[ BREIFING ]
The PalmOS is the perfect platform for hacking tools and hacking in general. I believe the security, networking, hacking, & programming potential of handhelds are far under-rated. This is not even taking into account the huge open-source factor. Fyodor (the writer and maintainer of the nmap security scanner) was quoted saying... "Nothing beats doing penetration tests from the beach using a Palm and Ricochet packet modem (or other wireless device)".
Also keep in mind that Palm devices have many other advantages: small, economical, easy to conceal, and can be taken anywhere. Here are some of the tools available...
[ TOOLS ]
Terminal: Emulation protocol/software that lets a user log in remotely to other computers or devics on the Internet; it has a command line interface. Telnet runs on top of the TCP/IP protocol...
ptelnet is a powerful communication software for the Palm Computing platform. By using the built-in TCP/IP stack (telnet mode), it acts as a Telnet Client.
TuSSH is an SSH client for Palm OS devices. It should now work with any device with Palm OS 4 or greater. I has been reproted to work with OS3.5 and greyscale devices. Devices With a hires screen can get a full 80x25 colour terminal .
pssh is a free, open-source SSH 2 client for Palm OS 5.
Top Gun ssh is an ssh (version 1) client for palmtops running PalmOS and having a TCP/IP stack.
File Access & Transfer: The following apps listed pertain to file management locally and over specific protocols...
LFtp (2004/Freeware) is a FTP client for your Palm device.
VSFTP – FTP Client
vPalmFtp (2005/Freeware) is a command line FTP client. Select up to three favorite ftp servers. Supports automatic login and PASV mode. Ideal for use with POSIX/*nix-based servers. With vPalmFtp you can upload, download, rename, chmod, etc.
Supported ftp commands: cd close chmod del dir dirld dirlm get getd macro md open pub pubm put pwd ren rd quit
Palm SMB Client (2001/Freeware) is a PalmOS client for the SMB protocol (access Windows shares from your Palm device!)
SMBMate (2004/Freeware) is the GUI SMB Client for PalmOS. The newest version of this app goes by the name WiFile.
FilePoint (2005/Shareware), a great file management tool that allows you to map remote Windows shares.
LGet (2003/Freeware) is said to be the best HTTP downloader for the PalmOS. It changes pages to Palm DOC format on the spot.
Downloader (2005/Freeware), this application enables you to download files from the internet to your Palm's memory card.
HttpTester (2002/Freeware), this program is a front end to one of the functions provided by an implementation of a small http library; the GET function. HEAD, PUT and DELETE are also available in the program but no UI has beenmade for these. The user inputs the full URL to any web resource and the contents type and size of the resource are displayed in fields on the form. In addition to this is the actual data retrieved in an internal structure but nothing further is done to it by the program.
Filez (2005/Freeware), is an easy to use file manager for the Palm OS. Use it to remove, beam, or modify any file on your handheld. It's useful for removing old programs/databases and for telling some files to back themselves up.
How to publish a hacked web page (HTTP, XML, PHP, ASP, & ColdFusion) to a web server. Surprisingly neat, cheap, and simple!
Onagert (2005/Freeware), is a Palm GUI frontend for the MLdonkey P2P network client.
Mergic VPN (2005/Shareware/$29.99), is a Virtual Private Network (VPN) client for the Palm OS that uses widely available authentication and encryption technologies along with the Point-to-Point Tunneling Protocol (PPTP) to provide you with a secure connection to your private network.
movianVPN (2005/Commercial), is an award-winning VPN client that provides secure wireless access to corporate network resources. Developed with the IPSec standard, movianVPN supports market leading VPN gateways, and is widely interoperable with networks and applications for flexible deployment options. Designed to meet the processing, bandwidth and battery constraints of a wireless device.
PalmCrack w/ Wordlist tries to crack a single encrypted UNIX (standard UNIX passwords based on the crypt() function, not FreeBSD-type), Cisco (Cisco Type 7, not Type 5 MD5 hashes), or Windows NT (NT LANMAN password hashes, not the NT challenge response MD4 hashes) password. If a wordlist database is found, it tries to crack the password against the entries in this wordlist. The better the wordlist, the better the ability for the program to crack a password. A brute force crack is attempted next (if requested by the user) if the password wasn't found using the wordlist.
