Forgot your password?
typodupeerror
Portables Security Wireless Networking IT

Wi-Fi Penetration Tester In Your Pocket 121

Posted by kdawson
from the happy-to-see-me? dept.
00*789*00 writes "ZDNet has a story about the public launch of Immunity's Silica, a portable hacking device that can search for and join 802.11 (Wi-Fi) access points, scan other connections for open ports, and automatically launch code execution exploits from a built-in exploit platform."
This discussion has been archived. No new comments can be posted.

Wi-Fi Penetration Tester In Your Pocket

Comments Filter:
  • Ummm, yeah. (Score:4, Funny)

    by Vengeance (46019) on Thursday February 08, 2007 @10:38AM (#17934568)
    I hope y'all don't mind if I won't keep a penetration tester in my back pocket, mmm'kay?
  • by CaffeineAddict2001 (518485) on Thursday February 08, 2007 @10:44AM (#17934624)
    \\sharedstuff\My Super Secret Incriminating Documents Conveniently Zipped For You.exe
  • by Anonymous Coward on Thursday February 08, 2007 @10:46AM (#17934660)
    For $3,600, I think it's way over priced. Use a laptop, or home brew a similar device with a mcuh cheaper Zaurus:

    http://www.irongeek.com/i.php?submenu=zaurus/zauru sheader&page=zaurus/zaurusmain [irongeek.com]
    • Skip the Zaurus... (Score:3, Insightful)

      by Svartalf (2997)
      It's a $3600 Nokia WebPad with custom software on it.

      Considering the new WebPads and all being available and supported (unlike the Zaurus...), I think I'll go with that instead...
      • by Tony Hoyle (11698) <tmh@nodomain.org> on Thursday February 08, 2007 @11:12AM (#17934982) Homepage
        $3600 for something to detect wireless networks?

        For half that money you could get a fully fledged laptop with builtin wireless and run any tools you liked.

        From the summary I was expecting a $50 pocket device.
        • by Fuyu (107589)
          This device does more than just detect wireless networks. According to the article, it can also "scan every machine on every wireless network for file shares and download anything of interest to the device. Then just put it in your suit pocket and walk through your target's office space." With 128MB flash memory, a 64MB RS-MMC (Reduced Size - MultiMediaCard), and an option for extended virtual memory (RS-MMC up to 1GB), that's a sizable amount of storage for a walk through.
        • by dr_dank (472072)
          What I like about the Zaurus is the very fact that its so portable. I can turn on Kismet and keep it in my jacket pocket while out and about, logging APs all the way. You really can't do that with a laptop if you want to go around on foot.
          • by Danse (1026)

            What I like about the Zaurus is the very fact that its so portable. I can turn on Kismet and keep it in my jacket pocket while out and about, logging APs all the way. You really can't do that with a laptop if you want to go around on foot.

            I guess you could if you have one of those jackets with the big pocket on the back. Perfect for sliding a laptop into. Probably only doable in cold weather though, as the laptop will definitely keep you warm...
      • by Scud (1607)
        Considering the new WebPads and all being available and supported (unlike the Zaurus...), I think I'll go with that instead...

        Huh?

        While it's true that Sharp has neglected the Zaurus software-wise for ages now, it has been actively supported by a number of groups that have gone from tweaking the existing Sharp ROM to creating a full-blown replacement for the Sharp ROM.

        So it is hardly unsupported, I would say that it is every bit as well supported as my PC is running SuSE.

        And, no intended slight
    • by Dekortage (697532)

      Well, let's add it up...

      1. A laptop does not fit covertly into your pocket.
      2. A "home brew" device... let's see, the link you sent suggests ~$200 in hardware. Then it says "Apps I hope to get around to testing" and lists a few possible hacking tools (in other words, he hasn't done it yet). Add up the time it would take a skilled geek to develop and maintain the complete hacking software suite, make it as simple to use and automated, and patch it monthly with the latest exploits... suddenly $3600 sounds not
    • by COMON$ (806135) *
      ya, a 500 dollar laptop, metasploit, and a decent wireless card and you will have more than you bargained for.
    • by BobPaul (710574) *

      For $3,600, I think it's way over priced. Use a laptop, or home brew a similar device with a mcuh cheaper Zaurus:
      The Nokia 770 is $350. The N800 is $400. I run Kismet and Aircrack on my N800. Not sure what's special about the extra $3200 in software they've added. Someone should show their customers the price of the bare handheld!

      The Zaurus would be nice if it was still in production. For use newbs, the Nokia series is attractive ;)
  • by UPZ (947916)
    hey even my nokia e61 can run this kiddie script! thanks for sharing the idea OP!
  • Wow... A hacking device actually being sold by a real company. The article says "We make a fair effort to vet buyers and know where the money is coming from and who we're shipping to."

