Saturday, March 24, 2018



Thursday, March 8, 2018

Pentest via cellular network (V): Nmap port scanner with SMS message


- Layout for this exercise (Smartphone and Raspberry Pi / SIM card / Modem):

- This exercise is based on the four previous exercises:

1 - Writing the Python script

- The Python script used in this exercise uses libraries and scripts from previous exercises:

- Some libraries are imported:

- A function is defined  to process the SMS message requests:

- External stored data is invoked:

- The script waits until an SMS message arrives, then processing it, and finally giving back an answer:

2 - Testing the script

- First, from the smartphone an SMS message is launched asking about the port 22 of the localhost:

- Running the Python script at the Raspberry Pi, it detects the request from the smartphone and finally gives back an answer:

- Before launching another test to the host, let's perform an Nmap scan in the usual way:

- Now,  from the smartphone an SMS message is launched inquiring about the port 135 of the host

- The Raspberry Pi gives an answer back to the smartphone via an SMS message, and the result is equal to the usual Nmap port scanning: port 135 is open.

Pentest via cellular network (IV): port scanning with Python-nmap


- Layout for this exercise (Smartphone and Raspberry Pi / SIM card / Modem):

1 - Installing Python-Map on the Raspeberry Pi

- python-nmap is a python library which helps in using Nmap port scanner.

- It allows to easilly manipulate nmap scan results and will be a perfect tool for systems administrators who want to automatize scanning task and reports. 

- It also supports nmap script outputs.

- For further information:

- Python-nmap works on top of Nmap, so let's make sure that Nmap is previosly installed:

- Downloading python-nmap:

- Uncompressing:

- Setting up and installing:

2 - Testing python-nmap with Python interactive mode

- Now, let's check its funcionality scanning the port 22 of the localhost Raspberry Pi, invoking python-nmap from Python:

- The SSH port 22 is in "open" status:

3 - Writing a Python script using python-nmap

- This Python script uses python-nmap for scanning, and it is based on the documentation provided by the python-nmap official website:

- Let's notice that the final section of the script just indicates to scan the localhost port 22:

- Running the script the result is successful:

Pentest via cellular network (III): SMS messages with Hologram Python SDK


- Layout for this exercise (Smartphone and Raspberry Pi / SIM card / Modem):

- The goal of this exercise is to send/receive SMS messages between a Hologram modem (installed at a Raspberry Pi device) and a smartphone via the celullar network, using the Hologram Python SDK library.

- First of all, let's create an external data script where the device key and the phone number are stored:

- Now, importing libraries from the Hologram Python SDK, this Python script sends an SMS  message and prints the successful result:

- Running

- In similar way, this Python script puts the modem into receiving mode and prints the message once it has been received:

- Running (in the image I have removed the sender phone number by privacy reasons):                                                                                                                                                                                

- The smartphone screen displays the SMS messages exchanged with the modem:

Pentest via cellular network (II): Hologram Nova Global 2G/3G Modem


- Layout for this exercise (Smartphone and Raspberry Pi / SIM card / Modem):

1 - Hologram Nova Global 2G/3G Modem

- The modem Hologram Nova is a global 3G/2G cellular modem purpose-built for IoT and single board computers like the Raspberry Pi. 

- Paired with Hologram's CLI/Python SDK and global cellular network, the Nova is a simple plug-and-play modem for instant connectivity and secure data messaging.

- At the moment of writing this text, it can be bought online at a price of $49.

- Before the Nova modem can be operational the SIM must be activated (as done at previous exercise) so that it can gain access to the cellular network.

- The SIM card is inserted into the slot of the bottom of the Nova board, being careful that the Nova is not plugged-in at that moment:

- The Nova modem kit includes two quad-band flexible UFL anntenas, operating over 850/900/1900/2100 MHz bands.

- The larger black anntena is expected to provide better reception, though the yellow antenna has the benefit of fitting better due to its smaller size.

- The anntenas are attached pressing firmly down the gold UFL connector:

- Once the modem is operating correctly there are two LEDs (blue and red) providing feedback about what is going on inside the modem:

  • The blue LED represents whether the modem is on/off.
  • The red LED indicates the network status: off (no network detected), double blink(2G), rapid blink (3G), solid (connected)

2 - Hologram Python SDK

- The Python SDK and Hologram CLI are available on Github as open source.

- The Hologram Ptython SDK allows to connect and communicate the Hologram SIM card and the Nova USB modem with other IoT platforms for cellular connectivity:

- Installing the Hologram Python SDK to the Raspberry Pi device:


- On next exercises this Python SDK platform will be used abundantly:

3 - Checking the functionality of the modem

- First of all, let's check that Raspberry Pi detects the modem connected to one of its USB ports:

- Accessing available ports:

- hologram command has got several options:

- Detecting the type of modem:

- Printing the celullar network available:

- Printing the SIM card number used with the modem:

- Printing the signal strength:

- Printing the location:

4 - Sending and receiving SMS messages between a cellular phone and a modem

- Connecting the modem to the cellular network:

- A new interface ppp0 (point-to-point-protocol) is created:

- Checking the Internet connectivity let's see the huge replay delays of the pings, what it is understable in this kind of connection:

- Now, to send/receive SMS messages the cellular phone device key is required (available at the user Dashboard):

- Sending a message from the modem to the phone:

- The message is successfully received at the phone:

- Preparing the modem to receive SMSs:

- The phone answers:

- The phone receives the message:

- Finally the modem can be disconnected: