Well, not exactly but close enough. This weekend project just got really interesting. Who would ever think of an innocent Apple iPad would be "pentesting" in a Starbucks. Ok, I really didn't run the proof of concept at a Starbucks, I did it in my personal sandbox. But in theory it can be done for "research" and for academic purposes. This actually started with just trying to get BT5 on my phone, a rooted Android. But after getting it to work, and running it for a few hours, I got frustrated with the small text and difficulty to enter text and special key strokes.
So in it's simplest concept, fire up the VNC server on the Android, fire up a VNC client on the iPad (tablet), and remote control to the Android. So let's light this firecracker...
Hardware:
1. Android Smart Phone (rooted): tested on AT&T HTC Inspire. Android Froyo with 8GB MicroSD.
2. Apple iPad: tested with iOS5. any working iPad will do or in this case any tablet device.
Software:
1. BackTrack 5 for Android: http://forum.xda-developers. com/showthread.php?t=1079898 - RTFM (google it if you don't know), follow instructions on how to load it on your Android.
2. Terminal Emulator for Android: this is a must to get BT5 running. It has to run rooted. A simple "SU" command on the "$" prompt will switch you to a bash "#".
3. VNC for iPad: the free VNC lite will do. You do not need the VNC Viewer ($9.99).
Notes:
1. After you get BT5 running on Android, make sure your VNC server is running. If you forgot to activate it during the initial startup, just type "startvnc".
2. The usual default port for VNC is "5900", for the BT5 on Android its "5901".
3. default username and password is both "root"
4. Obviously, the iPad and the Android have to be in the same Wifi network in the same subnet. Your "subjects" also have to be in the same Wifi network. So, you might find yourself in a pissing contest with another pentester if you happen run into one.
5. Caveat: You'll have a stealth appearance, nobody would suspect that an iPad can actually pentest, specially if you keep your Android in your bag or pocket. But you'll have 2 devices on an open network! You better have a good grip of two operating systems - Android and iOS.
6. So you say, why not just use a laptop...?? True, I agree totally. But what's the fun in that. Plus, I really like travelling light.
7. This is really a proof of concept, if you can come up of a more creative way if using your BT5 on your Android, let me know.
Happy Hunting.
So in it's simplest concept, fire up the VNC server on the Android, fire up a VNC client on the iPad (tablet), and remote control to the Android. So let's light this firecracker...
Hardware:
1. Android Smart Phone (rooted): tested on AT&T HTC Inspire. Android Froyo with 8GB MicroSD.
2. Apple iPad: tested with iOS5. any working iPad will do or in this case any tablet device.
Software:
1. BackTrack 5 for Android: http://forum.xda-developers.
2. Terminal Emulator for Android: this is a must to get BT5 running. It has to run rooted. A simple "SU" command on the "$" prompt will switch you to a bash "#".
3. VNC for iPad: the free VNC lite will do. You do not need the VNC Viewer ($9.99).
Notes:
1. After you get BT5 running on Android, make sure your VNC server is running. If you forgot to activate it during the initial startup, just type "startvnc".
2. The usual default port for VNC is "5900", for the BT5 on Android its "5901".
3. default username and password is both "root"
4. Obviously, the iPad and the Android have to be in the same Wifi network in the same subnet. Your "subjects" also have to be in the same Wifi network. So, you might find yourself in a pissing contest with another pentester if you happen run into one.
5. Caveat: You'll have a stealth appearance, nobody would suspect that an iPad can actually pentest, specially if you keep your Android in your bag or pocket. But you'll have 2 devices on an open network! You better have a good grip of two operating systems - Android and iOS.
6. So you say, why not just use a laptop...?? True, I agree totally. But what's the fun in that. Plus, I really like travelling light.
7. This is really a proof of concept, if you can come up of a more creative way if using your BT5 on your Android, let me know.
Happy Hunting.