[PDA Security/Enumeration/Script kiddie Toolkit]

I'm still working on getting my Eagletec wlan card to work on my Zaurus 5500 to make exactly the kind of mobile hack tool you're building, and I guess the list Metatron supplied will be my guideline for most of the software I wanna run.

[Who is i440]

Damn, I don't like my chose nickname here anymore

[Getting data off a an owned machine]

I'm really looking forward to how this project will turn out.

Maybe a bit late, but here's an interesting C script for keylogging and mailing from Irongeek: http://www.irongeek.com/i.php?page=security/keylogger . Probably not useful for this project anymore, but still interesting.

Oh by the way, which C compiler did you use now, Darren?

[Getting data off a an owned machine]

In which language are you coding it? C++?

[Getting data off a an owned machine]

Thats why you pick blogs or forums where there not on the ball about spam. Must be hundreds of blogs out there where the comments sections are nothing but 200 pages of spam. You could even find a blog that appears to be dead, pick an old article and use that. If you do your research you should be able to find a suitable drop box. Hell, you could even make your own specifically for that purpose. Pick free blog account, make comments public and anon, and go to town.

Blogs, forums - webpages that take visitor's input can be closed or taken offline at any given time. Setting up your own blog means that there's traces back to you, so you'd have to take an extra step to hide those. Visitors and bots on an IRC channel can be tracked as well. Which messages you read on usenet is practically impossible to track unless they're already keeping an eye on you, so that's why I feel newsgroups are the best solution of the five discussed here so far.

[Getting data off a an owned machine]

I think channeling the information to a third party like mentioned above is the way to go.

In the days of dial-up access, we coded a little tool that would post the information to alt.test, a pr0n newsgroup, or any other group where the message would go unnoticed. Everybody had access to newsgroups with their dial-up accounts then, so you could ride on the owned user's account, and retrieve the information anonymously. A simple encryption and a flag to find it was all you needed.

It beats having the info mailed or IRC'ed to a certain account because there was no account or channel to track back to.

[FTP Networks/ Servers]

So actually the easiest and fastest way of getting free pr0n and warez is setting up an FTP server and leave it open :P

[School network? worth your time?]

Huh, at MY school, they use the newest mac G5's and have an almighty god (admin) comp that looks over everything your doing... You can't insert disks and they have limited your web use so you can only go on Google, Wikipedia, and their own home site. :shock:

Which means you can visit practically any site as long as you use Google's cache?

[Spending 10 minutes inside your target's building]

I was looking for information on how to turn my Zaurus 5500 into a fully automated info-gathering tool, when I came across this post on the Zaurus users group site: http://www.zaurususergroup.org/Article134.phtml

I haven't read it yet, but a sci-fi/hacker novel about just this subject? Awesome!

[Just a simpel (old) hardware mod]

Nice work, shame of that keyboard, though! ;)

<dutch>hoe vaak per dag haalt 'ie z'n mail op? ;)</dutch>

[Spending 10 minutes inside your target's building]

I wonder in how far you can "build" your own portable hacking device to do exactly that sort of thing. If you could have a small, cheap device with WiFi, you could just plant it in a building where it has power and can get on a wireless network, and just scan and hack away on autopilot until someone finds it. I think for a $100 worth you can have a pretty good wireless network spy kit - is that alarming or cool?

[Spending 10 minutes inside your target's building]

I was wondering how real the threat of mobile devices with WiFi support is. How much "damage" can be done when someone walks into the place they wanna target with a PDA in their back pocket, and spend 10 minutes there with the PDA running security tools? What sort data can you collect that way? Is that data useful in cracking WEP/WAP, or obtaining sensitive information from sniffed packets?

[School network? worth your time?]

Our school had an old school Novell network under DOS. It wasn't old school back then, though, since we're talking about '90 or so... We had three-letter logins, and knowing only 90% of the people showed up who were supposed to come to school, there were a lot of accounts of which the password remained the default "password".

We wrote a small scanner in Turbo Pascal (check it out here) which kept us busy scanning for accounts, and guessing their password by using the default password or the info that showed up with the scanner (first and last name, etc).

Good fun it was!

