Re: Using IPaqs or other handhelds as penetration devices

From: Matthew Leeds (mleeds@theleeds.net)
Date: Thu May 16 2002 - 15:49:23 EDT

• Next message: William Knowles: "Re: Using IPaqs or other handhelds as penetration devices"
• Previous message: Rainer Duffner: "Re: PenTesting Email AntiVirus"
• In reply to: Johann van Duyn: "Using IPaqs or other handhelds as penetration devices"
• Next in thread: William Knowles: "Re: Using IPaqs or other handhelds as penetration devices"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

There is the @stake war dialer for the Palm and their Cisco type 7 password auditor:
http://www.atstake.com/research/tools/

There is PalmCrack, a slow password cracker:
http://www.noncon.org/noncon/download.html

and there are a ton of utilities for the WinCD environment.

---Matthew
*********** REPLY SEPARATOR ***********

On 5/16/2002 at 11:18 AM Johann van Duyn wrote:

>Hi there...
>
>I was wondering whether any exploits or penetration tools exist that run on
>Compaq IPaq PDAs (running Windows CE or whatever they call it now), or any
>other handheld devices, for that matter. This is part risk analysis
>regarding the use of such devices, and part looking at using such a device
>for lightweight ad-hoc penetration or vulnerability testing.
>
>Thanks!
>
>-----------------------------------------
>Johann van Duyn, CISSP
>IT Risk and Security Manager: British American Tobacco South Africa
>Stellenbosch, South Africa
>Tel. +27 (21) 8883765
>Cel. +27 (82) 4588472
>Fax. +27 (21) 8838692
>E:mail: johann_van_duyn@bat.com
>-----------------------------------------
>"... this leads you to assume that organization is an inherent property of
>the knowledge itself,
>and that disorder and chaos are simply irrelevant forces that threaten it
>from outside.
>
>In fact it's exactly the opposite.
>
>Order is simply a thin, perilous condition we try to impose on the basic
>reality of chaos..."
>
>
>--William Gaddis, JR
>
>Confidentiality Notice: The information in this document and
>attachments is confidential and may also be legally privileged.
>It is intended only for the use of the named recipient. Internet
>communications are not secure and therefore British American
>Tobacco does not accept legal responsibility for the contents of
>this message. If you are not the intended recipient,please notify us
>immediately and then delete this document. Do not disclose the
>contents of this document to any other person, nor take any copies.
>Violation of this notice may be unlawful.
>
>
>
>----------------------------------------------------------------------------
>This list is provided by the SecurityFocus Security Intelligence Alert
>(SIA)
>Service. For more information on SecurityFocus' SIA service which
>automatically alerts you to the latest security vulnerabilities please see:
>https://alerts.securityfocus.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

• Next message: William Knowles: "Re: Using IPaqs or other handhelds as penetration devices"
• Previous message: Rainer Duffner: "Re: PenTesting Email AntiVirus"
• In reply to: Johann van Duyn: "Using IPaqs or other handhelds as penetration devices"
• Next in thread: William Knowles: "Re: Using IPaqs or other handhelds as penetration devices"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:21 EDT