Whitelist: March 2018

Pentest via cellular network (V): Nmap port scanner with SMS message

PENTEST VIA CELLULAR NETWORK (V): NMAP PORT SCANNER WITH SMS MESSAGE

- Layout for this exercise (Smartphone and Raspberry Pi / SIM card / Modem):

- This exercise is based on the four previous exercises:

http://www.whitelist1.com/2018/03/pentest-via-cellular-network-i-global.html
http://www.whitelist1.com/2018/03/pentest-via-cellular-network-ii.html
http://www.whitelist1.com/2018/03/pentest-via-cellular-network-iii-sms.html
http://www.whitelist1.com/2018/03/pentest-via-cellular-network-iv-port.html

1 - Writing the Python script

- The Python script used in this exercise uses libraries and scripts from previous exercises:

- Some libraries are imported:

- A function is defined to process the SMS message requests:

- External stored data is invoked:

- The script waits until an SMS message arrives, then processing it, and finally giving back an answer:

2 - Testing the script

- First, from the smartphone an SMS message is launched asking about the port 22 of the localhost:

- Running the Python script at the Raspberry Pi, it detects the request from the smartphone and finally gives back an answer:

- Before launching another test to the host 192.168.1.6, let's perform an Nmap scan in the usual way:

- Now, from the smartphone an SMS message is launched inquiring about the port 135 of the host 192.168.1.6:

- The Raspberry Pi gives an answer back to the smartphone via an SMS message, and the result is equal to the usual Nmap port scanning: port 135 is open.

Pentest via cellular network (IV): port scanning with Python-nmap

PENTEST VIA CELLULAR NETWORK (IV): PORT SCANNING PYTHON-NMAP

- Layout for this exercise (Smartphone and Raspberry Pi / SIM card / Modem):

1 - Installing Python-Map on the Raspeberry Pi

- python-nmap is a python library which helps in using Nmap port scanner.

- It allows to easilly manipulate nmap scan results and will be a perfect tool for systems administrators who want to automatize scanning task and reports.

- It also supports nmap script outputs.

- For further information:

https://xael.org/norman/python/python-nmap/

- Python-nmap works on top of Nmap, so let's make sure that Nmap is previosly installed:

- Downloading python-nmap:

- Uncompressing:

- Setting up and installing:

2 - Testing python-nmap with Python interactive mode

- Now, let's check its funcionality scanning the port 22 of the localhost Raspberry Pi, invoking python-nmap from Python:

- The SSH port 22 is in "open" status:

3 - Writing a Python script using python-nmap

- This Python script uses python-nmap for scanning, and it is based on the documentation provided by the python-nmap official website:

https://xael.org/norman/python/python-nmap/

- Let's notice that the final section of the script just indicates to scan the localhost port 22:

- Running the script the result is successful:

Pentest via cellular network (III): SMS messages with Hologram Python SDK

PENTEST VIA CELLULAR NETWORK (III): SMS MESSAGES WITH HOLOGRAM PYTHON SDK

- Layout for this exercise (Smartphone and Raspberry Pi / SIM card / Modem):

- The goal of this exercise is to send/receive SMS messages between a Hologram modem (installed at a Raspberry Pi device) and a smartphone via the celullar network, using the Hologram Python SDK library.

- First of all, let's create an external data script where the device key and the phone number are stored:

- Now, importing libraries from the Hologram Python SDK, this Python script sends an SMS message and prints the successful result:

- Running SendTEST.py:

- In similar way, this Python script puts the modem into receiving mode and prints the message once it has been received:

- Running ReceiveTEST.py (in the image I have removed the sender phone number by privacy reasons):

- The smartphone screen displays the SMS messages exchanged with the modem:

Pentest via cellular network (II): Hologram Nova Global 2G/3G Modem

PENTEST VIA CELLULAR NETWORK (II): HOLOGRAM NOVA GLOBAL 2G/3G MODEM

- Layout for this exercise (Smartphone and Raspberry Pi / SIM card / Modem):

1 - Hologram Nova Global 2G/3G Modem

- The modem Hologram Nova is a global 3G/2G cellular modem purpose-built for IoT and single board computers like the Raspberry Pi.

- Paired with Hologram's CLI/Python SDK and global cellular network, the Nova is a simple plug-and-play modem for instant connectivity and secure data messaging.

- At the moment of writing this text, it can be bought online at a price of $49.

https://hologram.io/store/nova-global-cellular-modem/36

- Before the Nova modem can be operational the SIM must be activated (as done at previous exercise) so that it can gain access to the cellular network.

- The SIM card is inserted into the slot of the bottom of the Nova board, being careful that the Nova is not plugged-in at that moment:

- The Nova modem kit includes two quad-band flexible UFL anntenas, operating over 850/900/1900/2100 MHz bands.

- The larger black anntena is expected to provide better reception, though the yellow antenna has the benefit of fitting better due to its smaller size.

- The anntenas are attached pressing firmly down the gold UFL connector:

- Once the modem is operating correctly there are two LEDs (blue and red) providing feedback about what is going on inside the modem:

The blue LED represents whether the modem is on/off.
The red LED indicates the network status: off (no network detected), double blink(2G), rapid blink (3G), solid (connected)

2 - Hologram Python SDK

- The Python SDK and Hologram CLI are available on Github as open source.

- The Hologram Ptython SDK allows to connect and communicate the Hologram SIM card and the Nova USB modem with other IoT platforms for cellular connectivity:

https://github.com/hologram-io