Weaponizing the Nokia N900 - Part 1

Thursday, July 22, 2010

shawn merdinger


In the 80s movie "The Color of Money" there's a great scene where a player challenges Tom Cruise's character to a game. He strolls up to Vincent and says "So what you got in there?" -- to which Vincent replies. "Doom."

This is akin to how I felt a few weeks ago after I finally got ahold of a Nokia N900 smartphone. Calling it a phone is a bit of a stretch, as it is primarily a Debian Linux tablet with impressive hardware specs and a huge number of .deb packages available for installation...oh, and you can make cellular phone calls with it.

Many people use this phone, and despite some glitches it is rapidly developing into a formidable platform for security tools and penetration testing.

Broadly speaking, the objective of this series of blog posts is to introduce folks to the tools available and the potential for this phone as a security testing platform.

Given the fact I'm a bit late in obtaining this phone, some smart people out there have already started to address the n900's capabilities and available tools, and I would be remiss not to mention, and build upon, their insightful work.

The key phrase here is "build upon" and get the word out, not to steal or simply re-hash their fine work and efforts!

I've one caveat to this series of blog posts. As my n900 is for now a "production phone" for me in that I need to use it and can't brick it just yet, the path of this blog series on "Weaponizing the Nokia N900" will progress from known, tested and functioning security tools on this phone -- and therefore lower risk of bricking -- to more advanced, edgy tools that require more tweaks and modifications, such as replacing the stock kernel.

If someone out there finds this series useful, and has interest in furthering research on running security tools on the n900, I'd welcome the donation of a n900 for development and testing, and would credit them for their support. Please ping me offline if you're interested :)

NeoPwn and the Nokia N900

One project to watch in particular is the upcoming release of NeoPwn, which is based on BackTrack and bills itself as the "First Ever Network Auditing Distribution for a Mobile Phone Platform" and is due for release sometime this month, hopefully before DefCon.

I am fortunate to be in the BETA and will write up a blog post for this series on NeoPwn once I get full access to the NeoPwn toolset.

Worthy Resources on Nokia n900 Security Tools

1. Metasploit on the Nokia n900. 'Nuff said.

metaspolit n900

2. knownokia.ca Blog SimonLR wrote an excellent post on "Using the N900 for Fun and Profit" that covers several awesome tools, such as Metasploit, Dsniff, SSLstrip, Aircrack-NG, etc.

He's clearly savvy and his future blogging on tools for the n900 will be great to see.

3. Asterisk on the n900

Asterisk n900

When I added the extra package repositories to my n900, I was more than a bit surprised to see a full version of Asterisk available as a .deb package. Wow. Think about this for a moment.

One can run a full Asterisk server on a phone in their pocket. The capability of Asterisk on the n900 could enable attackers to do all sorts of mischief, such as running the SPITTER tool from their pocket as a simple example.

From a surveillance aspect, think of "bad people" with n900s in their pockets running Asterisk servers on their phones and connecting to each other point-to-point over encrypted tunnels -- now that's a challenge.

Stay tuned for more posts on "Weaponizing the Nokia N900" :)

Possibly Related Articles:
PDAs/Smart Phones
Wireless Security Management
Post Rating I Like this!
Rod MacPherson Shawn, looks like you and I think alike.

I was considering what phone I might buy if I end up having to leave my job to go private due to family reasons (not going to happen this year, but it might some day soon) I looked to see what smartphones made the most sense to me for the type of use I would have. As an IT pro of any sort, but especially as an IT security person, the ability to run abitrary Linux software on the phone is really appealing. How well did Metasploit run in your tests? Asterisk seems like an interesting add-on. I'd already thought to do that on my netbook, making the netbook sort of a remote office to my home office. :)

The Nokia N900 (or it's successor) may very well be my next phone.
shawn merdinger Hi Rod,

At this point I've not installed all of the tools I mentioned, like Metasploit, so testing is kinda limited. Fact is, I just can't brick this phone yet. Also, I've been having some SIM card recognition troubles, which seem common, and are possibly tied to a hardware issue. Still, it's a cool device, but I wouldn't rely on it...
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.