    Even so, it probably won't be long before this device is being used by hackers as well as law enforcement. Actually, after thinking about it a bit, I'm not sure which use bothers me more.
    • by Svartalf (2997)
      Heh... The hackers are already DOING this stuff- on similar devices, even.

      You're going to find that the black/grey hats will be buying a Nokia 770 or it's next generation,
      buying one of the alterable PocketPC's, or a cheap laptop and running Metasploit or SPIKE/MOSDEF
      on them- all of which are legit tools and available as LGPL or similar licensed code. And, in the
      case of SPIKE/MOSDEF, you're using the underlying engine for CANVAS anyhow...

      All this does is provide commercial support and exploit updates for a
  • What I like to do... (Score:5, Interesting)

    by Ford Prefect (8777) on Thursday February 08, 2007 @10:49AM (#17934692) Homepage
    ... is leave dozens of wireless routers lying around, switched on, broadcasting trivially encrypted 'networks' to the surroundings - except not have anything connected to them. No internet, no servers, no ethernet cable, nothing.

    The real network is hidden, strongly encrypted and using 802.11n. Beat that, hackers!
    • by drooling-dog (189103) on Thursday February 08, 2007 @11:39AM (#17935334)
      You wouldn't happen to be the guy next door to me, would you?
    • ... is leave dozens of wireless routers lying around, switched on, broadcasting trivially encrypted 'networks' to the surroundings - except not have anything connected to them. No internet, no servers, no ethernet cable, nothing.

      Damn, I just got rid of a couple of wireless access points, and I never thought of that. It might have been kind of fun to browse through the syslogs on those to see who is banging their heads against a brick wall...
    • Meanwhile, you just killed your SNR! I hope you like slow WiFi access with packet loss!
    • You don't need dozens of wireless routers eating power and taking space, all you need is a single wireless card being a jackass and advertising SSIDs for networks that don't exist. I don't remember the name, but the software is out there already.

      Note that you're going to hurt your(and everyone near by)'s signal to noise ratio, and you're going to confuse real clients just as much as you will evil hax0rs-- Try sorting through a few dozen networks on a wifi enabled cellphone for example, probably not fun.
  • Or are you just happy to prove my network?
  • by russotto (537200) on Thursday February 08, 2007 @10:54AM (#17934744) Journal
    ...it was Dr. Fronk who said, "Well, I guess it pretty much can only be used for evil".
  • Great! I can't wait to take this with me on the White House tour. Should prove interesting.
  • hmmm. $3,600. Damn. The very first thing I did was put toghether a suite of open source wifi hacking tools.
    All they did was put together an easy to use gui so anyone without any computer knolwledge at all can use it.
    hmm.. that's against the hackers code!
  • by multisync (218450) on Thursday February 08, 2007 @11:07AM (#17934906) Journal
    Post an article on slashdot with the words "penetrate" and "open ports" in the summary.
    • Actually... (Score:5, Funny)

      by StressGuy (472374) on Thursday February 08, 2007 @11:51AM (#17935490)
      It's the same bad joke over and over again until somebody post one of the following....

      "In Soviet Russia - Open Ports Penetrate You!"

      or..."my back door is impenetrable YOU INSENSITIVE CLOD!!!"

      or...perhaps a reference to a Beowulf cluster-f%@k

      or...something ending in .... PROFIT!

      then we all get sick of it.

  • by catdevnull (531283) on Thursday February 08, 2007 @11:09AM (#17934934)
    Gotta wonder about a picture of a chick with "penetration testing" as a caption.

    God, I love IT.
  • by sshore (50665) on Thursday February 08, 2007 @11:09AM (#17934938)

    Over the last year or so, I've considered writing an automated wireless network intrusion tool. It would:

    • capture encrypted packets and attempt to crack wep/wpa keys
    • join wireless networks, enumerate targets
    • retrieve files of interest from shares or recover them from packet dumps
    • launch code attacks, like this tool does

    You'd run it on a laptop that you'd carry in your backpack or in your car, on your way to/from work or just cruising around on a Sunday afternoon.

    As such, it would be called the Transient Wireless Intrusion Tool, or TWIT. I just get a charge out of network security people writing about twits wandering around near the network.

