Tag: weaponizing

Smart Phone Privacy and Steps Towards Anonymizing the Nokia N900

by on May.07, 2011, under Posts

Within current times a lot of people are now using and relying on smart phones. Part of what makes these devices so ‘smart’, is their ability to gather information on the user and use this information to better serve the user. Per contra, the problem with this is that a lot of private information is being gathered which can include longitude and latitude coordinates.

Even when you take pictures with some smart phones, longitude and latitude information can be tagged on as metadata. (See: http://icanstalku.com/ )

What is ironic, is that from my personal experience and information gathering locally, a lot of people seem to not care about this or privacy. I think this is where the government needs to step in and do something. (Which the US government appears to be making steps towards this: http://www.nationaljournal.com/tech/online-privacy-concerns-fuel-drive-for-do-not-track-legislation-20110506 )

My concern with this, is that if people will really care to opt out of tracking and if they do opt out of tracking, then are the services that they use going to be a lot less useful?

Pertaining to the iPhone, I think this video gives you really good technical insight into the tracking issue: http://www.securitytube.net/video/1774

Now onto my beloved Nokia N900. I have taken steps towards anonymizing the N900 and I will show you what I did.

1.) Go to settings and then look for ‘Location’

2.) Disable GPS and disable network positioning.

3.) Under internet connections set ‘Connect automatically’ to ‘Always ask’.

4.) If you’re planning on using the N900 as a tablet and do not want to be tracked via triangulation, to mitigate this you can do as follows:

a.) Pull up the terminal and make sure you are root. (sudo gainroot)

b.) You also want to make sure you have enabled the extra repositories

c.) Install this following application via: apt-get install cell-modem-ui -y

d.) Now to enable the tablet mode and mitigate the possibility of being tracked via triangulation, click the power button on the top of the N900 and a new button should be there that says, ‘Tablet’

e.) Simply tap on this, and your N900 is now just acting as an internet tablet.

5.) tor is available for the N900, you can install this simply via: apt-get install tor -y

6.) You can use proxychains but only under a chroot environment. To use it do as follows:

a.) ssh -D 9050 user@somehost

b.)debbie bash (This is to get into the chroot environment without having to start a GUI session. 🙂 )

c.) proxychains ssh user@someotherhost

7.) You can spoof the MAC address of the wlan0 interface via: (as root) ifconfig wlan0 hw ether 00:12:34:56:78:90

8.) To change MicroB’s user agent string have a look at: http://gerrymoth.co.uk/?p=108

9.) When you first open the lens cover to the camera, you can opt out of adding metadata to your pictures.

10.) Truecrypt is available, however full disk encryption is not available for the N900 or any phone I can think of. I have heard that DARPA is working on a project related to this for iPhones and Androids. ( http://www.infosecurity-us.com/view/17340/darpa-working-on-full-disk-encryption-for-iphone-and-android/ )

This concerns me a bit because I’m a resident of Michigan… ( http://www.thenewspaper.com/news/34/3458.asp )

I hope this information is helpful to you and if you have anymore ideas on anonymizing the Nokia N900 please feel free to send me an e-mail or leave a comment.

1 Comment :, , , , , , , , , , , , , , , , , , , , , , , , , , , , more...

Weaponizing the Nokia N900 – Part 3.5

by on Feb.13, 2011, under Posts

Due to my love of hand held devices that can be used for penetration testing, I have obtained a Nokia N900 for relatively cheap on eBay. A brand new N900 will burn you a hole about the size of $399 USD in your pocket. However, I obtained mine (a refurbished one) for about $285.

