Skip to main content

Posts

Showing posts from April 29, 2008

Intel - IPW3945

Driver : IPW3945 Special Notes : Enable the drivers via KDE menu or cd /usr/src/drivers/ipw3945-1.2.0/ && ./load Special Notes : Enters monitor mode, but cannot inject Special Notes : You may need to start the image with "bt irqpoll" Good way to tell: you see what looks like function call backtraces on startup and the suggestion to run "bt irqpoll" scrolls by pretty fast. Check your dmesg for more details if it scrolls too fast for you. Driver : IPWRAW, A guide can be found [here] Or an easy to use lzm module can be found here [here] Note : This driver is not included in Backtrack2 by default. Special Notes : Locked in monitor mode and can be used in all aireplay-ng attacks. For Kismet, edit your Kismet.conf to "source=ipw3945,wifi0,Intel" Notice: After starting airodump-ng only run one command at a time. If you do not your system may hang or freeze. ifconfig wifi0 down #Change to AP BSSID nano /sys/class/net/wifi0/device/bssid # Channel of AP ...

Barbelo - netstumbler/kismet like functionality

Barbelo is a wireless (WiFi) security related toolset for Symbian S60 v3. It currently supports, in a primitive form: Standart netstumbler/kismet like functionality. GPS support to map networks. Roadmap The plan is to implement the following: Aircrack like functionality. IP-over-DNS. VAP support and other crazy stuff? Notes It seems that the wifi card on phones and Symbian are quite capable, if you know the right API. JoikuSpot is an app that turns your phone into an access point. Perhaps Symbian allows applications to do raw 802.11 networking. If so, coding aircrack-like apps is possible. Ideally, IP-over-DNS would be implemented like a "vpn". That is, all traffic from the phone passes to the application, and the application tunnels it over DNS. This requires Symbian to have something like UNIX's tap interface. If it doesn't though, we can code IP-over-DNS by setting the web proxy of the browser to 127.0.0.1 and faking a proxy in the application. This will forward on...

BlueMaho, a Bluetooth Security Testing Suite

BlueMaho is GUI-shell (interface) for suite of tools for testing security of bluetooth devices. It is freeware, opensource, written on python, uses wxPyhon. It can be used for testing BT-devices for known vulnerabilities and major thing to do - testing to find unknown vulns. What it can do? (features) * scan for devices, show advanced info, SDP records, vendor etc * loop scan - it can scan all time, showing you online devices * alerts with sound if new device found * on_new_device - you can specify what command should it run when it founds new device * it can use separate dongles - one for scanning (loop scan) and one for running tools or exploits * send files * change name, class, mode, BD_ADDR of local HCI devices * save results in database * tracking - it can show when remote device was seen first and how many times * position feature - it can write to database WHERE scanned device was found (you specify location by yourself) * test remote device for known vulnerabilities (see explo...

SIMable - Puts an end to complicated mobile phone unlocking

SIMable is an innovative little chip that frees your SIM card to work in the vast majority of mobile phones. We all know that the very latest 3G devices can be very difficult and expensive to unlock and SIMable is the 10 second solution without invalidating any warranty on your precious handset. Fitting SIMable is quick and simple and full instructions can be downloaded here . This involves pressing out a very small hole in your SIM card and we even include a free cutting tool with every purchase. Once done simply align SIMable to your SIM card, insert into your locked mobile phone and start talking. SIMable is compatible with most mobile phones including the latest Nokia E and N Series and the top of the range Sony Ericssons.