Slashdot Mirror
Wi-Fi Penetration Tester In Your Pocket
00*789*00 writes "ZDNet has a story about the public launch of Immunity's Silica, a portable hacking device that can search for and join 802.11 (Wi-Fi) access points, scan other connections for open ports, and automatically launch code execution exploits from a built-in exploit platform."
I hope y'all don't mind if I won't keep a penetration tester in my back pocket, mmm'kay?
It was a joke! When you give me that look it was a joke.
But Vista has no bugs or security flaws!
The dangers of knowledge trigger emotional distress in human beings.
is that a penetration tester in your pocket or are you happy to see me?
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
I know a few people who would like the idea of a Penetration Tester In Your Pocket
It is actually a nokia n770 "internet tablet"
\\sharedstuff\My Super Secret Incriminating Documents Conveniently Zipped For You.exe
...open ports, and automatically launch code execution exploits from a built-in exploit platform...
I am betting that someone further down will succeed quite beautifully at making a sexual reference to that.
It would be spiffy to have such an automated tool on a live cd!
For $3,600, I think it's way over priced. Use a laptop, or home brew a similar device with a mcuh cheaper Zaurus:
u sheader&page=zaurus/zaurusmain
http://www.irongeek.com/i.php?submenu=zaurus/zaur
Comment removed based on user account deletion
Wow... A hacking device actually being sold by a real company. The article says "We make a fair effort to vet buyers and know where the money is coming from and who we're shipping to."
Even so, it probably won't be long before this device is being used by hackers as well as law enforcement. Actually, after thinking about it a bit, I'm not sure which use bothers me more.
... is leave dozens of wireless routers lying around, switched on, broadcasting trivially encrypted 'networks' to the surroundings - except not have anything connected to them. No internet, no servers, no ethernet cable, nothing.
The real network is hidden, strongly encrypted and using 802.11n. Beat that, hackers!
Tedious Bloggy Stuff - hooray?
Or are you just happy to prove my network?
"In God we trust, all others we monitor." -- Unofficial NSA motto
...it was Dr. Fronk who said, "Well, I guess it pretty much can only be used for evil".
Back in 2004 I wrote a novel about a fictional hacker utility which was the magic bullet of network penetration. The novel was called Z4CK and the unstoppable hacker tool with built in A.I. ran on a Zaurus SL-5500. Looks like this is all coming to fruition! The novels Z4CK and Digital Force (the follow up) are free downloads from http://www.z4ck.org/
It's a $3600 Nokia WebPad with custom software on it.
Considering the new WebPads and all being available and supported (unlike the Zaurus...), I think I'll go with that instead...
I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
Great! I can't wait to take this with me on the White House tour. Should prove interesting.
Are you...Are you some kind of genius?
No, ma'am, I'm just a regular Slashdot reader.
hmmm. $3,600. Damn. The very first thing I did was put toghether a suite of open source wifi hacking tools.
All they did was put together an easy to use gui so anyone without any computer knolwledge at all can use it.
hmm.. that's against the hackers code!
Post an article on slashdot with the words "penetrate" and "open ports" in the summary.
I don't care why you're posting AC
Gotta wonder about a picture of a chick with "penetration testing" as a caption.
God, I love IT.
I might know what I'm talkin' about, but then again, this is Slashdot...
Not because this is another slashvertisment but I believe that this product is either incredibly useless or that company will become an incredible scapegoat for the WiFi lobby.
Over the last year or so, I've considered writing an automated wireless network intrusion tool. It would:
You'd run it on a laptop that you'd carry in your backpack or in your car, on your way to/from work or just cruising around on a Sunday afternoon.
As such, it would be called the Transient Wireless Intrusion Tool, or TWIT. I just get a charge out of network security people writing about twits wandering around near the network.
This is based on the Nokia 770, so it's Linux (debian) based. What apps would we need to put together an put a frontend onto to make this a reality for either the 770 or the newer N800?
That "PDA" is a Nokia 770. Is it modified hardware-wise, I have no idea, but the device portrayed in the article is Nokia 770 that sells for under $400 (and is now surpassed by N800).
'Once scientists, even the dim-witted social scientists, get muzzled, the Western Civilization is finished.' - oldhack
Oooh, wow, an embedded CANVAS. How unique. Not really.
d/k has you dave.
I would think that the Digital Make everyone a Criminal Act would prevent a company from marketing a device like this...
I'd like to see someone program that for the OLPC laptop. I could easily envision a slashdotter transforming a simple educational device into a hightech potentially offensive military IT resource and giving it to 3rd world kids.
It's both!
A 'penetration tester' that can scan other connections for open ports, and automatically launch code execution exploits. It has self replicating code, but the doctor says there is no viral payload.
"Unheard of means only it's undreamed of yet,
Impossible means not yet done." ~~ Julia Ecklar
So...basically this would be akin to running Back|Track, but with a few improvements, like the automation or am I missing something? If this is the case, why wouldn't someone install back|track on one of these things and just add the automation? Then you could forgo most of that hefty price since all you would have to buy is the tablet.
Justify my text? I'm sorry, but it has no excuse.
I remember something about this before. Yup, it was about Silica then too.
I posted a theory about sending one to yourself through the mail activated and with a GPS so that the postal delivery vehicle does your wardriving for you. I called it warsmailing. So far no results on Google of anyone attempting it using that term.
(Why do I keep being prompted to save a download of comments.pl when I Submit?)
Oh, say does that Star-Spangled Banner entwine / The myrtle of Venus with Bacchus's vine?
I already have a wife penetration tester in my pocket, thank you very much.
can i slip one into my wifie's pocket to make sure she's been faithful?
Even worse would be Transient Wireless Attack Tool...
That was my original working title, actually :)
You should still keep your wifi open... a criminal needs to be in geographic proximity. wow. This is so much worse than someone on the other side of the country being able to break into your machine. Honestly, if we all keep our wifis open it'll be better in the long run. I don't know why it just will be i swear.
sometimes, nothing.
For a moment there, I thought I was going to have to implement spam filtering on my RSS feed from Slashdot.
It's the same bad joke over and over again until somebody post one of the following....
.... PROFIT!
"In Soviet Russia - Open Ports Penetrate You!"
or..."my back door is impenetrable YOU INSENSITIVE CLOD!!!"
or...perhaps a reference to a Beowulf cluster-f%@k
or...something ending in
then we all get sick of it.
A goal is a dream with a deadline
...does it have x-ray vision? The glasses I bought 30 years ago are looking pretty rough these days...
never bring a twinkie to a food fight.
Is this a pentration tester in your pocket?
Or are you just happy to see me?
yup, its a nokia 770, with software that costs about $2600. BARGAIN.
the only thing the nokia 770 isnt really capable of already is packet injection, so does that mean they're charging that much money for a product sticker, an injection-capable wifi driver, and some easy front ends to already existing (and compiled for debian / arm / maemo) wifi software?
ill compile a driver for a capable usb wifi card or wait for a monitor mode / packet injection patch for the 770's wifi chipset to become freely available, thanks
People spend $3600 on this How do u gain your money back? or are these people in it just to be "hackers" 1. Buy wireless exploiter 2. ???? 3. Profit!!!!
Or are you just happy to see me?
So far I've found kismet (which mostly works, but will crash the n800 if you leave it alone long enough for your screen to blank) (kismet can be found at http://eko.one.pl/maemo) And aircrack and nmap (http://www.mulliner.org/nokia770/). I know that there's a port of metasploit somewhere, but I haven't been able to find it. Also programs that use bluetooth and are designed for the 770 but not the n800 crash the n800 due to bt driver incompatabilities (the n800 uses a newer bluez stack) Does anyone know of any bluetooth scanners for the n800?
That is either the greatest or worst pickup line in the history of the world: "Hey baby, I got a penetration tester in my pocket..."
stuff |
The take on this story SHOULD be that it's possible to have a small company choose embedded Linux to deploy innovative and interesting applications on. We could have chosen Windows Mobile, of course, but Linux was technically the better choice. That's the important part here. Open Source tools get you to market faster and cheaper.
I think, the $3600 device is nothing more, but a Nokia 770 (that is clear from the photos) runnig GUI for Kismet or some sort of other Wifi scanner.
;)
Good margin!
Yes, this has the same time (10:39) as the post just a little above. But the comment number (17934584) is lower.
I'm disappointed nobody has mentioned BackTrack yet. Live, bootable Linux CD loaded with wireless scanning and hacking tools. To be honest, I haven't tried it yet, but Free sure is cheaper than $3600!
Based on the Open Source Linux operating system and the pure Python Immunity CANVAS attack framework, if one of SILICA's built in attack profiles does not fit your needs, you can easily craft one that does.
This is a nokia 770! All smirky comments aside.. (Why even bother with those when you should know what this is) So if this so called 'pen tester in a pocket' is 2500+ dollars, then what in the hell do you call a PocketPC or PDA running MiniStumbler written by Marius Milner? Besides a 2300+ dollars less costing pen tester that is. Stupidest thing I've seen all day! (I just woke up)
Where do I start with this thing?
