#98762 - dude1 - Thu Aug 17, 2006 11:52 am
is any chance of wardriving tools and not just capture a list of hotspots but wep cracking through brute force or most likely a weak scheduling attack(or at very least capture packets to be dumped and analyzed or cracked on a pc eg. pcap dump,netstumbler text ect.)
maybe a mac address spoof also
you know the usually things in a wardriving application
#98764 - daninski - Thu Aug 17, 2006 12:21 pm
the thing you're not after is 'wifilib test', http://www.akkit.org/dswifi/wifi_lib_test.nds
i dont think what you do want has been done by anyone yet.
#98767 - quadomatic - Thu Aug 17, 2006 1:10 pm
the wifi-lib-test can capture packets and get u a mac address for the router...but it can't save any of that information.
Someone was talking about porting airhack to DSLinux, but I don't think anyone will do that.
#98768 - JaJa - Thu Aug 17, 2006 1:18 pm
Please see this thread for several reasons as to why this is stupid.
I'll just quickly sumarise for you:
1. Illegal and unethical. It's stealing
2. Not powerful enough hardware
3. Limited battery life
_________________
LAWL HOOGE
My Blog
#98771 - pas - Thu Aug 17, 2006 2:02 pm
@dude1:
I asked something similar like you and they deletet my Thread, so I think it sensless to ask such a Question here...
Greets:
Pas
#98893 - dude1 - Fri Aug 18, 2006 9:50 am
i posted this same question on dslinux and got flamed by people saying things about illegal things are wrong ect.
but it can have legitimate security testing purposes and other things so dont lock threads for assuming its intended to be used for illegal purposes
for the sake of not ranting il leave it at that unless people keep bringing it up
anything legal can be used illegally pretty much dont assume the worst its not good
is a possibility of doing wrong a reason to be unprepared to do the right thing if the occasion called for it
#98900 - JaJa - Fri Aug 18, 2006 10:27 am
If you truely intended to use it for legal purposes, then call them network testing tools or something, or explain the reason you want it.
Wardriving has gotten a distinctly bad name, many people instantly associating the act with hackers (black hats at that too).
And you hardly got flamed over at the DSLinux forum, so don't come over here saying that. http://www.dslinux.org/index.php?showtopic=1764 For those who are interested.
If you are really that desperate, go write your own.
_________________
LAWL HOOGE
My Blog
#98945 - Lynx - Fri Aug 18, 2006 5:21 pm
Except there is one problem with that theory. If you really are using it for "security testing" why aren't you using a laptop? I mean.. if security is really that important, why leave testing it to a toy?
Oh.. that's right.. so you have something that is very portable.. to test the security of other peoples networks.. gotcha!
_________________
NDS Homebrew Roms & Reviews
#98950 - tepples - Fri Aug 18, 2006 5:39 pm
| Lynx wrote: |
| If you really are using it for "security testing" why aren't you using a laptop? I mean.. if security is really that important, why leave testing it to a toy? |
In order to simultaneously test the physical security of the premises. It's easier to sneak a DS past your office's security personnel than to sneak a laptop past your office's security personnel.
_________________
-- Where is he?
-- Who?
-- You know, the human.
-- I think he moved to Tilwick.
#98961 - JaJa - Fri Aug 18, 2006 7:11 pm
| tepples wrote: |
| Lynx wrote: | | If you really are using it for "security testing" why aren't you using a laptop? I mean.. if security is really that important, why leave testing it to a toy? |
In order to simultaneously test the physical security of the premises. It's easier to sneak a DS past your office's security personnel than to sneak a laptop past your office's security personnel. |
Really?
Considering some offices issue laptops to their staff, whereas playing games at work is generally frowned upon.
_________________
LAWL HOOGE
My Blog
#98964 - tepples - Fri Aug 18, 2006 7:49 pm
| JaJa wrote: |
| whereas playing games at work is generally frowned upon. |
Can you cite the part of a typical employment agreement that relates to employee break time?
_________________
-- Where is he?
-- Who?
-- You know, the human.
-- I think he moved to Tilwick.
#98970 - JaJa - Fri Aug 18, 2006 8:42 pm
| tepples wrote: |
| JaJa wrote: | | whereas playing games at work is generally frowned upon. |
Can you cite the part of a typical employment agreement that relates to employee break time? |
Ok, I see your point there.
But if you have a laptop on the desk it's less likely to invite inspection than if you have a DS out.
_________________
LAWL HOOGE
My Blog
#98977 - tepples - Fri Aug 18, 2006 9:14 pm
| JaJa wrote: |
| But if you have a laptop on the desk it's less likely to invite inspection than if you have a DS out. |
That's why you keep the DS Lite in your pocket while you work, with a pair of white earbuds sticking out of it. Then people can't tell it from an iPod.
_________________
-- Where is he?
-- Who?
-- You know, the human.
-- I think he moved to Tilwick.
#98995 - Lynx - Fri Aug 18, 2006 11:47 pm
Either way, if you are sneaking something in, it's most likely not your job to be testing the security anyway!
_________________
NDS Homebrew Roms & Reviews
#99037 - tepples - Sat Aug 19, 2006 5:48 am
| Lynx wrote: |
| Either way, if you are sneaking something in, it's most likely not your job to be testing the security anyway! |
As I said, if part of the test is whether the guards will let you sneak something in...
