[TOOL] NetScan / MobilePenTester / PDAZap (Mobile Security Assesments)

From: SecuriTeam (support_at_securiteam.com)
Date: 07/28/03

  • Next message: SecuriTeam: "[NEWS] CPU/BIOS/OS Issue Allows Local Attacker to Cause a DoS Attack"
    To: list@securiteam.com
    Date: 28 Jul 2003 16:00:48 +0200
    
    

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    Get Thawte's New Step-by-Step SSL Guide for Apache.
    http://ad.doubleclick.net/clk;5903117;8265118;i

    - - - - - - - - -

      NetScan / MobilePenTester / PDAZap (Mobile Security Assesments)
    ------------------------------------------------------------------------

    DETAILS

    All of the following tools are for the SonyEricsson P800 platform (Symbian
    based GSM/GPRS PDA/Cellphone). The purpose of these tools is to allow
    security consultants to assess their networks from the perspective of a
    cellular telephone. The purpose of PDAZap is for anyone conducting
    incident response and/or research in the field of embedded PDA/Cellphone
    devices.

    Tool: NetScan
    Version: 1.0
    Platforms: SonyEricsson P800 (Symbian)
    MD5: 480604F6664877A9345670B74DFA8B88
    Author: Ollie Whitehouse
    Description: @stake NetScan is a very small TCP and UDP port scanner for
    the SonyEricsson P800 platform. NetScan uses AppForge libraries, requiring
    AppForge Booster for the P800 to be installed.
    URL: <http://www.atstake.com/research/tools/vulnerability_scanning/>
    http://www.atstake.com/research/tools/vulnerability_scanning/

    Tool: MobilePenTester
    Version: 1.0
    Platforms: SonyEricsson P800 (Symbian)
    MD5: 0B4641C6D238050D059D54FFD8539FEF
    Author: Ollie Whitehouse
    @stake MobilePenTester is a small application that when placed on a P800
    will allow you to perform remote assessments over a GPRS (2.5g) and/or GSM
    (2.0g) CSD data connection. The utilities contained within MobilePenTester
    are:

     o PDACat (Netcat like functionality for a PDA)
     o URLScan (common URL scanner)
     o ULookup (used to look up the numeric codes of the URL)
     o NetScan (portscanner - UDP and TCP)
     o WAPScan (a port of @stake wapscan to P800)

    URL: <http://www.atstake.com/research/tools/vulnerability_scanning/>
    http://www.atstake.com/research/tools/vulnerability_scanning/

    Tool: PDAZap
    Version: 1.0
    Platforms: SonyEricsson P800 (Symbian)
    MD5: CB6B90D52C321B92A72E743800B28B89
    Author: Ollie Whitehouse
    PDAZap is a small application that when placed on a P800 will allow you to
    image the device's flash to a Sony Memory Stick Duo. This scan be used by
    forensic investigators and/or security researchers alike.
    URL: <http://www.atstake.com/research/tools/forensic/>
    http://www.atstake.com/research/tools/forensic/

    ADDITIONAL INFORMATION

    The information has been provided by <mailto:ollie@atstake.com> Ollie
    Whitehouse.

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.


  • Next message: SecuriTeam: "[NEWS] CPU/BIOS/OS Issue Allows Local Attacker to Cause a DoS Attack"

    Relevant Pages