Palm Security Tools

TOOLS
Sniffers	WifFi is a simple sniffer for finding 802.11 compatible access points with a WiFi enabled Palm OS device. http://wiffi.splitbits.com/ NetChaser is similar to above but has "tap-to-connect" and this is shareware. http://www.bitsnbolts.com/netchaser.html BtSerial Pro allows you to connect to any Bluetooth device that supports the Serial Port profile. This gives you an easy way to connect to cell phones, sensors and more. BtSerial Pro is a member of a family of communication programs that includes BtSerial and BtServer. http://www.whizoo.com/apps/btserial.php Unlock and start-up cars with key remotes. http://www.hackcanada.com/hackcanada/ media/shift77.html & http://www.pacificneotek.com/ Packet sniffer - Coming Soon! Infrared sniffer - Coming Soon!
Scanners	Mergic Ping is a Palm OS implementation of the UNIX PING (ICMP Echo) program. It can be used with Mergic VPN to verify your connectivity to the private network. It's also useful to test for the availability of specific private network computers. http://www.mergic.com/vpnDoPingDownload.php PalmPing given a host name or an IP address, the program will cycle through several services (e.g. echo), detecting the presence of that service at the given host. Network statistics are also shown, using the PalmOS statistics queries. http://www.palmspot.com/software/ detail/ps540a_98372.html PortScanner is the first version of a Port Scanner for tcp/ip network. It allows you to check if some ports are open on a specified computer given by its ip adresses. This is usefull with wifi-enabled devices to find which services are avaible on a hotspot by example. http://www.freewarepalm.com/communication/ portscanner.shtml cgicheck99 is one of the worlds most cross platform cgi scanners, running on 37 operating systems! Even Palmos soon! Will check for 119 of common cgi and other remote issues. Plus it will report you the Bugtraq ID of some vulnerabilities. Get the rebol interpreter at http://www.rebol.com. http://www.securityfocus.com/data/tools/cgi-check99v0.4 Austin is a palm-based Vulnerability/Host Scanner Searching for Link!
File Access & Transfer	LFtp is a FTP client for my palm http://lthaler.free.fr/guppy/articles.php?lng=en&pg=19 VSFTP – FTP Client Palm SMB Client is a PalmOS client for the SMB protocol (access Windows shares from your Palm device!) http://sourceforge.net/projects/palm-smbclient/ SMBMate is the GUI SMB Client for PalmOS. The newest version of this app goes by the name WiFile ($). http://www.cbulock.com/2004/03/smbmate_freeware.html FilePoint ($), a great file management tool that allows you to map remote Windows shares. http://www.bachmannsoftware.com LGet is said to be the best HTTP downloader for the PalmOS. It changes pages to Palm DOC format on the spot. http://www.freewarepalm.com/communication/lget.shtml Downloader, this application enables you to download files from the internet to your Palm's memory card. http://www.freewarepalm.com/communication/ downloader.shtml Filez...
Remote Access Tools	Win-Hand Anywhere goes through Almost Any Firewall, Any Network. Access Any Windows Remote computer. Simple 3 questions installation and it is ready to be used! http://www.win-hand.com/index.htm http://www.freewarepalm.com/utilities/ win-handanywhere.shtml PalmVNC 2.0 is the latest evolution of PalmVNC, the widely acclaimed remote control software for the Palm OS® platform. http://palmvnc2.free.fr/ PdaReach ($) display and manipulate your Palm device from Windows at realtime. What you see is what you get. http://www.junefabrics.com/pdareach/index.php Apple Remote Desktop client - Coming Soon!
Phreaking	DigiDialer is a dual tone multiple frequency (DTMF) telephone dialer for use several Palm-based handhelds. http://www.digivello.com TBA is the first wardialer for the Palm OS platform. No more using a desktop or laptop for scanning. Using a Palm device with a modem, you can wardial from anywhere a phone line is available - throw it in a telephone can to retrieve later, toss it up in the ceiling during a security audit - the possibilities are endless. TBA is fully featured, free, and unsupported. http://www.grandideastudio.com/files/ security/mobile/tba.zip SMS spoof sends spoofed SMS messages from your Palm. http://www.waste.org/~terje/palm/SMSspoof/ RedPalm++ is a Canadian Red Box that generates quarter, dime, and nickel tones. http://www.hackcanada.com/homegrown/ palmpilot/index.html RedPalm is the original Canadian Red Box for the Palm. Note that this app requires "cbasPad". http://www.hackcanada.com/homegrown/ palmpilot/index.html VOIP Software - Coming Soon! US Bluebox - Coming Soon! US Redbox - Coming Soon!
