Spending 10 minutes inside your target's building

[404]

I was wondering how real the threat of mobile devices with WiFi support is. How much "damage" can be done when someone walks into the place they wanna target with a PDA in their back pocket, and spend 10 minutes there with the PDA running security tools? What sort data can you collect that way? Is that data useful in cracking WEP/WAP, or obtaining sensitive information from sniffed packets?

[KoR_Wraith]

Well if the network is using WEP you can use packet sniffing to get the network key.

[macker]

If you have gained access to the wireless network you can access and steal files on desktops and servers with a little work and knowledge.

[armadaender]

If someone were running an app like ethereal on a wifi device, and the 'target's' ap was unencrypted, then you could easily pick-up anything from IM conversations to websites visited to passwords being submitted.

Breaking an encryption would be easy as well as most business have the standard 128 bit, WEP encryption and everyone here knows how easy it can be to crack the key. A wifi Treo running airsnort could be a dangerous device.

[Darren Kitchen]

Does anyone remember the buzz about that antomated wireless penetration testing tool from a while ago? I believe I hard about it on digg or sploitcast. Sounded like a little box that basically had two modes, OFF and HACK. Funny stuff.

[armadaender]

Does anyone remember the buzz about that antomated wireless penetration testing tool from a while ago? I believe I hard about it on digg or sploitcast. Sounded like a little box that basically had two modes, OFF and HACK. Funny stuff.

I believe you mean this: http://www.tgdaily.com/2006/08/30/defcon2006_janus_project/

[sentinel]

Does anyone remember the buzz about that antomated wireless penetration testing tool from a while ago? I believe I hard about it on digg or sploitcast. Sounded like a little box that basically had two modes, OFF and HACK. Funny stuff.

I believe you mean this: http://www.tgdaily.com/2006/08/30/defcon2006_janus_project/

Or more likely this: http://www.eweek.com/article2/0,1895,2003853,00.asp

[armadaender]

Or more likely this: http://www.eweek.com/article2/0,1895,2003853,00.asp

Never heard of that device, now I want one.

[404]

I wonder in how far you can "build" your own portable hacking device to do exactly that sort of thing. If you could have a small, cheap device with WiFi, you could just plant it in a building where it has power and can get on a wireless network, and just scan and hack away on autopilot until someone finds it. I think for a $100 worth you can have a pretty good wireless network spy kit - is that alarming or cool?

[ChevronX]

Maybe you could get something like a PSP to do it?

[DLSS]

Does anyone remember the buzz about that antomated wireless penetration testing tool from a while ago? I believe I hard about it on digg or sploitcast. Sounded like a little box that basically had two modes, OFF and HACK. Funny stuff.

actually i posted it on teh forums aswell: http://hak5.org/forums/viewtopic.php?t=2316

[anyedie]

I wonder in how far you can "build" your own portable hacking device to do exactly that sort of thing. If you could have a small, cheap device with WiFi, you could just plant it in a building where it has power and can get on a wireless network, and just scan and hack away on autopilot until someone finds it. I think for a $100 worth you can have a pretty good wireless network spy kit - is that alarming or cool?

is it just me... or does this sound like a challenge for wess?

[404]

I was looking for information on how to turn my Zaurus 5500 into a fully automated info-gathering tool, when I came across this post on the Zaurus users group site: http://www.zaurususergroup.org/Article134.phtml

I haven't read it yet, but a sci-fi/hacker novel about just this subject? Awesome!

[metatron]

You can do a lot of damage if you know what you're doing.