'

NeoPwn developer gives Linux device pwn details

The developer behind the NeoPwn mobile penetration testing device, 'Gino O', has given details of how support for the phone will work, and how he came up with the concept.Gino O got back to me with answers to some questions, which I thought ZDNet UK readers may like to see in full:"Software support is something we are offering to our customers, which will essentially boil down to monthly updates that will come in the form of .

The developer behind the NeoPwn mobile penetration testing device, 'Gino O', has given details of how support for the phone will work, and how he came up with the concept.

Gino O got back to me with answers to some questions, which I thought ZDNet UK readers may like to see in full:

"Software support is something we are offering to our customers, which will essentially boil down to monthly updates that will come in the form of .deb packages and/or diffs. These will cover any kernel changes, module support, and significant application branch updates.

We are also perpetually scaling the operating system, automation scripts and overall menu and filesystem to keep it up to date and easy to use (point and pwn).

Since Neopwn has just been launched, we can only anticipate the volume of support requests that we will receive relating to issues with the GUI’s, Dialogs, menu system, and automation scripts. I’ve personally been an active support flunky of the BackTrack distribution for quite sometime, and helping ‘newbs’ on the IRC channel and forum everyday for the last year+, my guess is that people will fail to (RTFM) scan the documentation we provide on NeoPwn’s usage.

We do have immediate plans to launch a forum and knowledge base (will be completed this week) for those that purchase NeoPwn.

Regarding hardware support, we offer the same support on the phones themselves as Openmoko offers us at time of purchase. The other devices vary (as in the USB UMTS/HSDPA modems, WLAN cards, etc).

HD Moore (creator of Metasploit) is also collaborating with us in conjunction to his project, ipwn.mobi. Our platforms have a common denominator so we have decided to partner up our projects.

You asked the question: How did I come up with the concept?

Answer: A long time obsession with porting Linux pentesting applications to PDA’s and mobile phones!

About ~3 years ago I got started with Familiar Linux on an iPaq, and always liked having Kismet in my pocket. From there, getting packet injection with the Aircrack suite seemed like mission impossible on a PDA.

Then once reverse engineering started to unfold with some of the HTC’s, I got the Blue Angel to do packet injection - which was very satisfying at the time (although there were driver issues for everything else and I couldn’t use the actual keypad).

I experimented with the HTC Universal, which to some was bulky, but to me one of the best form factors for a smartphone. It has the same wifi card as the Blue Angel, but instead of SDIO it runs on 16 bit slave memory and the driver for it was/is still very unstable.

So low and behold comes the Openmoko Neo Freerunner, with USB host mode and phone capabilities (where the Nokia N800 did not have the latter). The first thing I did was build a custom kernel and module support for the WLAN cards I commonly use. I literally hit this device head on with development, porting many of the commonly used apps found in the BackTrack distro. I’ve picked up some assistants along the way for hardware tasks.

Along the way, I adapted the missing QWERTY handicap and began to develop automation scripts, dialogs and GUI’s for most of the painstaking things that have to be done for hardware and application control from a terminal. A thousand plus hours later: the birth of NeoPwn."