[TOOLS] UPDATED 2203 Network tools (Pentest) for N9 (PR1.1 & PR1.2) - Page 3 - maemo.org

nieldk | # 21 | 2012-02-29, 20:29 | Report

Originally Posted by

- if you can get plugins to work in ettercap will be great, now that we know it works in N9 it will be awesome have the new ettercap tottally armed

in our N9s

I am quite sure I can get (some) of theplugins to work.
I didnt compile ettercap with the 'optional' libraries in this first step.
From ettercap.sourceforge.net:
To enable plugins: libltdl (part of libtool)
To have perl regexp in the filters: libpcre
To support SSH and SSL decryption: openssl 0.9.7

Originally Posted by

- without nat and packet injection we are ****ed, we have sniffers and airckrack castrated, we will have to wait for open kernel for PR 1.2, someone knows who was the guy who compiled it?? maybe we can contact him.

I already am on this, but we need kernel sources before we can proceed. We are not completely f^^^ we have promiscious mode, but we need packet injection and to do this we need the kernel sources to compile compat-wireless.

Originally Posted by

- I was thinking to install the iptables of N900 into the N9 and see what happens, do you think is a good idea? or is a kernel problem and it will be for nothing?

I think it will not do anything, and maybe not needed since NAT forwarding is handled by ettercap. For other purposes, we might need to compile kernel to support NAT.

Originally Posted by

- ipforward gives not problem to me :

after:

echo "1" > /proc/sys/net/ipv4/ip_forward

cat /proc/sys/net/ipv4/ip_forward

1

Right, I had that result also, just tried this to check if that would matter for the NAT functionality.

Originally Posted by

anyway you don't need kernel ipforwarding with ettercap, ettercap itself fordwards the packets, in fact after launching ettercap the value of "ip_forward" returns to 0, that is maybe you think "echo "1" > /proc/sys/net/ipv4/ip_forward" command not work, because you check the value of ip_forward after launching ettercap.

Well, that is good news then, for the missing NAT functionality in kernel

/N

The Following User Says Thank You to For This Useful Post:
-Tyler-

nieldk | # 22 | 2012-02-29, 20:45 | Report

BTW.
To get openssl

Code:

~ $ devel-su (rootme)
~ # develsh
~ # apt-get update
~ # apt-get install openssl (will fail.... so to fix, next steps are needed)
~ # mv /etc/apt/sources.list ./   (for backup)
~ # apt-get update
~ # dpkg -i /var/cache/apt/archives/openssl_0.9.8k-8maemo7\+dbg\+0m6_armel.deb (this should now install openssl)
~ # mv ./sources.list /etc/apt/   (for restore)
~ # apt-get update

/N

The Following 2 Users Say Thank You to For This Useful Post:
-Tyler-, jberezhnoy

-Tyler- | # 23 | 2012-02-29, 20:55 | Report

Originally Posted by nieldk View Post

I am quite sure I can get (some) of theplugins to work.
I didnt compile ettercap with the 'optional' libraries in this first step.
From ettercap.sourceforge.net:
To enable plugins: libltdl (part of libtool)
To have perl regexp in the filters: libpcre
To support SSH and SSL decryption: openssl 0.9.7

I already am on this, but we need kernel sources before we can proceed. We are not completely f^^^ we have promiscious mode, but we need packet injection and to do this we need the kernel sources to compile compat-wireless.

I think it will not do anything, and maybe not needed since NAT forwarding is handled by ettercap. For other purposes, we might need to compile kernel to support NAT.

Right, I had that result also, just tried this to check if that would matter for the NAT functionality.

Well, that is good news then, for the missing NAT functionality in kernel

/N

- for me with the "autoadd" plugin will be enough other plugins are more for fun, but "autoadd" is very basic for a sucessfull MITM attack of all of the network.

- who provides the kernel sources? nokia itself?

- yeah at least with the stock kernel we can do MITM attacks with ettercap, but other tools who needs kernel ipforwarding like dsniff will not work

- Offtopic: tomorrow will be officially realeased Backtrack 5 R2 with the new kernel 3.2.6, for all pentesting lovers who are interested

nieldk | # 24 | 2012-03-01, 17:46 | Report

Originally Posted by -Tyler- View Post

- for me with the "autoadd" plugin will be enough other plugins are more for fun, but "autoadd" is very basic for a sucessfull MITM attack of all of the network.

- who provides the kernel sources? nokia itself?

Plugins are working, including autoload, first post updated. Install one new file pcre_3.8.12_armel.deb should be enough since you have installed the previous libs and ettercap.

Yes, Sources are requested, and confirmed to be shipped by DVD

The Following 2 Users Say Thank You to For This Useful Post:
-Tyler-, YavkatA

nieldk | # 25 | 2012-03-01, 17:47 | Report

OH! And I got screen working also (listed on first post)

The Following User Says Thank You to For This Useful Post:
-Tyler-

-Tyler- | # 26 | 2012-03-02, 18:22 | Report

Originally Posted by nieldk View Post

Plugins are working, including autoload, first post updated. Install one new file pcre_3.8.12_armel.deb should be enough since you have installed the previous libs and ettercap.

Yes, Sources are requested, and confirmed to be shipped by DVD

great work man!! you are doing a fantastic work for this community and really fast!! I am happy someone with your talent and expertise will work in the new open kernel, for sure will be posible in the future transform the N9 into the ultimate mobile pentesting device, even superior to our beloved N900.

The Following User Says Thank You to -Tyler- For This Useful Post:

nieldk | # 27 | 2012-03-02, 20:13 | Report

Originally Posted by -Tyler- View Post

great work man!! you are doing a fantastic work for this community and really fast!! I am happy someone with your talent and expertise will work in the new open kernel, for sure will be posible in the future transform the N9 into the ultimate mobile pentesting device, even superior to our beloved N900.

Thanks. Appreciate it. I hope we will end up wirth something like a Neo(aheem) what should we call the suite once its ready to be called 'complete' (with graphics controls is my aim, hopefully something like a GTK port).

The Following User Says Thank You to For This Useful Post:
-Tyler-

-Tyler- | # 28 | 2012-03-02, 21:05 | Report

Originally Posted by nieldk View Post

Thanks. Appreciate it. I hope we will end up wirth something like a Neo(aheem) what should we call the suite once its ready to be called 'complete' (with graphics controls is my aim, hopefully something like a GTK port).

Good idea!! I don't have your level of knowledge but i will help in everything i can!

-Tyler- | # 29 | 2012-03-05, 23:56 | Report

New version of inyection drivers for the N900 maybe it would help to create the inyection drivers for N9:

http://talk.maemo.org/showthread.php...39#post1174839

The Following User Says Thank You to -Tyler- For This Useful Post:

panukooo | # 30 | 2012-03-13, 02:57 | Report

hey man i need inception for instal this? And how can i uninstal dpkg -i libnet_1.1.2.1_armel.deb i do this dpkg -r libnet_1.1.2.1_armel.deb and nothing happen