_________________
-- Where is he?
-- Who?
-- You know, the human.
-- I think he moved to Tilwick.
#99178 - Lynx - Sat Aug 19, 2006 11:15 pm
Uhh.. ok sure.. if you say so.. I worked in a high security facility. The people that test facility security aren't normally the same people that test network security. If a facility is letting kids in with their "game boy" then I would say you don't have much security at all.. Anyone can easily stuff a DS down their pants.. if you have entry security so tight you can see what is in their pants, then DS or Laptop, your not going to get in with it.
But, being realistic. If you are working for a company and are supposed to be testing their network security, you WILL be using laptops and desktops to run those audits. But, if a company really cares about network security, they will be running EAP/LEAP and a DS will be useless.
If you are working for a company and are supposed to be testing facility security, you will be testing if a non-employee can access the facility. High security facility have background checks on all the employees. It's expected that you can trust them.
_________________
NDS Homebrew Roms & Reviews
#99199 - darkfader - Sun Aug 20, 2006 12:58 am
How would it possibly work with DS?
I thought the reception speed on DS is limited to 2 Mbit/s (still needs to be confirmed I think, but probably not much higher anyways).
Thus you cannot capture normal data packets at all unless there's a way to re-associate a victim host and AP at a lower speed.
For example, if you got enough unique IVs for WEP cracking in say 10 mins at 54 Mbit/s, it might take up 4.5 hours at 2 Mbit/s. But I'm pretty sure that it will somehow take up much longer :)
Btw. anyone knows if Win XP has some kind of ARP flood protection that prevents using that method to generate lots of traffic? Or perhaps the soft-AP software (ZD1211) I'm using prevents re-using the same IV for a little while?
#99213 - Lynx - Sun Aug 20, 2006 2:16 am
Leave it to DarkFader to point out what everyone else overlooked.. Hard to sniff a 54Mb connection at 2Mb.. :/ Why didn't I think of that.. :(
Oh.. And I just realized, if you are testing facility security, it won't matter if the DS actually can have a sniffer on it or not.. your testing if they will let you in with it.. Even if they ask you to turn it on.. your not going to leave your cracking tools in the DS..
_________________
NDS Homebrew Roms & Reviews
#99253 - JaJa - Sun Aug 20, 2006 9:48 am
A full penetration test should take into account physical security, and things like social engineering.
People are easier to 'hack' than machines.
It's quite easy to get people talking if you are confident.
Buuuut anyway, I'm sure I have pointed out the whole speed thing before.
Not here, but over on DSLinux.
As has Pepsiman.
_________________
LAWL HOOGE
My Blog
#99315 - tepples - Sun Aug 20, 2006 6:04 pm
| Lynx wrote: |
| If a facility is letting kids in with their "game boy" |
DS != Game Boy. DS has grown-up games such as Brain Age.
_________________
-- Where is he?
-- Who?
-- You know, the human.
-- I think he moved to Tilwick.
#99330 - Mighty Max - Sun Aug 20, 2006 7:27 pm
Oh boy.
Even if it isn't officially the "GB" trunk of the nintendo tree,
it's not really seperated from it, is it? At least i see a gba port and a lot of similarities in the hardware to the gba.
So actually get a bit tolerant. Ppl calling it a GB successor arn't that far from the truth.
PS: On the topic, chances of a wardriving app, or a capturing app are low atm. There are some restiction in lifting the packet filter of the wifi-hardware atm.
_________________
GBAMP Multiboot
#99385 - Lynx - Mon Aug 21, 2006 6:06 am
I know it's not a game boy!! My point is, if you walk into security of a facility, they will consider it a game boy. That is why I put it in quotes.
My other point is, if a facility requires REAL security, one guy (network) DOES NOT maintain or test security for the whole company. They have a network security specialist that will audit the network, Facility security expert that will audit the facility security. Untill you have worked in a high security facility, you will not understand. And if they want to really test their security, the hire outside consultants to do a live test.. and they aren't going to walk in with a Nintendo DS and expect to "sneak" it buy the security guard, as the guard isn't going to even let them in without prior authorization. Now, the store down the street may have one guy doing all the security, but that isn't a high security facility.
_________________
NDS Homebrew Roms & Reviews
#99393 - HyperHacker - Mon Aug 21, 2006 7:39 am
Yeah, those are the people who'll call your Game Gear or PSP a Game Boy. :-p It's all the same to them, they don't know and they don't care.
_________________
I'm a PSP hacker now, but I still <3 DS.
#99407 - tepples - Mon Aug 21, 2006 1:20 pm
| Lynx wrote: |
| My point is, if you walk into security of a facility, they will consider it a game boy. That is why I put it in quotes. |
But you said "kids".
In high-security facilities, what are employees allowed to bring to do on break?
_________________
-- Where is he?
-- Who?
-- You know, the human.
-- I think he moved to Tilwick.
#99473 - Lynx - Tue Aug 22, 2006 12:02 am
Make phone calls, eat a snack, and/or watch TV in the lunch room.
_________________
NDS Homebrew Roms & Reviews
#99498 - TJ - Tue Aug 22, 2006 2:03 am
| Quote: |
| Btw. anyone knows if Win XP has some kind of ARP flood protection |
Surely you jest, the operating system can just barely handle simple networking.