Metasploit mailing list archives
Hand Held Auditing Device
From: Robert.Clark at cern.ch (Robert Clark)
Date: Wed, 07 Feb 2007 09:33:14 +0100
H D Moore wrote:
Metasploit 3 *works* on the Zaurus, the Nokia 770, and the Nokia n800 (so I here), but besides being slow, the UI is just not cut it for a handheld device. Tab completion rocks when you have a full keyboard and it almost pointless when you are trying to hunt and peck with your thumbs :-) If someone decided to build a mini-GUI (similar to the new GTK UI being built now), it would go a long ways toward handheld portability. Even with the best UI in the world, there is only so fast you can input commands using a handheld. The most efficient use of a handheld is to launch pre-configured attacks and monitor the status via a nice UI. Working with a windows command shell (or even meterp) is going to be a real pain no matter what kind of UI you make. The limitations with the Nokia 770 platform are: * Slow CPU (this is much better with the n800) * Limited RAM (metasploit can be quite piggy sometimes) * Extremely slow storage (even with RS-MMC, maybe 300K/s) * No raw wireless TX support (no fun wifi exploits) * The devices auto-suspends w/o input, without on obvious way to disable * No "real" USB host mode (without external power + cable + storage) The Zaurus I have (5500) has similar limitations, but at least the storage and WiFi is less of an issue) -HD On Wednesday 07 February 2007 00:22, Dave King wrote:A couple of things you might want to know are that you may want to be careful choosing a device if you want metasploit 3 and Nessus 3.x to run on them. With Metasploit 3 I remember hearing that it doesn't work on the n770 for example (I haven't heard if it works on the n800 though). I believe the Silica runs on one of these. I think it's a ruby slowdown thing but I'm not sure. I tried to get it to run on an iPaq using familar and had the same problems.
Hi, There have been lots of good points raised! The pepperpad, though a very cute toy in itself is too chunky for what I am looking for.... As this is for my dissertation there is more to it than simply building a Linux handheld to support nessus and metasploit. The real crux of the work is in building an underlying logic into the 'system' so that true automated attacks can take place... A very simplified example (please dont pick at this, this is the general idea, I'm not saying that the end product will work like this... or even work ;) ). The device has three modes - passive and active and evil. Switch it to passive and walk into an office building. The device logs information about the wifi and bluetooth available, hops between APs and logs any 'interesting traffic'. The intention is that this may reveal important infrastructure notes. Such as their networking, printer and possibly voip infrastructure. Switching to active starts the enumeration and exploitation process. Metasploit is far more crucial to this than nessus as for my purposes I can implement a system that performs the functionality that I want from nessus without the rest of the bloat. Evil is exactly that, its evil and most likely wont be in my dissertation report (unless I can blag it being a vector for social engineering). Evil will simply do everything it can to temporarily screw over the infrastructure mass disassociations, bluetooth DoS etc... Might not be useful for an auditor in the real world but damned fun in a busy starbucks. I'm still very much in the ideas and preparation stages at the moment so all comments / advice are welcome. I'll also be at FOSDEM if anyone wants to chat about it. Cheers -Rob
Current thread:
- Hand Held Auditing Device Robert Clark (Feb 06)
- Hand Held Auditing Device Bob Davies (Feb 06)
- Hand Held Auditing Device Dave King (Feb 06)
- Hand Held Auditing Device H D Moore (Feb 06)
- Hand Held Auditing Device Robert Clark (Feb 07)
- Hand Held Auditing Device Bob Davies (Feb 07)
- Hand Held Auditing Device H D Moore (Feb 06)