Pwnie Express
Hello there,
just saw this from kevin mitnick, a full pentesting suite for the Nokia N900 link - > https://twitter.com/#!/kevinmitnick/...61754344439808 suite - > http://pwnieexpress.com/pwn_phone.html regards! |
Re: Pwnie Express
|
Re: Pwnie Express
how do we install this image?
|
Re: Pwnie Express
Hi, does anyone know how to or have instructions on how to install the Image, am very eager to try it out...thx
|
Re: Pwnie Express
Hello folks,
If you already have N900 with you, then all you need to do is to download this image from the following link: https://github.com/downloads/pwnieex....6.2011.tar.gz extract the tar file: you will see a folder named as "pwnimage" 1. Open that folder, there will be an instruction file on "How to install Pwnie Express". 2. It's pretty simple and easy to follow guide and you will be good to go. P.s I haven't tried it out myself yet, though I will definitely install it on my N900 in a day or two and will let you know. -- Cheers, Ap4ch3 |
Re: Pwnie Express
Folks,
.... and yes, The instructions written in text file from the pwnphone folder worked flawlessly on My Nokia N900. Applications are working fine. No Booting problems, nothing at all. Worked like a charm. * Smile* I will upload the pictures soon on my blog. Keep Rocking!!! Happy Pentesting. :-) -- Thanks & Regards, Ap4ch3 |
Re: Pwnie Express
Hello AP4CH3,
how long did it take you to run the full install? I'm trying to install on my phone, going on 3 hours, and now seems to be stuck, I'm unsure of whats happening. thx |
Re: Pwnie Express
Hi Guys, is it possible to install the IMAGE on my phone memory,,,I mean I have two phones(The great N900 and the other one),,so i was wondering if i can install Pwnie Express(as my default operating system)...I wanna use n900 as a Pentest device only::...thx
|
Re: Pwnie Express
Just seen this...
http://www.pwnieexpress.com/pwn_phone.html 960 $?! WTF!!!!! :mad: But... is the phone included? Or only the "suite"? Btw, isn't most of the software included "open source"? :confused: |
Re: Pwnie Express
Full Disclosure: I work for Pwnie Express. The Community (free) Edition is here: http://www.pwnieexpress.com/downloads.html. The paid version is meant for enterprise customers who want a preloaded, polished, QA-tested product with tech support included.
|
Re: Pwnie Express
Ok... no, it's that it seemed a bit - cough cough - expensive.
So, the phone is included or not? |
Re: Pwnie Express
Heh.. no worries. =) Yes, the N900 phone is included.
|
Re: Pwnie Express
i saw half of ports of apps and patches for wireless developed/ported here(TMO), so why would someone make profit on other's work? =\
|
Re: Pwnie Express
Customer's who choose to purchase the paid version are not paying for the open-source software; they're paying for the included tech support, the customized portions of the build, and the service of delivering a polished, ready-to-go, QA-tested hardware/software combination. That's why the paid version is meant for the enterprise, and the free version is meant for the individual/hobbyist.
|
Re: Pwnie Express
hahaha 960$ ?
you can install kismet, metasploit, aircrack and other apps by yourself ;p for wep cracking search for "wepon" app. sslstrip can be found on google ;p 960$ hahaha This software is for the lazy users! |
Re: Pwnie Express
Quote:
Quote:
|
Re: Pwnie Express
As much as technical expertise is appreciated, there is a balance that should be embaced. It's not so much our jobs to invest our time in trying to build a commercial technolgy that already exists as much as it is to evaluate and select the most approriate solution that maps back to business requirements. This will enable us to invest our time in focussing on what the business does best and hopefully affecting the bottom line northwardly.
|
Re: Pwnie Express
People really need to chill. Countless businesses make money off of Open Source software. Nokia packaged linux + headache-inducing-binary-blobs + decently-good (at the time) hardware to make the N900. Are you *****ing about them making money off other people's FOSS? No.
There's nothing wrong with this. Yes people can install basically all of the stuff in the PwnieExpress on their N900s already. But just like Ubuntu's maker makes money from selling support, and could legally make money from re-selling hardware that they prepackage with Ubuntu + a bunch of goodies, it makes perfect sense for someone to provide N900s prepackaged with FOSS pentesting tools, if the entire thing comes neatly packaged with a guarantee of support, then it WILL be worth it to some people out there. Now, I personally don't know what pentesting professionals would find the extra cost worth it, but when it comes to businesses and "enterprise" endeavors, decisions that aren't the most cost-beneficial tend to happen a lot and I'm sure some of the rationalizations for them are accurate. At any rate, you can think that it makes no practical sense for someone to buy the non-free version of Pwnie Express, and voice that if you really want, but if you think it's fundamentally wrong for them to make money of a product that bundles FOSS, then I don't think you have a leg to stand on. Now if there's GPL violations going on that's another matter, but I haven't seen anyone bring that up... |
Re: Pwnie Express
If you are a company and you put an employee to search for what is working, select, install and test if all is ticking well together then it will cost you way more.
