Friday, 27 July 2007

AutoScan 1.01 on the Nokia N800

The N800 makes a great portable network security device. Here's a nice easy to use tool to add to its toolbox.

It's called AutoScan (follow the link to download and get the Nokia 770 arm binary) and, not surprisingly, it's a scanner. What's cool about it is it sports a well classy GUI, so once it's taken a good look at your network it gives you a nice graphic view of what's connected, what OSes are running, and what ports are open.

Those familiar with AutoScan on an x86 system will know that AutoScan has plenty more features up its sleeve such as the ability to run Python and Perl scripts from within the app, but many of these advanced functions tend to freeze or are inaccessible on the N800.

Still, the basic functions work well and if you have a few idle moments and are sitting around with your N800 you can do a lot worse than run a quick AutoScan for a rough and ready guide to what's connected and, perhaps, vulnerable.

It's not a complete alternative to Nmap and it has its bugs in the N800, but it's still worth taking a look at if you're interested in network security...

Wednesday, 25 July 2007

Proporta Case for Nokia N800


It's a beautiful thing, the N800, but without a case to put it in it's pretty hard to carry it around. The screen is delicate and easily scratched or smashed. And the grey sock that Nokia provide as a cover is a complete joke.

There are lots of cases available, but here's a particularly good one - the Proporta Alu-Leather case.

The best thing about it is the flap that covers the N800's screen. The whole case is made of nice matt-black leather, but the screen cover has a ruddy great sheet of aluminium sandwiched between two layers of the cow-hide. This means you can chuck your N800 in your bag, jacket pocket, Scott eVest or wherever, secure in the knowledge that even if you or a fat friend sits on your N800 it won't get squashed.

Which has got to be worth the $34.95 / £26.95 that Proporta want for it. OK, it's not cheap, but it's leather, it looks nice, and it works. Function AND form. What more can you ask for?


Thursday, 19 July 2007

SVN for N800

There's a working SVN (Subversion) client for the N800. Only just found out about it. If you are lucky you can use it to update Metasploit from time to time.

Which is nice

You can grab SVN here:

http://downloads.maemo.org/product/subversion/

To update Metasploit go to its folder and type:

svn update

Tuesday, 17 July 2007

A quick way to fire up OpenVPN on your Nokia N800

Here's a nice shortcut to start OpenVPN once you've got it installed, because life is too short to type endless commands into an N800. Basically, it uses a very simple shell script.

It assumes you've already installed becomeroot; if you haven't then go and install it straight away. It's simply the way to become root these days and everyone is using it.
Darling.

The shell script itself is this:

#!/bin/sh
/etc/openvpn/openvpn --config n800remote.ovpn

NOTE: if your OpenVPN config file is called something other than n800remote.ovpn then you will obviously need to edit this script to reflect that.


So:

1. Download the script, called vpn, to the documents folder on your N800:

vpn

2. Transfer the file vpn to the /usr/bin/ folder on your N800 by starting up an Xterm window and typing
cd /home/user/MyDocs/.documents/
then
mv vpn /usr/bin/


3. Lastly, make sure the vpn script is executable by typing:
cd /usr/bin/
chmod 755 vpn

(You shouldn't need to do this step, but it doesn't hurt and it's good to get in to the habit.)

4. That's it! Now all you need to do to start OpenVPN is start an xterm window and become root by typing:

sudo gainroot

Then, from the # prompt, type

vpn

and OpenVPN will start up.

All thanks to the wonders of shell scripting! You Linux god, you.

Actually there are other, more efficient ways of doing this, but I just like scripting.

Sunday, 15 July 2007

Installing and running OpenVPN on the Nokia N800

Here's how to get OpenVPN up and running on your N800. Once you have done this you can use the Internet securely from any Internet connection you come across by tunnelling the connection to your home Internet connection. It took me ages to get OpenVPN working on my N800 - hopefully this will save you some time. So roll your sleeves up and let's get on with it....

Installing OpenVPN on your home computer

1. The first thing to do is to install OpenVPN on your home machine. This will be the OpenVPN server. You can download OpenVPN2 for Linux from

http://openvpn.net/download.html

If you are using Windows at home I'd recommend installing the GUI version of OpenVPN2 instead, which you can download from:

http://openvpn.se/

2. The next bit is a bit tricky - you need to generate certificates and keys. Basically, since you are going to be encrypting stuff, you need these so that both your home computer (the server) and your N800 (the client) can encode and decode stuff they exchange.