Coding	OnBoard C is a C compiler that runs on and creates executables for the Palm OS. OnBoard C creates stand-alone, fully-fledged PRCs -- there's no need for run time libraries or any other software to run an executable created by OnBoard C. http://onboardc.sourceforge.net/ PocketC ($) is a Palm-based C compiler http://www.orbworks.com/pcpalm/index.html SiEd is a free simple text editor for Palm OS® based handhelds. Its purpose is to provide an easy way to create and edit large text documents on Palm OS devices, without the limitations of the built-in Memopad program. Great for editing PHP, HTML, CSS, etc. http://benroe.com/sied/index.shtml QED is an easy to use text- and source-code editor with virtual wide screen. http://www.qland.de/qed/ Pippy, the port of Python to the PalmOS http://pippy.sourceforge.net/ SmallBASIC (SB) is a simple computer language, featuring a clean interface, strong mathematics and graphics. We feel it is an ideal tool for experimenting with simple algorithms, for having fun. http://smallbasic.sourceforge.net/ EZAsm is an assembly language development tool for the Palm Computing(R) Platform. It combines 680X0 assembly language with parts of C. http://www.geocities.com/ezasm/ PilotDis is a disasssembler for palm binaries. http://www.freewarepalm.com/utilities/ pilotdis(andpila).shtml Perl - "No known ports for: Inferno \| OS1100 \| *PalmOS* \| PRIMOS \| VxWorks" - CPAN TinyLogo, Logo interpreter for Palm http://www.palmspot.com/software/ detail/ps3104a_98232.html Poplet Kit is a tiny-JavaScript/WMLScript interpreter http://www.handwave.com/ C+/C++ - Coming Soon! Visual Basic (VB) - Coming Soon!
Mail	fake mail - coming soon
Password Cracking	PalmCrack tries to crack a single encrypted UNIX, Cisco, or Windows NT password. If a wordlist database is found, it tries to crack the password against the entries in this wordlist. The better the wordlist, the better the ability for the program to crack a password. A brute force crack is attempted next (if requested by the user) if the password wasn't found using the wordlist. http://www.noncon.org/noncon/product_info.html Hydra is a parallized login cracker which supports numerous protocols to attack. New modules are easy to add, beside that, it is flexible and very fast. Currently this tool supports: TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, SMB, SMBNT, MS-SQL, MYSQL, REXEC, CVS, SNMP, SMTP-AUTH, SOCKS5, VNC, POP3, IMAP, NNTP, PCNFS, ICQ, SAP/R3, LDAP2, LDAP3, Teamspeak, Cisco auth, Cisco enable, LDAP2, Cisco AAA (incorporated in telnet module) http://thc.org/thc-hydra/ NotSync demonstrates the simplicity of obtaining and decoding the Palm system password. This tool imitates the initial stages of the HotSync process via the IR port and retrieves and decodes the password of the target device. Written for the "Palm OS Password Retrieval and Decoding" security advisory. http://www.atstake.com/research/advisories/ 2000/index_q3.html Palm OS Password Lockout Bypass, for Palm OS 3.5.2 and below. Passwords and data can easily be obtained through a backdoor in Palm OS, even if the device is "locked". http://www.atstake.com/research/ advisories/2001/a030101-1.txt Windows 95/98/ME password cracker - Coming Soon!
Denial of Service	mailbox flooder - Coming Soon! ping flood - Coming Soon!
Terminal	ptelnet is a powerful communication software for the Palm Computing platform. By using the built-in TCP/IP stack (telnet mode), it acts as a Telnet Client. http://netpage.em.com.br/mmand/ptelnet.htm TuSSH is an SSH client for Palm OS devices. It should now work with any device with Palm OS 4 or greater. I has been reproted to work with OS3.5 and greyscale devices. Devices With a hires screen can get a full 80x25 colour terminal . http://www.tussh.com/ pssh is a free, open-source SSH 2 client for Palm OS 5. http://www.sealiesoftware.com/pssh/
Servers	httpd for PalmOS is a small web server (http) that runs on your palm. http://www.citi.umich.edu/u/rees/pilot/#httpd http://httpdpalm.sourceforge.net/ PalmOS httpd accept() queue overflow DoS vulnerability. http://neworder.box.sk/explread.php?newsid=10600 Mail server - Coming soon! FTP - Coming soon! Telnet/SSH - Coming soon!
Chat	VeriChat is a instant message client that can be used for MSN, Yahoo!, AIM, and ICQ chatting. http://www.pdaapps.com/ upIRC is a great IRC client. http://www.smittyware.com PalmIRC is a chat client based on IRC (Internet Relay Chat) protocol RFC1459 that runs on palm devices. http://members.tripod.com/~hokamoto/PalmIRC.html
Other	Netstat display network statistics, as given by PalmOS NetLib http://page-appart.nerim.net/palm/netstat/page10.shtml Crash helps manage an unfortunate (& rare) crash of a PalmOS device. Resets the device in a clean way. http://www.freewarepalm.com/utilities/crash.shtml vWhois, a whois client for Palm OS http://tinyurl.com/cw6xx Traceroute test network routes with this small utility change mac address http://www.versiontracker.com/dyn/moreinfo/palm/1012 iServices is a Internet Service database browser http://www.tamalo.com/downloads/ PowerNet, this utility prevent auto-off while you connected to network. http://www.freewarepalm.com/utilities/powernet.shtml NS Lookup - Coming Soon!

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License.