The number of applications this device provides that are both legitimate and useful are near zero.
If you are legitimately authorized to do scans, why not do it with proper equipment? I used to warwalk all the time with an open laptop in plain view, and if anyone stopped me, I had a letter from the CIO in my hand.
If you want to truly test security are you gonna hand an idiot-proof device to some intern and tell them to push the pretty red button and run around with it? No, you are going to hire a security expert who will likely prefer proper tools.
From TFA: "...mostly from law enforcement agencies looking to do covert hacking on sensitive networks."
Whee! Illegal wiretapping! I'm sure that's kosher. If you have a warrant, then you shouldn't have any problems. See above. (Oops, I forgot that's 'legal' now. Oh well.)
Also from TFA: "It's aimed at the non-technical user interested in doing drive-by pen-tests. You start it, run a scan, connect, run your exploit, get an HTML report of what was done."
No responsible pentester runs around with surreptitious devices in 'fuck you' mode on production networks. It's a quick ticket to being fired, sued and/or arrested. Pen testing and vulnerability testing is done under strict Rules of Engagement which rarely include secondary exploitation anymore. Most organizations want you to be as hands-off and low-impact as possible. Detect a possible vulnerability, record it, and move on. If they want you to eliminate false positives and/or verify a particular vulnerability later, then you do it carefully. Cutesy shit like grabbing files, printing "OWNZORED" on network printers and AllYourBase.txt in \root is the mark of amateurs.
Nothing to see here. It's a cool toy, but if you want to do this kind of stuff on a real network, hire a real security company.
The only useful thing I see here is that the barrier to entry for wireless shenanigans has just fallen to the floor and organizations had better start ditching WEP and WPA/WPA2 and moving to 802.1X/EAP/EAPOL.
...of the exploit framework it provides, Immunity CANVAS. You`re not paying for the hardware device but for the exploits, this should be a must for every pen-tester, Aitel is one hell of an exploit writter.
janus mini-itx I quote:
The "Janus Project" is the brainchild of Kyle Williams of the Janus Wireless Security Research Group in Portland, Oregon.
Mounted inside an epoxy and silicone-sealed watertight case lives a 1.5GHz C7 powered EPIA EN 15000G motherboard, 2 x four-port PCI to mini-PCI adapters, 8 x 802.11a/b/g mini-PCI WLAN Modules, 2 x 1W 2.4Ghz WLAN amplifiers, a keyboard and a 17in LCD screen. The system can scan up to 300 wireless networks simultaneously, storing and AES encrypting in real time all the data onto its 20GB hard drive.
another case of pure hype served up by some clever slashmarketing techniques. the truly scary part is some moron in the ranks above is going to read this and decide that we will need to be frisked when entering and exiting our work area. bad enough that no portable electronic devices are permitted. all the usb ports on all our machines have tamper evident seals on them (read scotch tape).
hmm, i think i am going to to to this conference with a notebook from the 80s and tell everyone it is my new secure notebook because it has no wireless internet and no usb ports. then i am going to collect huge govt and govt contractor orders for it. then buy slashdot. then stop all the ads that show up as news on this site.
Bah. My Wifi hackybit (Nintendo DS lite) with all its own associated hackybits runs for less than $200 off the shelf, runs a variant of uClinux, and can run for a week on a battery charge (assuming most of that time is in Sleep mode waiting for the target network to come in range).
I'm actually somewhat surprised I haven't seen any stories along these lines yet. Load up a DS with wepcrack and some malware, power it on, flip it closed and mail to target. While it sits all morning in shipping/receiving, it's found the least-secure AP and begun forwarding the most interesting sniffed packets to your web server. System "flip-open" interrupt triggers power-off, clearing memory contents.
You get sensitive data, target gets a free DS. Win-win!
Caveat Emptor is not a business model.
And the n800 is already out, and mine already has a fine kismet version on it. Puh-lease!
get into some real hacking.
Get something like this (hint: there's a much cheaper one with backlight that costs only about 50 bux), read this, lean to program the MCU, add some Flash memory, learn to hack the BPU and get goin' already.
No wonder the military too are going COTS, they can't hack up anything themselves anymore unless millions of dollars are dumped into the project.
Heck, even the famous voting machine scanner from the Netherlands was in fact a hacked TomTom navigator (you can prolly find them by the roadside by the dozens, tossed out the window by some bored SUV cowboys)
The Hacker's Guide To The Kernel: Don't panic()!
Defining Statistics and Social Research