I haven't check the offer but the price for a device+solution+support looks very reasonable. In addition, I find it very nice of them to offer a free version for the non-professionals. Just saying.. |
Re: Pwnie Express
Quote:
Someone has already tested the image. I am very interested in trying it on my n900:D Another question I have on my microsd easy debian image, there is no inconvenience in having the 2 images to run the program. Thanks for the reply:D:D |
Re: Pwnie Express
Has anyone actually tested those apps? Repo is supposed to be free. In that case I would expect some modified wifite (if this is enterprise support they definitely handle tmp files better than /tmp limit), grimwepa fully working (icedtea fully configured/libraried), metasploit working locally not from chroot (this I doubt). Or support is extract of best posts from this forum (this can be automated too): and it is an enterprise level scam. Supporting people as to how run aircrack-ng seems not exactly 'enterprise' as the company would hire at least a little bit knowledgable people I assume. But if a millionaire out there decides to start a pentesting company and needs QA tested pentesting devices... provide him scripts, hopeless anyway.
EDIT: nothing against you guys, when ebay runs dry of N900s and there will be only choice between droid/iOS/WP, I think 960$ will be quite reasonable |
Re: Pwnie Express
That is a good point szo.
Are you using strait up wifite or my bodged /opt/tmp version? Either way it is a legitimate enterprise. ~$800 is not good value for me for some pre-installed programs, however for some people it will be. Besides it is not like the pwnphone is their only product, they have that cool box thing. pwniexpress, I like what you have done and wish that you will continue to develop your marvelous image. To really win the love of the community however you may consider: 1. Figuring out how to roll your own firmware from backup menu backup tar files (this would make you my personal fvcking hero by the way). 2. Put some of your hard earned pwn funds into buying some of the closed source **** off nokia so we can get to dumping maemo 5 asap. Regards vi_ |
Re: Pwnie Express
Quote:
Basically the installation procedure is like this. Copy (a few thousand ca. 50k) files to MyDocs and restore the pwn-phone image with backupmenu, reboot. |
Re: Pwnie Express
Quote:
|
Re: Pwnie Express
Injection requires KP, if PWN edition is still on 46, I'll stick to my setup. Considering support, they need at least 49 or everyone trying to 'Save as' is their number one client at customer service clogging lines
EDIT: vi_: on main device your /opt/tmp/ solution, works great. On dev device I increase tmp whenever I need to (very rarely), opt is quite expensive there. Kudos for your solution, flawless (I did introduce some changes for stopping autodelete, so dev is still utilising poorer choice(one experienced downside of enlarging tmp is huge programs sometimes rebooting unexpectedly when the device is compiling, but swappolube seems to have similar effect, so this is also only on main device)) |
Re: Pwnie Express
@ vi_
Ok, good to know. I assumed it, but never tested. |
Re: Pwnie Express
|
Re: Pwnie Express
Quote:
|
Re: Pwnie Express
Quote:
Do you have to say goodbye to the phone features with PwnieExpress ? Anyway to chroot |
Re: Pwnie Express
I had few issues getting fast-track working. Had to install missing depency: python-dev, in order to get other fast track depencies to install/compile, and also to add /usr/local/lib/ to ld.so.conf so ldconfig would find pymssql libsybdb.so.5 depency. But after addings those, it started to work.
Otherwise pwnie express looks good. |
Re: Pwnie Express
Quote:
|
Re: Pwnie Express
Quote:
i have the same problems with fasttrack and a help would be much appreciated. thanks |
Re: Pwnie Express
Hi. I finally got a decent n900 I read all the tutorials everywhere but I cannot find
pwnphone_image-7.6.2011.tar.gz nowhere, the github nope. By any luck does somebody has it? Can you share it to me please? |
Re: Pwnie Express
Quote:
I do have pwn image; if I remember well, there are two of them. I cannot share it ASAP but when I got home I can upload it somewhere... Sidenote: I do not recommend installing/flashing it because all of its tools and power-kernel version are sooooo outdated... If you want something newer, I recommend Kali... You can hack it onto n900 ;) Edit// I do not know whether it is the one you wanted, but here is that I found on my laptop... Maybe there is another one on my desktop machine but that is not working at the moment... |
Re: Pwnie Express
I have the same one as @justmemory. I downloaded it to compare, and they match size (475223929 bytes, ~454M) and sha256 checksum (6304adb6d6fac2a8beba5ed0085859fa0f84444fc8e84241e 0340c3a4f203b77).
Note that inside of the tar, in INSTRUCTIONS.TXT it refers to itself as pwnphone_image-7.3.2011.tar.gz. So note the "7.3" as opposed to the "7.6" you want.. |
Re: Pwnie Express
Quote:
Sir, the drive link is expired. Can u please provide another download link for the maemo pwn phone image file. Thanks in advance. |
Re: Pwnie Express
Quote:
Sir, if u have the image file, please share it |
Re: Pwnie Express
Quote:
I do not found the one that I shared but I do found a link to it (do not know whether it is good though...): http://chomikuj.pl/s.o.n.y/Dokumenty...110.gz(archive) And I also found a v2 version of the pwn image on my desktop so here it is. |
Re: Pwnie Express
Quote:
Hi sir, thanks for your reply after a year. Does this gdrive pwnimgae works for nokia n900 sir ??? I already tried the first one, that page doesn't contains the image file. Thank you so much sir. Please one replay for that sir, is that same image file of pwn image, i mean that v2 file |
Re: Pwnie Express
I do not know if it works, never tried that (using kali on n900 is far better...) but if I remember well I downloaded it for n900 of course... What else for...? :) But yeah, who knows.
The v2 is the second version of the "original" pwn image... |
All times are GMT. The time now is 06:08. |
vBulletin® Version 3.8.8