The best way to do this is simply to follow the instructions at:

http://openvpn.net/howto.html#pki

3. The final step is to make a configuration file for OpenVPN on your home computer. Use this one for a Windows system, by copying it into a text file, naming it n800.ovpn, and putting it in the config folder in your OpenVPN folder, which will be in Program Files. If you are using Linux, you'll have to change the ca.crt, server.crt and server.key paths to wherever they are meant to be stored - if you are smart enough to use Linux you'll figure it out, but I think it is /etc/openvpn/

#### config file start######

dev tun
proto udp

# Server and client IP and Pool
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt

# Certificates for VPN Authentication
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.crt"
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.key"


# This file should be kept secret
dh "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\dh1024.pem"


# Routes to push to the client
#NOTE - you must
change 192.168.0.0 below
# to your gateway address

push "route 192.168.0.0 255.255.255.0"

# route all traffic through vpn
push "redirect-gateway def1"

# Use compression on the VPN link
comp-lzo

# change 100.100.100.100 to a suitable DNS server (probably at your ISP)
push "dhcp-option DNS 100.100.100.100"


# Make the link more resistent to connection failures
keepalive 10 60
ping-timer-rem
persist-tun
persist-key

####config file finish######

To run the OpenVPN server from OpenVPNGui, start OpenVPNGui, right click in the icon in the system tray, go to N800, and click connect. In Linux, I think you need to navigate to the /etc/openvpn/ folder and run openvpn --config n800.ovpn

From memory, that should be working now. You'll get a whole sequence of messages, culminating in something like:

Mon Jul 16 08:09:18 2007 Initialization Sequence Completed

Configuring your router

For OpenVPN to work, your home PC is going to need to have the same local IP address all the time. The easiest way to do this is to find the option in your router to make a particular computer's IP address fixed. So if it has been assigned the IP address 192.168.0.5, click on the "fix" or "make static" button (or whatever else your router calls it) to ensure your computer is always assigned this IP address when it starts) This option can be hard to find, but is often in a section with a name like LAN management. If you can't find it, you'll have to set your computer up with a fixed IP address - if you don't know how to do this you can find out by Googling!

Now log in to your router, and find the page that says something like "Advanced Routing" or "Manual Routing."

You'll need to make the following entry:

Route name: OpenVPN
Destination LAN IP: 10.8.0.0
Subnet Mask: 255.255.255.252
Default Gateway: 192.168.X.X (change this to the IP address of your home computer)
Interface: LAN and Wireless

Save the changes you have just made, then find the page for Port Forwarding, and add this:

Name: OpenVPN
Protocol: UDP
Starting Port: 1194
End Port: 1194
Forward to: 192.168.X.X (change this to the IP address of your home computer)

Save changes and reboot your router.

Installing OpenVPN on your N800

Note: Become root before you do install and run OpenVPN

4. First of all, you are going to need three files. These were made available by Laurent Guerby - cheers Laurent, good work mate! - but to save his bandwidth you can download all three from here:
openvpn_2.0-1maemo2_armel.deb
liblzo1_1.08-3_armel.deb
openvpn

5. Now install openvpn_2.0-1maemo2_armel.deb. You can do this by going to the N800's application manager, finding the option to Install from file... on the Application menu , and clicking on 2.0-1maemo2_armel.deb in the location you just downloaded it to.

6. Do the same with liblzo1_1.08-3_armel.deb

7. Now you've installed these two files you need to overwrite the file called openvpn which is located in /usr/sbin/ on your n800 with the file called openvpn which you just downloaded. You can do this by going to the folder into which you just downloaded the file called openvpn in a terminal window and doing this command:

mv -f openvpn /usr/sbin/

8. You'll find that you now have a folder /etc/openvpn/ and that's the folder into which we now need to copy 4 files. These are the ca.crt, client.crt and client.key files you generated in step 2, and which should be on your server machine, and a config file which we will come to in a minute. (Note: they may be called client1.crt and client1.key or even client2.crt and client2.key)

So figure out a way to get the first three files off your server machine onto your N800. The easiest way may be to connect your N800 by USB and copy the 3 files onto one of the N800's memory cards. If you copy them to your external card, you can then go to a terminal window and do:

mv /media/mmc1/ca.crt /etc/openvpn/
mv /media/mmc1/client.crt /etc/openvpn/
mv /media/mmc1/client.key /etc/openvpn/

This will move the three files to /etc/openvpn/ - which is exactly where we want them!


7. Finally, you need a config file to put into /etc/openvpn/

To do this, download this config file onto your home computer:
n800remote.ovpn

Then you need to open the file in a text editor like notepad of kate, and edit it where indicated in the text of the file by adding your home IP address (if you have a fixed IP address.) If you have a dynamic IP address assigned by your ISP each time you connect to the Internet then don't worry - you can get round this by getting a free dyndns domain name from:
dyndns.org

and putting it in instead of your home IP address.