  • This is based on the Nokia 770, so it's Linux (debian) based. What apps would we need to put together an put a frontend onto to make this a reality for either the 770 or the newer N800?
  • That "PDA" is a Nokia 770. Is it modified hardware-wise, I have no idea, but the device portrayed in the article is Nokia 770 that sells for under $400 (and is now surpassed by N800).
  • Legality? (Score:3, Interesting)

    by Zeek40 (1017978) on Thursday February 08, 2007 @11:11AM (#17934972)
    I would think that the Digital Make everyone a Criminal Act would prevent a company from marketing a device like this...
  • by kabocox (199019) on Thursday February 08, 2007 @11:20AM (#17935064)
    I'd like to see someone program that for the OLPC laptop. I could easily envision a slashdotter transforming a simple educational device into a hightech potentially offensive military IT resource and giving it to 3rd world kids.
  • So...basically this would be akin to running Back|Track, but with a few improvements, like the automation or am I missing something? If this is the case, why wouldn't someone install back|track on one of these things and just add the automation? Then you could forgo most of that hefty price since all you would have to buy is the tablet.
    • by soleblaze (628864)
      Because backtrack doesn't run on an arm processor. This is basically a custom distro for the nokia 770. You're mostly paying for them setting up the tools correctly and the GUI interfaces. They might have also created patches for some of these tools for them to run on the Nokia 770 properly. One thing to note, is that since it is Linux if they did patch these programs you can get the source code from them when you buy one and then distribute it (and return the device if you can..heh) Of course I'm sure
  • Dupe or Followup? (Score:4, Interesting)

    by HTH NE1 (675604) on Thursday February 08, 2007 @11:28AM (#17935180)
    I remember something about this before [slashdot.org]. Yup, it was about Silica then too.

    I posted a theory about sending one to yourself through the mail activated and with a GPS so that the postal delivery vehicle does your wardriving for you. I called it warsmailing [slashdot.org]. So far no results on Google of anyone attempting it using that term.

    (Why do I keep being prompted to save a download of comments.pl when I Submit?)
    • by uuilly (746301)
      We used the same idea during the cold war. We shipped sensitive Geiger counters all over the Russia via rail so they could sniff nukes and nuke facilities. Cool idea. I think we got caught though.
  • by master_p (608214) on Thursday February 08, 2007 @11:31AM (#17935214)
    I already have a wife penetration tester in my pocket, thank you very much.
  • can i slip one into my wifie's pocket to make sure she's been faithful?
  • You should still keep your wifi open... a criminal needs to be in geographic proximity. wow. This is so much worse than someone on the other side of the country being able to break into your machine. Honestly, if we all keep our wifis open it'll be better in the long run. I don't know why it just will be i swear.
  • by Anonymous Coward on Thursday February 08, 2007 @11:41AM (#17935370)
    For a moment there, I thought I was going to have to implement spam filtering on my RSS feed from Slashdot.

  • ...does it have x-ray vision? The glasses I bought 30 years ago are looking pretty rough these days...
  • Excuse me Sir. (Score:1, Redundant)

    by HerbieStone (64244)
    Is this a pentration tester in your pocket?

    Or are you just happy to see me?
  • egh (Score:1, Insightful)

    by Anonymous Coward
    yup, its a nokia 770, with software that costs about $2600. BARGAIN.

    the only thing the nokia 770 isnt really capable of already is packet injection, so does that mean they're charging that much money for a product sticker, an injection-capable wifi driver, and some easy front ends to already existing (and compiled for debian / arm / maemo) wifi software?

    ill compile a driver for a capable usb wifi card or wait for a monitor mode / packet injection patch for the 770's wifi chipset to become freely available,
  • by tehfonz (1061548)
    People spend $3600 on this How do u gain your money back? or are these people in it just to be "hackers" 1. Buy wireless exploiter 2. ???? 3. Profit!!!!
    • by soleblaze (628864)
      If you read the article, they're mainly targeting big businesses and law enforcement. They're being sold as a way for non technical people to preform pentests (I.e. buy this $3600 device and you won't have to buy the $40,000 pentest from company x)
  • Or are you just happy to see me?
  • So far I've found kismet (which mostly works, but will crash the n800 if you leave it alone long enough for your screen to blank) (kismet can be found at http://eko.one.pl/maemo [eko.one.pl]) And aircrack and nmap (http://www.mulliner.org/nokia770/). I know that there's a port of metasploit somewhere, but I haven't been able to find it. Also programs that use bluetooth and are designed for the 770 but not the n800 crash the n800 due to bt driver incompatabilities (the n800 uses a newer bluez stack) Does anyone know
  • That is either the greatest or worst pickup line in the history of the world: "Hey baby, I got a penetration tester in my pocket..."
  • by daveaitel (598781) on Thursday February 08, 2007 @12:51PM (#17936230) Homepage Journal
    The take on this story SHOULD be that it's possible to have a small company choose embedded Linux to deploy innovative and interesting applications on. We could have chosen Windows Mobile, of course, but Linux was technically the better choice. That's the important part here. Open Source tools get you to market faster and cheaper.
    • by Lord_Byron (13168)
      But, Dave, your company is charging an awful lot of money for a tool that isn't all that innovative (I've been using a 770 as part of my wireless pentest suite for a while now) and has limited legitimate uses, all IMHO, of course.

