h4x the planet!

Shiney!!

I renewed my mobile broadband contract with Three and they give me a nice shiny Acer Aspire One!

The first thing i did was nuke the XP home and get a dual boot between XP SP3 Pro and Ubuntu 9.04

I’m going to post any fixes or issues that i come across so that anyone else having issues can get some help and so that i don’t forget what i do!

Firstly out of the box everything worked as expected apart from a few issues!

I do quite a bit of wireless security testing and aircrack worked straight away using the default Atheros drivers however the wireless LED was as dead as a dodo!  A quick google turned up the “linux-backports-modules-jaunty” package which gave the LED some life.  This did mess up aireplay’s fragmentation attack again a quick google turned up:

Note that in the latest wireless-testing & linux-2.6 kernels, as well as in compat-wireless-2.6 (but not in compat-wireless-old), there is a bug that prevents the fragmentation attack from working properly when no managed interface is brought up on the same PHY as the monitor interface. As a workaround, bring up wlan0 after creating mon0 with airmon-ng.

Aircrack Site

We now have wireless hacky fun!

I also came across this site: Ubuntu On the Acer Aspire One the site is geared towards Ubuntu 8.10 but there are some good tips for compact FireFox themes.

The Aspire also has quite a small screen and i found setting my font to a mono type size 7 did the job.  If you also install the gnome-color-choose (yank spelling of colour) you can enable the compact option which shrinks the UI down quite a bit!

Enjoy!

Been messing around with some HDR images of fluffy clouds!

Flickr account

niceeeeeeeeee

Just found these in a mates face-book account, the copious amount of alcohol bought and kept in a hotel bath all well and good until the cleaners took it all to their tiny cleaner closet and had an impromptu rave!

we got the b33r back!

Beer tastic!!!

burrrrrrrr cold!

What’s the best iPhone Twitter client?

mmmm crackberry

No not the fruit!!

We’ve been issued company mobile devices recently and i opted for the Blackberry Bold. I’m starting to like it more than my iPhone but that’s another story

Having a new gadget i was very curious about how the device communicates with the corporate network, I know RIM do a very good job securing their devices but i figured i would have a poke anyway.

One of the easiest methods of sniffing traffic between devices is performing a MITM attack where by devices’ ARP table is poisoned resulting in the targeted device’s network traffic flowing through the attacker’s device, more info: Linky

Ettercap is a great tool for performing this and it allows simple MITM attacks on SSL encrypted connections. Simply put it presents the users device with a certificate that is an exact copy of the legit site only it hasn’t been signed by an authorised CA. The user will receive an SSL error but 9 times out of 10 the cert is accepted. This allows ettercap to fully decrypt the transmitted data as it supplied the cert.

This attack has recently been highlighted with the iPhone: Linky The main issue with the iPhone (other than it can be ARP poisoned) is that the error it supplies is not verbose and users do not know what they are accepting.

I attempted this attack on the blackberry and instantly found the device closed down, all connections were killed and only sporadic DNS requests could be seen. So it seems that opportunistic attackers will NOT be able to MITM the blackberry on open wireless such as hotels etc. To view the information transmitted by the Blackberry the attacker would need to have the ability to sniff traffic on the gateway device (router etc). Not having a device that i can easily do this on i toyed with a few ideas.

I bridged the wireless and wired interfaces on my laptop and created an AD-HOC network an attempted to get the Blackberry to join it. This proved unsuccessful tho to be honest i didn’t hold much faith in it. I wanted a more permanent setup that would allow me to inspect gateway traffic easily. I dug out the old Buffalo router and flashed it with the DD-WRT firmware Linky. This was a little more difficult as expected as the router only has 4MB of storage of which 4MB is taken up with the firmware!! The DD-WRT wiki has a lot of information in relation to mounting samba shares and symlinking them to the file system. The current setup has the router mounting a samba share on my local server on which i the router accesses a tcpdump install. All dumped traffic is stored on the share allowing easy access.

At the minute this is as far as I’ve got but ill make another post once i start analysing the traffic.