Save the changes you have made to the n800remote.ovpn and close it, and then copy it to /etc/openvpn in the same way you did with the .crt and .key files

8. Nearly done. We're just about ready to go, except that you are going to have to tell your router to forward the packets that your N800 sends to your home IP address on port 1194 (the default OpenVPN port) to your home computer running OpenVPN.

How to do this will depend on what make of router you have, but basically you log on to your router, and there's probably an option for port forwarding, and you just enter port number (1194) and the IP address of the computer running OpenVPN (probably something like 192.168.0.2). Save the changes and reboot the router for this to take effect.

9. Phew! That's it. you are ready to go. Make sure you are connected to the Internet from a remote location (ie not using your home Intenet connection) and open a terminal window. Make sure you are root, and type:
cd /etc/openvpn/
openvpn --config n800remote.ovpn


and if all went according to plan you'll see a load of stuff scroll down the screen, which will finish with:

Initialization Sequence Completed

The easiest way to check it is working as you expect is to fire up the N800 browser and go to:
www.whatsmyip.org

If all is well, you'll get the IP address of your home computer, not the IP address of the Internet connection you are using.

Easy, wasn't it? Actually, don't be alarmed of it doesn't work first go. It took me four or five attempts before the darn thing would work. Read any error messages, and try and figure out what is wrong, or leave a question in the comments section.

Tuesday, 10 July 2007

Installing Metasploit Framework 3 on a Nokia N800

Here's a little step-through to get Metasploit running. Version 0.1

1. Download the framework 3 tarball from
http://www.metasploit.com/ into a folder

2. use tar -xvzf to open the tarball. Metasploit is written in Ruby, so it doesn't need installing per se, but you will need a load of Ruby stuff in order to run it.... So here goes.

3. Head over to
http://pierre.droids-corp.org/maemo/ and download the .debs you'll find there into a new folder. (Actually you don't need to download the scapy .deb so you only need to download four)

4. Next, click on the gems folder on that page, which will take you to
http://pierre.droids-corp.org/maemo/gems/ , and download the 7 .gem files.

Pause here to thank Pierre for his sterling work - cheers, French geezer!

5. Alright. Enough silliness. Here's where the hard work starts. Go to the N800's application manager, and on the Application menu find the option to Install from file..., and install ruby_1.8.5-p3_armel.deb and rubygems_0.9.2_armel.deb from the folder into which you just downloaded them.

6. At this point some sages suggest you update rubygems. If you want to do this, open a terminal window and type gem update --system. (Note: there's a space between update and --system. You may need to be root to do this, I can't remember)

7. OK. Now it's time to install the gems, and it it's rather important that you do so in the right order. That's because some people have reported that you'll bugger the installation if you get it wrong. Personally I have done it twice in the following order and had no problems, so I recommend you do so too.

What you want to do is go back to your terminal session, and go to the directory into which you downloaded the gems onto your N800. If you don't do this your N800 will try to get them off the Internet and fail. Now you're going to type gem install followed by the name of the gem you want to install.

So, first of all, type:
gem install activesupport-1.4.1.gem

Then go and have a cup of tea and a bun, because it takes about 10 to 20 minutes to install the gem plus its accompanying ri and rdoc files.

When you get back your command prompt, type

gem install activerecord-1.15.2.gem

repeat this gem install procedure for the following gems in the following order:

actionpack-1.13.2.gem
actionmailer-1.3.2.gem
actionwebservice-1.2.2.gem
rake-0.7.1.gem
rails-1.2.2.gem


(thanks go to negen for publising this installation order)

If all goes well then welcome aboard - you're riding the rails!



8. A few more things to install: go to the App manager again and install from file the following debs you downloaded earlier:
sqlite3-ruby_1.2.1_armel.deb
and
nmap_4.20_armel.deb

9. Now you should be done, unless I have forgotten anything. Using your terminal, as root, head over to the folder where you put Metasploit - probably called something like framework3 inside a Metasploit3 directory, and run ./msfweb to run the web interface, or ./msfconsole for the console.

It all runs slooow on the N800, so be patient when waiting for thing to happen.

10. If you want to check out the auto_pwn feature you need to do this after having run ./msfconsole

>load db_sqlite3
>db_create pentest
(or evilhacker or any other name you want to use in place of pentest)
>db_nmap 192.168.0.* (or whatever network you want to test. You do have permission don't you?)


>db_autopwn -t

The -t option will just test the autopwn feature. Change that to -e if you want to carry out any possible exploits and face the consequences if you bring down any machines....


That's about it. I am bound to have forgotten something but I'll correct and update as necessary. Thanks to all the various people who left enough info on the web and especially Internettablettalk for me to compile this.






 
© Copyright 2007-2008