      I'll take all of that back if you can explain why LEOs need a *stealthy* wireless pentest capability and explain a few compelling scenarios where this is better than the vastly cheaper combination of a 770 running Kismet and a conventional laptop running conventional tools.

      Untill y
  • Nokia 770 + Kismet (Score:2, Interesting)

    by ivlad (646764)
    I think, the $3600 device is nothing more, but a Nokia 770 (that is clear from the photos) runnig GUI for Kismet or some sort of other Wifi scanner.

    Good margin! ;)
  • I'm disappointed nobody has mentioned BackTrack [remote-exploit.org] yet. Live, bootable Linux CD loaded with wireless scanning and hacking tools. To be honest, I haven't tried it yet, but Free sure is cheaper than $3600!
    • by Drahgkar (945536)
      I did mention BackTrack earlier, but it was in reference to installing it on the tablet rather than running the live cd. However, I was informed that unless you re-compile and possibly rewrite some of the source, it won't run on an ARM processor. Mostly, as I understand it, because BackTrack is based on Slax which is based on Slackware which is not compiled to run on ARM processors.
  • Based on the Open Source Linux operating system and the pure Python Immunity CANVAS attack framework, if one of SILICA's built in attack profiles does not fit your needs, you can easily craft one that does.
  • This is a nokia 770! All smirky comments aside.. (Why even bother with those when you should know what this is) So if this so called 'pen tester in a pocket' is 2500+ dollars, then what in the hell do you call a PocketPC or PDA running MiniStumbler written by Marius Milner? Besides a 2300+ dollars less costing pen tester that is. Stupidest thing I've seen all day! (I just woke up)
  • Gimmick. (Score:2, Informative)

    by hrtserpent6 (806666)
    Where do I start with this thing?

    The number of applications this device provides that are both legitimate and useful are near zero.

    If you are legitimately authorized to do scans, why not do it with proper equipment? I used to warwalk all the time with an open laptop in plain view, and if anyone stopped me, I had a letter from the CIO in my hand.

    If you want to truly test security are you gonna hand an idiot-proof device to some intern and tell them to push the pretty red button and run around with it?
  • ...of the exploit framework it provides, Immunity CANVAS. You`re not paying for the hardware device but for the exploits, this should be a must for every pen-tester, Aitel is one hell of an exploit writter.
  • janus mini-itx [mini-itx.com] I quote:
    The "Janus Project" is the brainchild of Kyle Williams of the Janus Wireless Security Research Group in Portland, Oregon.

    Mounted inside an epoxy and silicone-sealed watertight case lives a 1.5GHz C7 powered EPIA EN 15000G motherboard, 2 x four-port PCI to mini-PCI adapters, 8 x 802.11a/b/g mini-PCI WLAN Modules, 2 x 1W 2.4Ghz WLAN amplifiers, a keyboard and a 17in LCD screen. The system can scan up to 300 wireless networks simultaneously, storing and AES encrypting in real time a
  • another case of pure hype served up by some clever slashmarketing techniques. the truly scary part is some moron in the ranks above is going to read this and decide that we will need to be frisked when entering and exiting our work area. bad enough that no portable electronic devices are permitted. all the usb ports on all our machines have tamper evident seals on them (read scotch tape).

    hmm, i think i am going to to to this conference with a notebook from the 80s and tell everyone it is my new secure noteb
  • Bah. My Wifi hackybit [cexx.org] (Nintendo DS lite) with all its own associated hackybits runs for less than $200 off the shelf, runs a variant of uClinux, and can run for a week on a battery charge (assuming most of that time is in Sleep mode waiting for the target network to come in range).

    I'm actually somewhat surprised I haven't seen any stories along these lines yet. Load up a DS with wepcrack and some malware, power it on, flip it closed and mail to target. While it sits all morning in shipping/receiving, it's f
  • get into some real hacking.

    Get something like this [engadget.com] (hint: there's a much cheaper one with backlight that costs only about 50 bux), read this [maushammer.com], lean to program the MCU, add some Flash memory, learn to hack the BPU and get goin' already.

    No wonder the military too are going COTS, they can't hack up anything themselves anymore unless millions of dollars are dumped into the project.

    Heck, even the famous voting machine scanner from the Netherlands was in fact a hacked TomTom navigator (you can prolly find them by

Things equal to nothing else are equal to each other.

Working...