[Movie]

chech out http://www.binrev.com/projects/hackermovies/index.php

Nice list. 2 movies I had forgot. The arrival with Charlie Sheehan looking just like Gordon Freeman. :)

Catch me if you can. Hacking the banking system and a true story.

and on the rewatchable movies. Jaws ftw

I found this site by following a couple of links in that hackermovies list: http://mike.passwall.com/uselesstrivia.html ... it lists some very cool movies, one of which I have been looking for for a loooooong time! Woot!!

[Movie]

Track Down, The one about Kevin Mitnick...Not "so" true to the story, but entertaining and made in "modern" times.

http://www.imdb.com/title/tt0159784/

PS-IMDB lists it as Takedown, but its actual title is Track Down

I own and know it as Takedown, never heard of it being called Track Down.

For laughs, cool early 80's computer equipment and total bullpoop hacking scenarios I recommend the WarGames rip-off Terminal Entry: http://zxql3000.net/nerd/nerdmovies.php

And the sexy Joy Stricks is full of 80's arcade machines and sleaze, no hacking though. But definately one for late at night with a couple of beers!

[Hacker Backpack]

What would you recomend for a PDA which isnt to much but is still good ?

Well, that Zaurus was pretty spiffy, and at 150 euros would've been a pretty nice deal, but alas, no dice.

Perhaps that Zipit thing is worth the 100 bucks, but it would be pretty much purpose-built for this use.

I still think an iPaq is a decent device for this sort of thing, but I think they're a bit too expensive for what you're getting.

I'm hoping Metatron will pitch in with some suggestions here as he seems to be the more knowledgable one on this topic.

I got my Zaurus from a diffent site, so it wasn't me! I got mine for 100 euro's, that's about 130 US$ I suppose. I won a Zipit offa ebay for $60, so I'm gonna experiment with both soon.

But on the question of which PDA to reccomend: that Zaurus thing seems to be the best choice, since you get a color screen, fairly modern PDA with all the functionality you'd expect, plus you can just run Linux on it like that. There's lots of security tools ported for it already so it can be turned into a packet sniffing, warwalking little box of fun in a short time.

But the Zipit is definately your cheapest choice, and requires some cool hacking to pimp it with extra memory and stuff, and comes standard with good Wifi reception.

[Hacker Backpack]

I just sorta accidently bought a Zipit *and* a Zaurus 5500 so I hope to share my experiences soon :D

[Hacker Backpack]

I'm from Weert, in the south of the Netherlands. My buddy and me are probably the only ones doing some wardriving here, totally inspired by Hak.5 ;)

I agree that a handheld like the Zipit would become absolute in a few short years, but on the other hand - it's a hackable toy for less than $99. The other option I'm considering right now is the Sharp Zaurus 5500 which looks like a neat, compact hacking "swiss knife" but it's $250 to $300, depending where you buy it.

And ofcouse both these things aren't for sale in Europe :(

[Hacker Backpack]

It might've been cool if it came with a PCMCIA slot so you could expand it a bit.

Hey, a fellow Dutch Hak.5 fan! :)

There is a hack for it where you can hook it up to your PC via RS232 (if WiFi fails for some reason), and a memory expansion through a miniSD card socket. Basically that gives you a cheap, Linux running portable WiFi device.

I can't really decide though if I just shouldn't put in some extra money and go for a PDA that would be better for warwalking.

[Hacker Backpack]

How about if you can't take your full backpack? This little device seems like an ideal hacker's "Swiss knife": Zipit. Would be cool to run a sniffer on this, and be warwalking/wardriving with a handheld for under $99. Anybody got experience with the Zipit, or suggestions for a better handheld?

[Portable hacking device]

http://www.irongeek.com/i.php?submenu=zaur...urus/zaurusmain

That looks cool. It's more expensive as the Zipit though, and the Zipit has WiFi built into it, it seems, plus more support of a community. I have been reading about this device for a few hours now and it's definately my favorite so far.

But ofcourse, suggestions for other cheap, handheld hackboxes are welcome.

[Portable hacking device]

Hey guys, I was wondering if any of you are using a PDA or some other sort of handheld device for hacking. I would love to have a little, portable device for fun, a little hacking, and/or just chatting or surfing.

I was looking into the Zipit (http://elinux.org/wiki/ZipIt) because it sounds very interesting and is quite cheap, but I was also looking at various mobile phones or even the GP2X (http://en.wikipedia.org/wiki/GP2X), but that unfortunaly doesn't support WiFi or other communication.