[Dailydave] I am Jack's complete lack of covertness with my giant antenna

Rich Mogull rmogull-dd at securosis.com
Fri Mar 23 16:23:26 EDT 2007 

Should be trivial to wire a basic external and use foil or something  
to block the signal except in one direction (foil or whatever, but  
would be easy to get more elegant.

I've done a lot of DF work with avalanche searches and finding downed  
aircraft. All you need is something moderately directional and a  
signal strength meter. Sound actually works better sometimes than a  
signal strength visual, since the human ear is pretty good at  
detecting small pitch/volume changes.

Once you have something small and directional, with some way of  
seeing/hearing signal strength, it's easy to just walk around and  
find what you want. I've seen plenty of people running around DefCon  
with Yagis, but for close range and just a ballpark location you  
don't need them.

It would be trivial to do this on SILICA and maintain covertness,  
although it would take a little modification (not sure what you're  
using for hardware), and you'll need to display the strength.

If you want to get really fancy you can put a second wireless in at  
an angle from the first, make both directional, and do nifty stuff in  
software to measure the differences and angles to limit all the not- 
so-covert walking around. A bunch of avalanche beacons do this,  
although the wavelength involved makes it easier (I think) than 2.4  
GHz. The antennas are internal and you get both direction and distance.

EIther way, you don't need anything big and can integrate  
directionality without putting a large directional antenna on your  
head. It's a lot easier to DF (unless you need pinpoint accuracy)  
than most people think...


On Mar 22, 2007, at 7:22 PM, Dave Aitel wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> There's a lot of things you could do with a SILICA if you tacked a
> laser range finder to it, a directional antenna, or loaded it on more
> powerful hardware. All those things would be annoying to get through
> the minimum wage airport security, let alone a real inspection. Those
> are all really good ideas, but SILICA's goal is covertness.
>
> There's no real way to measure covertness, which is why Immunity
> CANVAS just has a bar at the bottom that goes from 1 to 11. Covertness
> is like writing. When it's good, you get the girl. When it's bad, you
> go down in flames and you don't even know why.
>
> May 21st we're doing a 5 day Unethical Hacking class here in South
> Beach. We'll be covering using ImmDBG to create Windows exploits,
> using Hydrogen and MOSDEF to bounce from machine to machine, and how
> to be covert. Be there, or be that guy with the giant antenna.
>
> - -dave
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
>
> iD8DBQFGAznntehAhL0gheoRAgscAJ4o6I9Pv7sc9rj28WaoKfbhB6SNMACeKzdA
> 8lZE/FcJGwxhGq63ASOM+hw=
> =kTZo
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunitysec.com
> http://lists.immunitysec.com/mailman/listinfo/dailydave

More information about the Dailydave mailing list