Want to create your own custom dictionary? A "pc.pdb" file can be made with the perl program pcmwdb (PalmCrack Make Wordlist DataBase).
MD5 (2004/Freeware), can calculate an MD5 hash, and bruteforce it. Only recommended for OS5 devices.
Hydra is a parallized login cracker which supports numerous protocols to attack. New modules are easy to add, beside that, it is flexible and very fast. Currently this tool supports: TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, SMB, SMBNT, MS-SQL, MYSQL, REXEC, CVS, SNMP, SMTP-AUTH, SOCKS5, VNC, POP3, IMAP, NNTP, PCNFS, ICQ, SAP/R3, LDAP2, LDAP3, Teamspeak, Cisco auth, Cisco enable, LDAP2, Cisco AAA (incorporated in telnet module)
NotSync demonstrates the simplicity of obtaining and decoding the Palm system password. This tool imitates the initial stages of the HotSync process via the IR port and retrieves and decodes the password of the target device. Written for the "Palm OS Password Retrieval and Decoding" security advisory.
Palm OS Password Lockout Bypass, for Palm OS 3.5.2 and below. Passwords and data can easily be obtained through a backdoor in Palm OS, even if the device is "locked".
No Security, if you've forgotten password of your Palm device, install No Security and remove the password without loosing any hidden records.
Sword (Shareware) cracks the password of Palm Pilot, replaces the current passwords without the knowledge of them, provides two level securities; help you at system lockout when you forget your password. All of this without compromising on the data at your palm pilot!
Palm Password Cracker ($), forgot your palm pilot password! No problem, Palm password cracker can break the password. No need to install any kind of file on palm use it from your desktop. Works on all Palm OS versions 3.x
pCrack is a utility that will crack the builtin Palm password. It will automatically decrypt the palm password. You can also beam or copy it to your memo pad. This program is based on the work done by Kingpin of @Stake. ONLY works with Palm OS 3.51 or less. Will not work with Palm OS 4.0 or newer.
Password generator programs... I was raised NEVER to trust them unless it's RSA SecurID or unless it's generated automatically by the application/website/device your want access to. The reason this should be practiced because of backdoors due to the generator algorithms (either intentional or not). So don't use third-party password generators!
System Password Cleaner (2004/Freeware). Have you ever lost or forgotten your security password? Don't miss your personal records anymore! Just sync this little app and press it's only one button and...voila!
Skeleton Key (2003/Freeware), is a program that automatically calculates the possible combinations of a MasterLock (C) combination lock. The number of combinations is decreased from 64,000 to 100 which can then be checked in under 10 minutes! NOTE: In order for this system to work however you must be able to find the third number.
PMaster (2002/Freeware), uses the internal construction of Master locks to narrow the number of possible combonation that have to be checked. It gives a list based on either the first, second, or third number.
Windows 95/98/ME password cracker - Coming Soon!
Remote Access Tools:
Win-Hand Anywhere goes through Almost Any Firewall, Any Network. Access Any Windows Remote computer. Simple 3 questions installation and it is ready to be used!
PalmVNC 2.0 is the latest evolution of PalmVNC, the widely acclaimed remote control software for the Palm OS® platform.
PdaReach ($) display and manipulate your Palm device from Windows at realtime. What you see is what you get.
PalmPanel is a software framework which lets you use your Palm Pilot PDA as a graphical terminal for GNU-based (Linux/BSD/etc) appliances and servers.
BluePalm2X allows you remote control MacOSX applications with any Bluetooth enabled Palm handheld.
Apple Remote Desktop client - Coming Soon!
RemoteGin (2004/Shareware) supports remote access (view and control) to your Windows desktop via Inter/Intranet. It is optimized for big displays (e.g. Clie NX/NZ) and WiFi usage. Surf the net using Netscape/IE, read Acrobat Files, control video films etc. Adapt programs to your PDA screen size with one touch of your PDA!
httpd for PalmOS is a small web server (http) that runs on your palm.
PalmOS httpd accept() queue overflow DoS vulnerability (for the web server listed above).
WirelessModem (Shareware) works a pseudo proxy server. It is a small application that will allow you to use your Handspring/palmOne Treo as a wireless adapter (for WiFi Palms) and as wireless modems (for GSM/CDMA Palms).
Mail server - Coming soon!
FTP - Coming soon!
Telnet/SSH - Coming soon!
WifFi is a simple sniffer for finding 802.11 compatible access points with a WiFi enabled Palm OS device.
NetChaser is similar to above but has "tap-to-connect" and this is shareware.
WiFi-Where (2004/Shareware), finds access points quickly and easily. Connect a GPS unit to find out the exact latitude and longitude of wireless access points.
BtSerial Pro allows you to connect to any Bluetooth device that supports the Serial Port profile. This gives you an easy way to connect to cell phones, sensors and more. BtSerial Pro is a member of a family of communication programs that includes BtSerial and BtServer.
Unlock and start-up cars with key remotes.
Hydra, I think it might be for sniffing unencrypted passwords off of a WEPless 802.11b network. (This app is also listed under the Scanners section.)
IR Ping, This program allows to check the communication between a Palm III and up with IrDA extension and other IrDA devices or another PalmPilot.
Packet sniffer/Packet analyzer - Coming Soon!
Infrared sniffer - Coming Soon!
Mergic Ping is a Palm OS implementation of the UNIX PING (ICMP Echo) program. It can be used with Mergic VPN to verify your connectivity to the private network. It's also useful to test for the availability of specific private network computers.
http://www.mergic.com/vpnDoPingDownload.php PalmPing given a host name or an IP address, the program will cycle through several services (e.g. echo), detecting the presence of that service at the given host. Network statistics are also shown, using the PalmOS statistics queries.
PingAlink (Commercial) is an external monitoring service for your web servers and other Internet devices. It comprehensively monitors the performance of your websites or any other device connected to the Internet.
Traceroute test network routes with this small utility
HTTP ServerWatch (2000/Freeware) discover information about server response times and more.
PScan (2001/Freeware) is a port scanner for PalmOS Devices.
PortScanner (Freeware) is the first version of a Port Scanner for tcp/ip network. It allows you to check if some ports are open on a specified computer given by its ip adresses. This is usefull with wifi-enabled devices to find which services are avaible on a hotspot by example.
PalmMap (2003?/Source Code), this tool is a port scanner that was made to act a lot like NMAP (hence the name PalmMap, Fyodor knows about this project). Good results when used with Hotpaw BASIC.
PalmOS built-in network tools, which includes (depending on your OS) info, finger, nettrace, and ping. info displays active connection info, finger is used search users on a remote host, nettrace is used to test the connection to a remote host (I not sure of this, I didn't play with it much), and ping is used for of course connectivity verification. These tools are Easter Eggs... To access them run "Preferences" --> "Network". In menu "Options" choose "View Log". Graffiti or type a question mark "?" and hit enter and the available network tools are listed.
cgicheck99 is one of the worlds most cross platform cgi scanners, running on 37 operating systems! Even Palmos soon! Will check for 119 of common cgi and other remote issues. Plus it will report you the Bugtraq ID of some vulnerabilities. Get the rebol interpreter at http://www.rebol.com.
Austin is a palm-based Vulnerability/Host Scanner
Searching for Link!
Barcode is a full software barcode scanner for Treo600, Treo650 and Zire72, using the Treo camera. I'm not sure it works with other camera enabled Palms.
OnBoard C is a C/C++ compiler that runs on and creates executables for the Palm OS. OnBoard C creates stand-alone, fully-fledged PRCs -- there's no need for run time libraries or any other software to run an executable created by OnBoard C.
The OnBoard Suite is a C-language development environment that runs on and builds code for, the Palm handheld platform. The OnBoard Suite is comprised of:
* the OnBoard C/C++ compiler,
* the OnBoard Assembler,
* the SrcEdit programmer's editor, and
* the Sherpa porting tool.
The OnBoard C compiler creates a Palm executable or (at the programmer's option) a Hackmaster hack. You can beam your new program or hotsync it to another Palm if you like. It requires nothing but a Palm (w/ the Palm OS in ROM so your code can take advantage of the library that's there). It does not need a separate run-time library.
PocketC ($) is a Palm-based C compiler
SiEd is a free simple text editor for Palm OS® based handhelds. Its purpose is to provide an easy way to create and edit large text documents on Palm OS devices, without the limitations of the built-in Memopad program. Great for editing PHP, HTML, CSS, etc.
QED is an easy to use text- and source-code editor with virtual wide screen.
Pippy, the port of Python to the PalmOS
SmallBASIC (SB) is a simple computer language, featuring a clean interface, strong mathematics and graphics. We feel it is an ideal tool for experimenting with simple algorithms, for having fun.
EZAsm is an assembly language development tool for the Palm Computing(R) Platform. It combines 680X0 assembly language with parts of C.
PilotDis is a disasssembler for palm binaries.
Perl, "No known ports for: Inferno | OS1100 | PalmOS | PRIMOS | VxWorks" - CPAN
TinyLogo, Logo interpreter for Palm
Jump (2004/Freeware) is a software development tool for Java on the PalmOS platform.
If you have ever wanted to know: How to crack a Palm OS application (from Windows), here is a basic tutorial.
Visual Basic (VB) - Coming Soon!
Phreaking: There are not as many phone hacking tools for the Palm as I originally thought, here are the legit ones that are available...
DigiDialer is a dual tone multiple frequency (DTMF) telephone dialer for use several Palm-based handhelds.
TBA is the first wardialer for the Palm OS platform. No more using a desktop or laptop for scanning. Using a Palm device with a modem, you can wardial from anywhere a phone line is available - throw it in a telephone can to retrieve later, toss it up in the ceiling during a security audit - the possibilities are endless. TBA is fully featured, free, and unsupported.
SMS Spoof sends spoofed SMS messages from your Palm.
RedPalm++ is a Canadian Red Box that generates quarter, dime, and nickel tones. Note that this app requires "cbasPad".
Directory Assistant is a FREE free app that automates queries against the YP.com server and adds loads of features of its own. This application is written specifically to take advantage of the Treo's ability to dial phone numbers from the results of your residential or business directory queries.
• Residential, Business and Reverse queries against the YP.com web site.
• Dial the phone number directory from the results screen.
• Calls MapQuest to show Map of address from results.
• Use Results, Addressbook entries, Airports, or manually entered addresses for Driving Directions.
• Keep results for later use until cleared.
• Copy number or entire entry to clipboard, copy to Address Book.
• Maintains last entered query parameters for next use.
• Store frequenty used search strings
RJ45 is a freeware for Palm. It shows you two different ways of terminating scheme when crimping (Straight-Through and Cross-Over) used for Category 5 cabling. That's why it's essential that any IT person have RJ45 running on their palm. This is an illustrated diagram of the three possible terminations, namely: Computer to Hub, Patch Cable and Rollover cable.
DTMF DA (2004/Freeware) is a DA to generate DTMF tones to make a phone call.
Smorse (Freeware) Simple morse code sender. Sends code on the built-in speaker at 1-80 WPM. Higher speeds are sloppy because of the 10 msec resolution of the internal timer.
VOIP Software - Coming Soon!
US Bluebox - Coming Soon!
US Redbox - Coming Soon!
E-Mail & Chat:
Forged mail - coming soon
VeriChat is a instant message client that can be used for MSN, Yahoo!, AIM, and ICQ chatting.
upIRC (2003) is a great IRC client.
PalmIRC (2001/Freeware) is a chat client based on IRC (Internet Relay Chat) protocol RFC1459 that runs on palm devices.
Denial of Service:
Battery Drainer (2004/Freeware), is a utility which is pretty self explanatory. Run this application, and it will repeatedly reset your device.
Mailbox flooder - Coming Soon!
Ping flood - Coming Soon!
Miscellaneous: Here are items that did not quite fit into any particular section, so I decided to list them here...
Netstat display network statistics, as given by PalmOS NetLib
Crash helps manage an unfortunate (& rare) crash of a PalmOS device. Resets the device in a clean way.
vWhois, a whois client for Palm OS
Whois (2005/Freeware), A PalmOS TCP/IP Whois program that accesses WHOIS data for domains (and some IP addresses) for all top-level domains that are available for viewing.
iServices is a Internet Service database browser
PowerNet, this utility prevent auto-off while you connected to network.
