blackriver
-
Posts
43 -
Joined
-
Last visited
Posts posted by blackriver
-
-
Thanks for posting, looks good. I'll try this out on my way home.
-
I noticed your example xml calling nmap. I enabled it and ran it, saw that it started the service, but it didn't scan the connecting device (or, didn't echo back the results). I've only dabbled in Ruby with web-related stuff, I'll spend the next few days on the train reading your code and try to get more stuff working. Wifizoo, dsniff and ettercap are things I'd love to see running as well. Modules written for this version of karma would work on Jasager?
I understand your concern about getting your early ideas stolen. I'm usually coding on the GUI-front, so if you've settled on your ideas for the front-end, I am more than willing to help out if you want. I know it's motivating to work on a project with other people, that's the reason I'd love to help out!
I think getting the nmap module to work would be a good start for me -- sounds like a good introduction to getting other aps to work with karma. If you have any advice or notes to share, I'd love to hear them!
-
I'm still playing with karma, it works great. Got all the example xml's working and I have been checking the source to see how it works. I downloaded Jasager, and plan to just try it out, see where it breaks. What are your plans for the overhaul? I would love to familiarize myself with the project more by chipping in on the code.
-
Yeah, you're right -- I was too symlink-trigger-happy, and found out I should just edit the XML files. Unfortunately I don't have time to play with this again till the weekend, but I'm looking forward to playing with it again!
-
You just beat me to it, but that is exactly the process I went through as well. I ran into some specific problems for my Debian install, but that was all sorted out by just reading what errors there were, and act upon it by installing dependencies or creating symbolic links.
-
You mentioned the default dhcp server for Debian doesn't work well with karma, but I haven't found any errors yet. Is it really necessary to run the one from isc.org you suggested?
So far it's all working nicely, and I'm watching the new Jasager threads with great interest. I hope to give running Jasager on the Eee a shot, see where we end up :)
-
Thanks, I did just that. The patches are now in place and madwifi-ng is working, so I thinking that all went fine. I just got karma working on the example XML scripts, and it starts without errors. I can't connect to my karma AP, and the SSID won't show up, but I just got started so I'm gonna try some more.
Thanks for the link to karma, by the way.
Edit - got the problems sorted out by making symbolic links (or edit the paths in the scripts) to stuff it needed, and all's well now. I just connected to my Eee's fake AP :)
-
I'm stuck for now on applying the patches, as I have no room left on my Eee to install the kernel sources needed to make them. I gotta clean up first and make some room. Is there anything else I'm gonna be needing to apply the patches?
-
I might be the one who'd asked for the copy of karma :) My system is a Eee 701 running Debian, so I guess Tominator and I are trying to do the same thing.
I'm a coder myself but haven't built wireless applications yet, so I'm kinda hoping this will bring up an opportunity for me to get my hands dirty and help out and learn. If there's anything I can do for the modified Jasager-for-laptops vesion, I'd love to hear it!
-
Update:
I sat down at one of these signs again and tried to pick up anything bluetooth/wifi-like again, this time using several other tools (particularly Kismet). No signal whatsoever. It was too crowded to see how to open one of these, but it looks like high quality stuff so I'm sure its locked properly.
On the social engineering front, I'm still awaiting documentation per email, but the person at the company insists on calling me over the phone... I'll have to see how that turns out.
-
The second book in the awesome WIZZYWIG series has been released! It can be ordered for the ridiculously small fee of $15, and for that you get a beautiful graphic novel filled to the brim with hacker culture. I haven't actually got my copy yet (the book has just been released) but I loved WIZZYWIG #1 and I'm sure the Hak5 crowd will as well.
-
I have been digging deeper and found a couple of older posts on linux/tech forums by some of the company's employees. These contain some interesting tid-bits about projects they were working on, that sound very similar to something you'd find in these LED displays.
I can't but guess right now, but it seems indeed very likely they're using a GPRS modem setup like metatron suggests. I'll be taking a closer look (and taking pics) next time I'm near one of these signs again, see if I can open them up and take a look inside.
Also, a quick glance over the Wavecom documentation you can find online, learns that they also offer a web interface for the back-end to their products. It might pay off to dig into this, and find out more about the other side of the communication. I know the company that builds the displays has their own software suite to enable communication too.
(ps. DingleBerries, I'm not sure what you mean, but by all means be involved. I'm not at all looking for a "mass exploit" thing, I just wanna poke these displays with a stick and see what happens)
-
As I mentioned in my first post, I've already gathered all the info available online from the brands and models that are out there, but none disclose exactly what method they use in the documentation. Like thegubble suggested, I've already emailed the manufacturer of the signs in my neighbourhood with specific questions and I'm awaiting response.
I have also sat down close to one of these signs and sniffed for bluetooth/wireless info (using btscanner and airodump-ng) but unfortunately didn't pick anything up. I should try again with kismet as it seems to be better at picking up cloacked ESSIDs.
As for cellular/GSM data, I have been googling a bit and it seems one's going to need serious equipment to intercept/sniff its data, or even the phone number of the GSM device inside.
-
I was wondering if anybody every dug into how these signs work.
I have been googling some of the brands and types that I've encountered in my neighbourhood, and reading the documentation I could get my hands on. I'm interested in how these signs get updated with new text. The docs all stay pretty vague on this subject: usually they mention a "wireless method", and list bluetooth, wireless/wifi, or GSM/phone as possibilities.
I don't know how bluetooth or wireless could be useful, as you'd still have to drive over to the sign (if it's a fair distance from the building where the owner is) to be in close enough promixity. GSM (mobile phone) sounds like a better solution.
The signs I see around here are the same as on the pic, except they have a small 6" antenna on top. Is this a sign of GSM technology? (As I don't see any modern phones needing such an antenna). Is this interceptable in any way with "hobby hardware"?
I'd love to brainstorm about this with interested people.
-
Cheers, thanks for clarifying this for me. I've taken a look at your site and see that you have released karma specifically for the Eee, so I'm going to play around with that when time permits. No need to make a tarball of the newest version just for me -- I'll be keeping an eye on the project and pick up any new versions when they appear.
-
Thanks for the info!
Edit: would you mind elaborating on why Karma, as opposed to Karmasploit? Or did you mean Karmasploit?
-
I found the show through Revision3 and I'm loving it. I'm interested in Jasager and have been reading up on it. I'm not in the possesion of a FON yet, so in anticipation I started working with Karmasploit, and then airbase-ng. There's a thread on this forum about how airbase-ng can be used to basically do the same stuff as Jasager, which was really helpful.
I have a question though: is there anything you can do when you can't share internet? My PC finds my airbase-ng generated AP frpm my laptop and tries to connect, but disconnects because it thinks it's down. I haven't set up my laptop to have a dhcp server running to share my network.
I was wondering if there's still a possibility to set up a basic connection, so I can do a portscan with nmap on the connecting client?
EEE PC OS
in Questions
Posted
A naked Debian install plus Fluxbox/Blackbox as you window manager will easily fit on a 2GB. Check out http://wiki.debian.org/DebianEeePC for instructions.