Results 1 to 10 of 10

Thread: Ethernet device the size of a matchbox

  1. #1
    penguin_to_bits
    Guest

    Default Ethernet device the size of a matchbox

    I'm going to start a little hobby project soon using the PIC18F97J60 chip made by Microchip. The PIC18F97J60 is a powerful microcontroller that has built-in support for Ethernet.

    Loads of people have used this chip to make a tiny little webserver, but I want to do something new, innovative and fun.

    The final device will hopefully be about the size of a matchbox.

    I'm looking for ideas on what to make:
    At the moment I'm thinking of making a network mapper. Basically you'd take my device and connect it into switch... leave it for a few minutes, take it out and bring it home and see what information it was able to gather.

    Any other ideas? What would be a cool little device the size of a matchbox?

  2. #2
    Senior Member
    Join Date
    Jan 2006
    Posts
    1,334

    Default

    You're talking like a gumstix?

    Interesting idea........

  3. #3
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    I have been toying with an idea along these lines myself for quite some time now, but I am afraid that my engineering skills might not be quite up to the task.

    I was however thinking more along the lines of building a tiny box with an integrated wireless chip capable of sniffing data and decrypting WEP and saving all the data on an flash memory card. It would also be interesting to make it capable of some filtering options and perhaps even a MITM attack, but this is getting pretty advance already. The whole project has anyhow been put on hold since I am fairly certain that there is such a device out there already, as it does not seem like too original an idea.
    -Monkeys are like nature's humans.

  4. #4
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by =Tron= View Post
    I have been toying with an idea along these lines myself for quite some time now, but I am afraid that my engineering skills might not be quite up to the task.

    I was however thinking more along the lines of building a tiny box with an integrated wireless chip capable of sniffing data and decrypting WEP and saving all the data on an flash memory card. It would also be interesting to make it capable of some filtering options and perhaps even a MITM attack, but this is getting pretty advance already. The whole project has anyhow been put on hold since I am fairly certain that there is such a device out there already, as it does not seem like too original an idea.
    Yes, it's been done, and mounted in a Teddy bear for disguise.

    But the OP's idea is a good one. It could be a good tool for gathering information before a pentest. something that could be plugged into an open ethernet port somewhere and not really be noticed.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  5. #5
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Quote Originally Posted by streaker69 View Post
    Yes, it's been done, and mounted in a Teddy bear for disguise.
    Well that's what I figured. Do you know anywhere I could read more about this project as I still find it intriguing even though it seems to be an old idea? I tried googling for it but my keywords did not return any interesting results.
    -Monkeys are like nature's humans.

  6. #6
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by =Tron= View Post
    Well that's what I figured. Do you know anywhere I could read more about this project as I still find it intriguing even though it seems to be an old idea? I tried googling for it but my keywords did not return any interesting results.
    http://www.renderlab.net/projects/teddy-net/
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  7. #7
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Quote Originally Posted by streaker69 View Post
    Thank you for the link, it was interesting reading even though not exactly what I had in mind.

    The Teddy was a disguised rogue AP whereas what I was thinking about is a wireless sniffer that would run on batteries and be able to sniff the traffic on an existing AP nearby.
    -Monkeys are like nature's humans.

  8. #8
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by =Tron= View Post
    Thank you for the link, it was interesting reading even though not exactly what I had in mind.

    The Teddy was a disguised rogue AP whereas what I was thinking about is a wireless sniffer that would run on batteries and be able to sniff the traffic on an existing AP nearby.
    It could do that too with some minor configuration of the firmware on the AP, with all the different types of things you can do with the WRT you could disguise one as anything and have it do pretty much anything you want.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  9. #9
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Quote Originally Posted by streaker69 View Post
    It could do that too with some minor configuration of the firmware on the AP, with all the different types of things you can do with the WRT you could disguise one as anything and have it do pretty much anything you want.
    So right you are, ones imagination is pretty much the limit when it comes to its abilities. I might just have to investigate this a bit further since this sure does sound like a teddy bear in my taste

    My sincere apologies to penguin_to_bits for hijacking your thread, but your idea got me all fired up again.
    -Monkeys are like nature's humans.

  10. #10
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    At Blackhat USA 2002 there was a presentation on a device with a similar concept done by Chris Davis and Aaron Higbee, and called "DC Phone Home". The "DC" in this case was a Sega Dreamcast, running a special Linux, which was designed to be attached to an open Ethernet port, sniff out the network, and "phone home" the information it had collected via a tunnel to a remote server.

    Looking over what they did and how they went about it may give you some ideas for your device.

    Here' s a list of what they had on board the Dreamcast:

    Network Autoconfig
    * DHCP

    Scanning
    * netcat
    * nmap

    Sniffing
    * PHoss
    * ngrep
    * tcpdump

    Tunneling
    * VTun
    * CIPE
    * httptunnel
    * icmptunnel
    * stunnel
    * ppp
    * ssh

    The original Powerpoint presentation:
    http://www.blackhat.com/presentation...s-02-phone.ppt

    Security Focus had a quick article about it here:
    http://www.securityfocus.com/news/558
    Thorn
    Stop the TSA now! Boycott the airlines.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •