All, Being shown at Defcon 2003 by Paul Clip of @stake Being shown at CCC 2003 by Ollie Whitehouse of @stake Please find below details of a number of tools I released yesterday on www.@stake.com. All of these are for the SonyEricsson P800 platform (Symbian based GSM/GPRS PDA/Cellphone). I was going to coin a phrase like CellDriving or something, but I will leave that as an exercise for the press and/or someone else who wants kudos for such a 'genre' of security issues. The purpose of these tools is to allow security consultants such as myself and/or operators to assess their own networks from the perspective of a cellular telephone. The purpose of PDAZap is for anyone conducting incident response and/or research in the field of embedded PDA/Cellphone devices. Anyway the tools: [Pentesting Tools] Tool: NetScan Version: 1.0 Platforms: SonyEricsson P800 (Symbian) MD5: 480604F6664877A9345670B74DFA8B88 Author: Ollie Whitehouse Desc: @stake NetScan is a very small TCP and UDP port scanner for the SonyEricsson P800 platform. NetScan uses AppForge libraries, requiring AppForge Booster for the P800 to be installed. URL: http://www.atstake.com/research/tools/vulnerability_scanning/ Tool: MobilePenTester Version: 1.0 Platforms: SonyEricsson P800 (Symbian) MD5: 0B4641C6D238050D059D54FFD8539FEF Author: Ollie Whitehouse @stake MobilePenTester is a small application that when placed on a P800 will allow you to perform remote assessments over a GPRS (2.5g) and/or GSM (2.0g) CSD data connection. The utilities contained within MobilePenTester are: o PDACat (Netcat like functionality for a PDA) o URLScan (common URL scanner) o ULookup (used to look up the numeric codes of the URL) o NetScan (portscanner - UDP and TCP) o WAPScan (a port of @stake wapscan to P800) URL: http://www.atstake.com/research/tools/vulnerability_scanning/ [Forensics / Research Tools] Tool: PDAZap Version: 1.0 Platforms: SonyEricsson P800 (Symbian) MD5: CB6B90D52C321B92A72E743800B28B89 Author: Ollie Whitehouse PDAZap is a small application that when placed on a P800 will allow you to image the device's flash to a Sony Memory Stick Duo. This scan be used by forensic investigators and/or security researchers alike. URL: http://www.atstake.com/research/tools/forensic/ Rgds Ollie --- Ollie Whitehouse Director of Security Architecture @stake Inc / Atstake Ltd http://www.atstake.com/ --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Thu Jul 31 2003 - 22:13:45 PDT