Granted this device is now 2 years old but in my opinion it can be setup as a solid security assessment tool. I thought I would write a de facto continuation of the “Weaponizing the Nokia N900″ series that Infosec island has done. (I hope they don’t mind 🙂 )

With the N900 being an old man, in terms of technology, one can spruce it up a bit via overclocking. I would highly suggest to check out:

http://thehandheldblog.com/2010/07/27/how-to-easily-overclock-your-n900-in-under-two-minutes/

I have mine overclocked to 750MHZ and it seems to be running just fine. Metasploit will load in about a minute or so. Which is not nearly as bad as running Metasploit on the N810 (which I was able to do by just following the same instructions for getting Metasploit to run on the N900). The N810, the last time I checked, took 15 minutes to load Metasploit.

Bear in mind that my tips imply that you have already enabled all the extra repositories as needed, if you haven’t done so check out:

http://www.nokian900applications.com/repositories-extras-extras-devel-and-extras-testing-for-nokia-n900/

As stated and shown before, there have been guides on weaponizing the N900. However some of these guides have failed to explain certain issues that I would like to address:

1.) The ettercap-ng package from the repositories is totally broken. I ended up having to download ettercap from this forum post and follow the instructions on it appropriately:

http://talk.maemo.org/showthread.php?t=42680

2.) sslstrip will work, and you have to follow the comments addressed on this web page to get it setup along with a few other things:

http://www.knownokia.ca/2010/04/using-n900-for-fun-and-profit.html

a.) You have to install iptables  (apt-get install iptables)

b.) You have to install another python package, (apt-get install python-openssl)

3.) The Metasploit package comes in in a tar.bz2 format. For some odd reason, the version of tar (the busy-box version) cannot do ‘-xjf’. So either you have to install the gnu version of tar or put metasploit on a computer that can extract it and put it into a format that can be decompressed on the n900.

4.) I wasn’t able to find netcat in the repositories. If you’re in the same boat, you’ll have to port it over or get a chroot environment setup. (easydebian)

Lastly, here is my original way of weaponizing the n900 even more so.

You’ll need a MicroSD card that you’re currently not using and you don’t mind wiping it and making it bootable. Also, you’re going to need BackBox iso (yes.. not BackTrack 4, I will explain later) and unetbootin.

Obtain BackBox from:

http://www.backbox.org/content/download

Obtain unetbootin from:

http://unetbootin.sourceforge.net/

1.) Install your Microsd card into the N900, by removing the back plate.

2.) Connect your n900 via the USB cable that came with it to your N900.

3.) When you get a prompt on your n900 from connecting it to your computer, choose the Mass storage device mode.

4.) Now, 2 drives should show up, (depending on if you’re using Windows or if you have automount setup under Linux). The drive that is the size of your MicroSD card, is your MicroSD card. (I know.. DUH)

5.) Fire up unetbootin, select Diskimage option, locate where you downloaded the BackBox iso and select it.

6.) Make sure you have the correct drive selected and finally click ‘OK’.

7.) Once the process is done, reboot your computer.

8.) Hit F2 (or it could be other keys, like F9) for your BIOS or better yet if there is an option for a boot menu, hit that key.

9.) Select to boot off of the N900 (some BIOS will show two and not differentiate the two, while other BIOS will state that there is a removable n900. If you’re not sure, just change your boot order to have both N900’s as the first and second boot devices. If your BIOS shows the removable N900, this is the one you want to boot off of.)

10.) Your computer should now be booting off your MicroSD card which is in your N900.

The real cool thing here, is that you can still use your N900 while the computer has booted off of your N900. So you can still make phone calls or surf the net with it.

Now you may be asking yourself, “Why would I want to do this?”. I ran through a couple scenarios in my head, the first, is if you only have one USB drive that is currently in use running, say L0phtcrack on one workstation, but you want to multitask and still explore the network further. Well you have your handy and now bootable N900. Lastly, it seems as if most computers (from my experience) don’t have a MicroSD card slot but have USB ports.

Finally, I naturally tried BackTrack 4, but it would not boot and it would shove me to a busybox shell. I didn’t feel like dealing with finding a fix at the time, so I thought I would find a different distro.

If I do more interesting and original things with my N900, I will post more.

As usual more to come…

8 Comments :, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!