Apple Iphone and the US Government

Apple_logo_black.svgMany of you have seen the news about the Federal Government telling Apple that they must develop a back door to allow them to access the Apple iPhone of the San Bernardino Shooters. If you haven’t read about it, here is a link to the letter from Apple, link. Some will say that not complying with the court order is unpatriotic and a threat to national security. Others will say that it is a violation of privacy.

I agree with Apple on this one. If this backdoor was created, it would be used across all Apple Products (if you’re unfamiliar with back doors, click here). So, whats the big deal? The big deal is that this backdoor can be exploited by anyone, not just court ordered requests by the FBI or NSA (if they even get a warrant). This means hackers could use this backdoor to grab data, images, videos, emails and so forth from your phone.

Think I’m crazy? Of course you do. Well, let me explain some back doors that have caused issues in the past. Have you ever heard of lawful intercept? This is a program designed by telecom companies to allow government agencies to wiretap phone calls. In 2004, this was exploited by hackers (most likely US Intel agencies) to listen into Greek Government officials phone calls, link.

Also, let us not forget that some agencies are beginning to purchase devices that can copy all of your cell phone’s data in minutes. Now-a-days, cell phones are not just for phone calls. They are more complex than the computers used to send men to the moon. Smartphones allow for people to carry all of their private data with them at all times. This includes, but not limited to; pictures, bank records, emails, texts, documents, and so forth.  The 4th amendment should protect us from this as “paper” has been replaced with electronic, but this does not seem to be the case.

Before you judge me (again) as some crazy, anti-establishment person, let me tell you that I’m all for security of this great nation. I will do anything to protect my country, my fellow Americans and have sacrificed for my country and community many times over. I just agree with the words of Ben Franklin, “Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.” It’s not that I don’t agree with helping out, I just don’t want easy technology to be exploitable by the wrong people, be it a foreign state or a hacker group, or used unlawfully in anyway. Just my two cents.

415 total views, no views today

My Pen Testing Tool Kit

When I first became interested in Pen Testing I had no idea where to begin or the tools to use. In this blog I will cover the tools I use most often and their purpose. Every kit is different, but this is what I use the most.

Here is my list, I will discuss each item in detail:

  1. Kali Linux
    A. Installed on HP 110 Netbook
  2. Alfa AWUSO36NH Wireless Adapter
  3. Wifi Pineapple
  4. 2 x Yagi Wifi antennas
  5. USB Rubber Ducky
  6. NooElec USB RTL-SDR
  7. Maxpedition Lunada Gearslinger Bag


Kali Linux

When I first started getting into Pen Testing I was trained on CentOS then I moved to Backtrack. I’ve now moved to Kali, which most people are now are using. Granted, you can use any OS you want for Pen Testing, and usually I have to use different ones, but Kali has almost all the tools in one place.

I installed Kali on an old HP Mini 110 netbook. It is not the fastest, but it does fine for running scans and exploits. If you are attempting to do something processor intensive, like password cracking, it is a good idea to run this on a machine that has more power.

This leads me to the next feature with Kali. Kali gives you the option to create a bootable USB image. This link covers how to set that up. The good thing about having a bootable USB is that you do not have to install the OS on your machine to use it. Just run it in live mode and you’re good to go.

The last option for running Kali is to run it as a virtual machine, which I do use regularly. I personally use VirtualBox whenever I do virtual machines. VirtualBox is free and has a lot of helpful articles. Kali actually has images available for download forVirtualBox and WMware.

 Alfa Network Wireless Adapter

In my opinion there are two easy ways into someone’s network. The first is to “ask,” for access via social engineering. The second is wireless exploitation. Wireless testing is one of my favorite aspects of pen testing. I use a Alfa AWUSO36NH Wireless Adapter for wireless testing. The Alfa adapter allows you to run WiFi scans to determine encryption on networks, network names, MAC addresses, and also inject packets back into the networks you are trying to test. With this tool you can crack WEP in no time, capture WPA2 handshakes for offline cracking, and exploit WPS enabled Access Points. You can also use different antennas, like the Yagi ones in my kit.

WiFi Pineapple

The WiFi Pineapple is another wireless auditing tool. It comes with two antennas, which can be swapped for other antennas. The Pineapple can do recon of access points in an area, exploits on those access points, or act a free, open WiFi network. If a person were to connect to the open network you can utilize the Pineapple to act as a man in the middle and strip out packets, spoof DNS, capture credentials, and much more. The WiFi Pineapple is sold by Hak5 and is a great, fun tool to use.

Yagi WiFi antennas

To help increase the distance for my wireless testing I purchased two directional Yagi Antennas. These antennas can connect to the Alpha Networks Card or the WiFi Pineapple. These antennas were around $20 dollars for the two on EBay.

USB Rubber Ducky

The USB Rubber Ducky is the ultimate Social Engineering tool. This looks like a common thumb drive, but it is far from that. It is actually a keystroke injection attack platform. Basically it acts like a keyboard when plugged into a person’s machine and automatically types out commands. The commands are placed on the rubber ducky via a simple scripting language, saved to a Micro SD card, and inserted into the rubber ducky. These scripts can execute programs, save files and FTP them to remote locations, insert backdoor connections to machines, and many more things. A pen tester could drop the device in a common area in the hopes a user will plug it in. The rubber ducky can execute commands very quickly, making it an ideal tool to use when testing physical security. If you are able to get in front of a machine, plug the rubber ducky in and let it run the scripted commands while you do some more exploring around the complex. Of course, you’ll need to have it configured prior to using it.


The NooElec USB RTL-SDR is a mini Software Defined Radio USB device. It comes with a small antenna, but you can purchase a larger replacement if you want. With SDR, a pen tester could test anything that run over radio waves, not just WiFi. Things such as smart meters and RFIDs are a few examples. I’m new to SDR, but have had some fun with it like picking up the local Fire/EMS/Police dispatch. This device is very inexpensive, around $20.

Maxpedition Lunada Gearslinger Bag

No Pen Testing kit is complete without a tacticool bag to carry it all in. The maxpedition bag is very durable and can store everything I carry, with the exception of the yagi antennas. These can actually be strapped to the sides if necessary with the use of the MOLLE system. The bag is not very big, but can pack in an IPad or netbook without a problem. Definitely a great bag for when you don’t want to tote around a full size backpack.

My pen testing tool kit took me several years to put together. I’m still modifying it all the time. This is an ever evolving game, and so should your pen testing tool kit.

322 total views, 2 views today