Mobile Security Tool Kit

Note: The STORM mobile security tool kit contains the STORM Linux (a Raspbian based, customized distro of Linux) including all of the associated security tools. These tools are very powerful and all proper precautions should be adhered to at all times.

Always remember that the difference between illegal and ethical hacking comes down to one word; permission. It is illegal to utilize these or any other pen testing tools on a network or website without permission.

As stated in the terms and conditions, EC-Council is not responsible for illegal use of these tools and you accept the full liability for its usage. The entire code of ethics can be found here.

Get started

Click here to learn how to start using your mobile security tool kit.

Case Study – STORM Workshop in New York

CyberServices NYC ethical penetration test against a client’s wifi network, of which was compromised by a blackhat cell operating in NYC.

My name is Mike.  I am the founder/president of CyberServices NYC. We are a small cyber security group operating in NYC.  My team consists of nine other employees, specializing in various areas of penetration testing, ethical hacking, risk assessment, cyber threat analysis and information warfare.

Our client base is mainly small to medium sized businesses, healthcare facilities and local and federal government requests (off-book engagements).  In May of this year, I was fortunate enough to attend HACKNYC and buy the EC-Council’s Mobile Security Tool Kit (Storm device.)  EC-Council also had a two-day workshop on using the Storm device.

The live penetration test:

I was contacted by the CEO of a medium sized business.  She was concerned about the WLAN part of her network, particularly the public facing WiFi access system.  She had been hacked, her network compromised through an attack vector involving this sub-system.

No surprise or fancy technical stuff here.  This was just a common, easy hack that a 12 year old could pull off.  The difference here is that when we saw the screen capture provided to us by their IT staff (using Snort), a team member saw a familiar “signature” in the traffic.  These hackers were after their PCI database. They didn’t get it. This was a group, a cell we’ve seen before.

After all the contract discussions with the CEO and the Head IT guy were agreed on, our “get out of jail card” and emergency contacts numbers exchanged, our pentest would begin on a Friday at 23:59 hrs, and end Monday at 06:00 hrs. We went to the local police precinct and informed the desk sergeant of
our intentions and contact numbers.

So, we used the Storm device for the entire test.  After some recon of the area and OSINT of the company, we had our network map of their wireless system.  We used Kismet for the usual wireless details.  Then it was on to the Aircrack-ng suite, (sudo airmong-ng start wlan).  You folks get the rest. we got output from airodump-ng.  Back to Kismet for comparison and targeting. So, we confirmed our target and it’s details.

Now, from our earlier recon, we discovered the make and model of their routers. (yes, there was a little social engineering after we sealed the deal with the client).  Google really is your best friend. So, is ToR. So, we downloaded the most commonly used passwords and defaults used by that manufacturer and CUPP since we did a behavioral profile on the Head IT guy.  Along with OSINT, we had a good idea of his general personality.  Our dictionary.txt was created.  Time to fire for effect.

“sudo mdk3 mon0 p -c 2 -t {MAC address here} -f {our dictionary.txt here}”

This was a hybrid brute force attack, obviously. Our profile help out.  The password was a mix of the IT guy’s personal  and family’s PII. The user ID was obvious. We entered the info on the SSO screen and that’s it.Thanks for playing, game over. Now, this was a very simple real life test.  No big deal.  The point here is we used the Storm device for every step of this hack. And, since our after action report given to the CEO was met with satisfaction (the head IT guy, not so much), we got our agreed upon bankers’ check.

Summary:

The Storm device performed admirably in the field. We had our usual laptop with us just in case but we didn’t use it. Now, since the Storm unit is Raspberry 3+ based it is slower than the regular hardware of the trade. It also runs hotter depending the length of use. We put small heat sinks on the two main processors. We also had the A/C on in our van.  In the theater of battle, the Storm did the job and did it well.

When you get one, do the usual mods on Kali. Clear out the # in sources.list (cd /etc/apt. then nano sources.list). Then run sudo apt-get update.  Set the correct time and date for your time stamp on screen shots. We used an Alpha AWUSO36NEH NIC card. Configure your Storm device for your external NIC.  (ifconfig, etc, etc). Make sure network settings and USB settings recognizes your card. Hack your own system for a test.

Get a wireless miniMouse. It’s easier to click on the tools in Kali on the Storm unit. Finally, we used a 2400 milliAmp rechargeable USB battery with a back-up for power.  We used only one for this pentest. They do last.

Remember, like a hand-held two way radio, the Storm unit is a field device.  If you expect HP laptop multi-core, hyper processor speed from this unit, then, well just go away and find another career.  Storm works. It works well.

So, get one. Pack the bag in comes in with your rubber duckies, LAN turtles, USB drives and other stuff you’ll use with it and make some money.

Here is what some of our STORM class students had to say:

“I really enjoyed the class, thanks for working with the chapter to get this delivered to the group. Hope we can do something similar next year.” – Anne-Marie Colombo, SAP

“It was a smashing success. In January we should have you talk to the ISSA Board and see how we do more.” – Justin Orcutt, NCC Group

“Everyone enjoyed what EC-Council brought to BSides Huntsville! The STORM Device is so cool and we have attracted a new audience because of EC-Council” – Cary Pool, NAISSA President

“I’ve taken all of EC-Council Courses at TakeDownCon. This was a nice addition to BSides and it was great to sit in a new EC-Council Class and learn a new device!” – Chad Holton, State of AL Alcoholic Beverage Control Board

“It was my first time working with EC-Council and It was great to bring a workshop from such a reputable certification body, this added tremendous value to BSides Tampa and I look forward to working with you all again in 2019!”- Derek Thomas, BSides Tampa Organizer

“The HACKNYC 2018 event has truly changed my Information Security outlook and has greatly improved my overall skills in every aspect. Connecting with Elite Cyber Security Professionals in the private sector and federal government to the 2-day “all-out” Mobile Security Hacking with the Storm Tool in conjunction with the iLabs, and Kevin Cardwell (my trainer) made this a true exceptional Cyber Security training and experience.

The Mobile Security tool kit with Storm 2-day boot camp allows each trainee to focus their attack vectors in hacking web applications, servers, cloud, and use virtualization as your very own cyber range (off-line) and connect your Storm device to it and do pen-testing or allow you to use it as another live node. The instructor was very confident and capable as he thought a wide range of students with various information security experiences and I must say I learned so much. His patience and due-diligence, integrity, dedication, and excitement. While not surprising, EC-Council has provided me a very strong platform to prove my Information Security skills and enhance my overall knowledge.

I’m particularly impressed with how the modules in iLabs taught you how to use the latest cyber-attacks without compromising real networks. You get confidence in the tools, and virtualization is secured and more than ready to take anything you throw at it. The conference (HACKNYC 2018) and Mobile Security Tool Kit hacking with Storm has prepared made me a better-rounded cybersecurity professional. C|EH has taught me about vulnerability testing in a real-world environment, E|CSA is teaching me pen-testing, and Mobile Security with Storm has taught me virtualization, pen-testing capabilities, and the possibilities with this tool are truly amazing.”– Isaac Feliciano, New York Air National Guard

“Just wanted to say thanks to both you and Kevin for providing a quality experience for myself and my fellow learners! It was great to be able to take a day to develop my ethical hacking skills, and be able to head out with tools in hand for further practice for the CEH exam. That said, I can’t wait for the upcoming training sessions. In the meantime, I’ll be studying and sharing the word about EC-Council to my colleagues!”– Jason Scoon, DevOps Engineer at NYU Langone Health