wirth something like a Neo(aheem) what should we call the suite once its ready to be called 'complete' (with graphics controls is my aim, hopefully something like a GTK port).

Re: [TOOL]nmap portscanner for N9 (PR1.1 & PR1.2)
 

Good idea!! I don't have your level of knowledge but i will help in everything i can!

Re: [TOOLS] Network tools (Pentest) for N9 (PR1.1 & PR1.2)
 

New version of inyection drivers for the N900 maybe it would help to create the inyection drivers for N9:

http://talk.maemo.org/showthread.php...39#post1174839

Re: [TOOLS] Network tools (Pentest) for N9 (PR1.1 & PR1.2)
 

hey man i need inception for instal this? And how can i uninstal dpkg -i libnet_1.1.2.1_armel.deb i do this dpkg -r libnet_1.1.2.1_armel.deb and nothing happen

Re: [TOOLS] Network tools (Pentest) for N9 (PR1.1 & PR1.2)
 

dpkg -r libnet

Re: [TOOLS] UPDATED 1403 Network tools (Pentest) for N9 (PR1.1 & PR1.2)
 

Annd ladys and gents, I present to you, ettercap with a (simple) GUI support (ncurses), invoke with ettercap -C (or use -T for good oldie text like before)
http://talk.maemo.org/showpost.php?p...15&postcount=1

remember to dpkg -P ettercap before installing this new version.

Re: [TOOLS] UPDATED 2203 Network tools (Pentest) for N9 (PR1.1 & PR1.2)
 

Hello Im new to using mobile devices for testing network sequrity. is inception needed for running theese apps? also Im finding it hard to follow the installation instructions. just bought a new n9 for 300€ and love it!

Re: [TOOLS] UPDATED 2203 Network tools (Pentest) for N9 (PR1.1 & PR1.2)
 

Inception is not needed for these tools. Open-Mode kernel, however, is since the tools use network monitoring mode, which cant be achieved on a stock kernel.
I will guess Inception would work, using open-sh, but I cant confirm that.

Re: [TOOLS] UPDATED 2203 Network tools (Pentest) for N9 (PR1.1 & PR1.2)
 

An update is due.
I am working on compiling netfilter NAT modules, getting closer to a result, but yet not functional.....
Compiled successfully, but still refuses to load.
Might be that I need to decide if these modules should be required to be installed on a specific kernel, for example NitDroid kernel, or my own open--mode kernel.

Re: [TOOLS] UPDATED 2203 Network tools (Pentest) for N9 (PR1.1 & PR1.2)
 

need both. i'm using nitdroid kernel ^)

Re: [TOOLS] UPDATED 2203 Network tools (Pentest) for N9 (PR1.1 & PR1.2)
 

awesome job, I was really looking forward for an nmap port for the N9, it works great, screen too. The only problem I'm having is with ettercap which I cant seem to get it to work, it keeps giving me this error:

SSL dissection needs a valid 'redir_command_on' script in the etter.conf file

ERROR : 1, Operation not permitted
[ec_main.c:drop_privs:237]

setgid()

does anyone have some idea as to what might be causing this?
thanks!

Re: [TOOLS] UPDATED 2203 Network tools (Pentest) for N9 (PR1.1 & PR1.2)
 

pls help nmap cant open device wlan0

Re: [TOOLS] UPDATED 2203 Network tools (Pentest) for N9 (PR1.1 & PR1.2)
 

Hi, first i would like to say hello to everyone for a great community here.

I am fairly new to the N9 and the Maemo/Megoo OS, i managed to install ettercap and nmap.

i am in the usr/local/bin path, but when i write nmap 192.168.1.1, it says not found. There is nmap folder in the given path. Same with ettercap, i have the destktop icon, but cant run it through terminal,

regards

Re: [TOOLS] UPDATED 2203 Network tools (Pentest) for N9 (PR1.1 & PR1.2)
 

You need to edit etter.conf and change the lines with UID and GUID to 0 (we need to run as root on the devices at all times)