@stake tool announcements: NetScan / MobilePenTester / PDAZap

From: Ollie Whitehouse (ollieat_private)
Date: Thu Jul 31 2003 - 04:40:45 PDT

Next message: Nicole Nicholson: "Re: OSSTM Training/Certification"

Previous message: tom91at_private: "Re: OSSTM Training/Certification"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

All,

Being shown at Defcon 2003 by Paul Clip of @stake
Being shown at CCC 2003 by Ollie Whitehouse of @stake

Please find below details of a number of tools I released yesterday on
www.@stake.com. All of these are for the SonyEricsson P800 platform (Symbian
based GSM/GPRS PDA/Cellphone). I was going to coin a phrase like CellDriving
or something, but I will leave that as an exercise for the press and/or
someone else who wants kudos for such a 'genre' of security issues.

The purpose of these tools is to allow security consultants such as myself
and/or operators to assess their own networks from the perspective of a
cellular telephone. The purpose of PDAZap is for anyone conducting incident
response and/or research in the field of embedded PDA/Cellphone devices.

Anyway the tools:

[Pentesting Tools]
      Tool:   NetScan
   Version:   1.0
 Platforms:   SonyEricsson P800 (Symbian)
       MD5:   480604F6664877A9345670B74DFA8B88
    Author:   Ollie Whitehouse
      Desc:   @stake NetScan is a very small TCP and UDP port scanner
              for the SonyEricsson P800 platform. NetScan uses AppForge
              libraries, requiring AppForge Booster for the P800 to be
              installed.

       URL:   http://www.atstake.com/research/tools/vulnerability_scanning/

      Tool:   MobilePenTester
   Version:   1.0
 Platforms:   SonyEricsson P800 (Symbian)
       MD5:   0B4641C6D238050D059D54FFD8539FEF
    Author:   Ollie Whitehouse
              @stake MobilePenTester is a small application that when placed
              on a P800 will allow you to perform remote assessments over a
              GPRS (2.5g) and/or GSM (2.0g) CSD data connection. The
              utilities contained within MobilePenTester are:

              o PDACat (Netcat like functionality for a PDA)
              o URLScan (common URL scanner)
              o ULookup (used to look up the numeric codes of the URL)
              o NetScan (portscanner - UDP and TCP)
              o WAPScan (a port of @stake wapscan to P800)
       URL:   http://www.atstake.com/research/tools/vulnerability_scanning/


[Forensics / Research Tools]
      Tool:   PDAZap
   Version:   1.0
 Platforms:   SonyEricsson P800 (Symbian)
       MD5:   CB6B90D52C321B92A72E743800B28B89
    Author:   Ollie Whitehouse
              PDAZap is a small application that when placed on a P800 will
              allow you to image the device's flash to a Sony Memory Stick
              Duo. This scan be used by forensic investigators and/or
              security researchers alike.
       URL:   http://www.atstake.com/research/tools/forensic/

Rgds

Ollie
---
Ollie Whitehouse
Director of Security Architecture
@stake Inc / Atstake Ltd
http://www.atstake.com/



---------------------------------------------------------------------------
----------------------------------------------------------------------------

Next message: Nicole Nicholson: "Re: OSSTM Training/Certification"
Previous message: tom91at_private: "Re: OSSTM Training/Certification"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jul 31 2003 - 22:13:45 PDT