UNIX Quick Reference, an excellent a manual to improve your knowledge of UNIX systems.
Try AlwaysOn for those long hacking sessions. This small freeware will disable the auto-off timer, or allow you to set it to different settings than those in the limited default standard preferences.
VFSdos (2004/Freeware) is a DOS console, text-based environment for Palm handheld computers equipped with a VFS expansion slot (such as the m505, Clie, Handera and TRGpro). VFSdos is very similar to the good old' COMMAND.COM. It's not only used for simple DOS file operations - it's a DOS environment were VFSdos applications and batch files can be executed from SD/MMC/MC/CF cards.
CracKING.to (Site) is a PalmOS software backup site. [ Disclaimer: ONLY DOWNLOAD SOFTWARE FROM THE SITE "CracKING.to" IF YOU ALREADY OWN THE ORIGINAL SOFTWARE AND YOU JUST NEED A BACKUP COPY OR IF YOU ARE REPLACING THE CORRUPTED ORIGINAL FILE(S). I'M IN NO WAY RESPONSIBLE FOR ANY LEGAL OR NON-LEGAL ACTION TAKEN AGAINST YOU IF YOU DECIDE TO DOWNLOAD SOFTWARE YOU DON'T OWN. ]
Astalavista (Site) is a security related search engine that also links to PalmOS software backup sites. [ Disclaimer: ONLY DOWNLOAD SOFTWARE FROM THE SITE "Astalavista.bok.sk" IF YOU ALREADY OWN THE ORIGINAL SOFTWARE AND YOU JUST NEED A BACKUP COPY OR IF YOU ARE REPLACING THE CORRUPTED ORIGINAL FILE(S). I'M IN NO WAY RESPONSIBLE FOR ANY LEGAL OR NON-LEGAL ACTION TAKEN AGAINST YOU IF YOU DECIDE TO DOWNLOAD SOFTWARE YOU DON'T OWN. ]
NetTerm Tool (2001/Demo), a glossary for all the industries involved in networking. NetTerm Tool is the only terminology application designed just for the PALM-OS. NetTerm Tool is organized into categories for easy access, but it has a FIND facility for quick lookup.
Network Star Server Edition (2001/Shareware), this application is perfect for technicians and professional people. Network Star Server Edition is a database that will keep track of important information like: Name, IP address, Function, Server OS, V.or S/P #, Domain, Location, and Date.
NS Lookup - Coming Soon!
Change MAC address - Coming Soon!
Linux on Palm Tungsten E. Learn to get kernel to boot, obtain a suitable distro, and provide build instructions.
StyleTap Platform allows you to run applications (and games!) originally written for Palm OS handhelds on your Windows Mobile Pocket PC handheld. With more than 20,000 applications for the Palm OS platform available – many of them free – you will be able to do so much more with your Windows Mobile Pocket PC handheld.
CryptoPad is a replacement for the built-in Memopad. Encrypt those dodgy notes you've been making you bloody pervert!
VirusGuard protects your Palm from viruses.
AutoLock (Shareware) enables better login security for your Palm OS 3.5 and newer device.
Cradle Robber (Shareware) is an app that protect its devices in an open office cubicle environment. Protect your rechargeable handheld and SD card slot. Also for specific model you can use your headphone cord as a security tether.
CCrypt (2004/Freeware) is a simple encryption program for a Palm OS device.
[ NOTES ]
My palm can be pinged from an a remote host when connected to a network. This means that detection is possible. With a Time-To-Live (TTL) of 255 it responds to ICMP requests. Port Scans: I then proceeded to TCP port scan my Tungsten C from port 1 to 36000 and as would one would guess all ports were close. I access Windows-based shares and mapped a drive using FilePoint on my Palm. After Port scanning it I was surprised to see that ports 137 to 139 were still closed.
Q: How do you block basic ICMP packets?
A: I really don’t know other than a finding a palm-based firewall, modifying the PalmOS, or coding your own. There aren’t that many companies that do Palm firewalls, one of those companies is Bluefire Security Technologies located at "http://www.bluefiresecurity.com/“.