Nmap Announce mailing list archives
Re: nmap for PalmOS
From: Fyodor <fyodor () insecure org>
Date: Tue, 25 Apr 2000 22:59:43 -0700 (PDT)
Here is an interesting post from Emerson regarding 10Mbps Ethernet cradle availability (appended). The URL for the cradle he mentions seems to be http://www.palm.com/products/enterprise/ethernet.html . They have a FAQ available on that page which says it is $249 and "is scheduled for general availability in March 2000". But I called them and they said it was not ready yet and they couldn't provide any further details. The web page above says "mid - 2000". It is far from ideal for covert operations anyway, due to size, power requirement (you have to plug it in), and lack of palm V form factor support. As a side note, I received like 40 responses on this thread. Since the link to Nmap is rather tenuous, I can't post all of them. I've been trying to post the ones with the most new information. I have been thinking about a Palm port of Nmap for a long time, although I haven't had a chance to do anything constructive yet. I'm glad to see others are taking up the challenge. From all the responses it is clear that there are many of us who would like to use our Palms as a mobile network penetration device :). You could sneak into the corporation you are auditing, plug into any handy 10BaseT jack and immediately start up your palm sniffers, scanners, named exploits, etc. It would be nicer if you could leave the unit there and have it mail you the scan results (or new passwords whenever the sniffer catches one). You could hide a Palm anywhere -- in a wiring closet, or taped under a desk, or inside those cubicle-compartments that house the 10baseT ports and AC plugins. And of course one could write a relatively simple app that establishes an outbound connection to an external IP address and offers simple connection proxying to that computer so that you can bypass the firewall from outside and continue to hack away at the network from the privacy of your hotel room. Of course these last suggestions raise battery life issues, but at worse you would just have to plug it in to AC as well as ether. Lets see what we have in our Palm arsenal so far: Port scanner -- In progress Wardialer -- TBD by L0pht (closed source :( ) -- http://www.l0pht.com/~kingpin/pilot.html). ssh client -- Top Gun SSH (open source) -- http://www.isaac.cs.berkeley.edu/pilot/ telnet client -- Top Gun Telnet (same URL as above) Net libraries -- Berkeley Sockets are available in SDK Encryption libraries/programs -- Widely available Apple II Pornography -- http://www.l0pht.com/~kingpin/hairy15.zip Mudge's Cisco password decryptor -- http://www.l0pht.com/~kingpin/cisco.zip Some applications may require use of undocumented PalmOS features. If anyone has access to the PalmOS source, please drop me a line. I have some simple questions about it. Oh yeah, and here is the message that I only meant to add a couple quick comments to :) ---------- Forwarded message ---------- Date: Tue, 25 Apr 2000 17:01:50 -0600 From: Emerson <nutter () technologist com> To: bart () ixori demon nl, mike () getbent net Cc: nmap-hackers () insecure org Subject: Re: nmap for PalmOS -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 03:23 PM 4/25/00 +0200, Bart van Leeuwen wrote:
Which might be of concern when scanning internet connected machines and having to pay for it yourself.. If you have to scan a supposedly closed network then you don't dial in on the internet and this argument doesn't play much of a role anymore. btw, the only way I know off to connect a palm III etc. to an ethernet is by using a machine that will act as a router betwen a ppp connection with the palm and your ethernet... no direct connection, and often not evenpractical to setup for the purpose of a portscan.. but in my case I happen to have such a setup for other purposes already, and in that case a palm becomes quite practical for such things.
There is a Palm Ethernet cradle available and some devices that use Palm OS like the ruggedised handhelp from Symbol do have PCMCIA slots that can take wireless ethernet cards (which probably kill the batteries rally fast). So you can hook up your plam to the local ehternet. The Palm WWW page on the ethernet cradle suggests putting them in public places and in cafeterias and meeting rooms. The cradle itself might be DHCP aware, as it says requires a DHCP server(or is the DHCP client internal to Palm OS - anyone know?). Also it looks like it was designed with the goal of being able to hot-sync with a hot-sync server. If N-map for palm were created, I can easily imagine being able to go into a place, hook my palm up to the cradle in the lobby and then promptly scan the entire place, probably from within the corporate security perimeter, have my meeting and then leave, with a full picture of what their network looks like from the inside. Great for marketing security services "look what I found just by plugging this in; why don't you hire us" ;-) . Come to think of it, that raises an interesting point, things like that palm cradle probably want to be placed on the dirty side of a firewall, esp if things like netcat for palm come into extistence (that might be an interesting project, I wonder if anyone has done that yet?) All that being said, I still think that N-map for palm is an interesting engineering excercise, and it is likely that some pervertedly creative soul will find legitimate use for it..... ;-) Just random thoughts with no inherent value..... Emerson -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com> iQA/AwUBOQYj3bAwpha8VR2jEQKfdwCfR84R72Hqx5W8BkJBJecOY84tEZ4AoN7R +sPr6qg34gwRq3j5duI9aFA1 =6eaT -----END PGP SIGNATURE----- --- "Who kills a man kills a reasonable creature, God's image; but he who destroys a book, kills reason itself, kills the Image of God" - John Milton Emerson nutter () technologist com:PGP pubkey on request: ICQ 13396569
Current thread:
- Re: nmap for PalmOS Mike Nielsen (Apr 24)
- Re: nmap for PalmOS Bart van Leeuwen (Apr 25)
- <Possible follow-ups>
- Re: nmap for PalmOS Fyodor (Apr 25)