Re: Using IPaqs or other handhelds as penetration devices

[Ryan Russell <ryan () securityfocus com>]

On Thu, 16 May 2002, Johann van Duyn wrote:

> I was wondering whether any exploits or penetration tools exist that run on
> Compaq IPaq PDAs (running Windows CE or whatever they call it now), or any
> other handheld devices, for that matter. This is part risk analysis
> regarding the use of such devices, and part looking at using such a device
> for lightweight ad-hoc penetration or vulnerability testing.

There's not a ton available for them, at least not that I've found while
searching.  You're missing winpcap support, which a lot of the free tools
rely on.  I've written the polito.it guys, and they have no immediate
plans to finish up any CE support.  If you're looking for just
general-purpose tools, this guys has done an amazing amount of porting
work:
http://www.rainer-keuchel.de/software.html
Also available is Ceniffer http://www.epiphan.com/products_ceniffer.html
which is a little pricey.

But, in general, if you're looking for Kismit, Netstumbler, Airsnort,
etc... there's nothing in the same category that I'm aware of.

Now, if you want to put Linux on the iPaq instead, that's a different
story.

Hardware-wise, you can get sleeves that will take two pcmcia slots, and
will let you have your 802.11b card and GPS both, so you can perhaps drop
your whole war-walking rig in your pants.  So, from that point of view,
the can be a concern for security.

                                        Ryan



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/