PUSHING N900 TO THE LIMIT!!!


 i am currently using Linux 2.6.28.10power47 kernel and the desktop widget MaxCPU to quickly overclock or reduce CPU usage on my Nokia N900. MaxCPU has a range starting at 250MHz with levels at 500MHz, 550MHz, 600MHz (default), 700MHz, 750MHz, 805MHz, 850MHz, 900MHz, 950MHz, 1000MHz, 1100MHz and 1150MHz.

I am not quite sure what the limit is for the Nokia N900, since I have been pushing it for quite some time, but I think I have reached a milestone in numbers. Currently my setup is:

  • Version 20.2010.36.2 (PR1.3).
  • 9 unique desktops.
  • 81 desktop shortcuts.
  • 22 loaded widgets (CPU x 3, Touch Search, Desktop Browser x 9, Conversations, Queen Beacon x 4, Calendar, Forca Weather, OMWeather, Feeding it).
  • 95 245 applications in the menu. (edit: 19/06/2011).
  • Overclocked to 1000mhz and stable.

Overclocking the N900 makes all the difference in performance, although it can cause the device to be quite unstable if the wrong configuration is used, so it takes a lot of patience and fiddling to get the right set up.

Some of the resources I have used to date for overclocking:

  1. Jakiman’s N900 Overclocking Guide – This is a brilliant guide and works exactly as the steps suggest.
  2. Titan – more configuration options. Very useful if you want to add your own settings.
  3. Tonism – offers the latest starving configuration for titan kernel!
  4. Jakiman offers some extra steps for setting the same MIN and MAX settings (e.g. 1000 1000). These are the settings I applied after I successfully completed step 1 and they work brilliantly. My N900 is super fast now and surprisingly very stable. I managed to open 56 applications (before it started to falter).
  5. Queen Beacon Widget – This widget is amazing in it’s own right but is key to the over clocking process.
  6. Bakuur has a complete step by step guide on overclocking and using the Queen Beacon Widget (with diagrams). – Very cool!
  7. Jakiman’s name pops upagain and here is his guide to using Queen Beacon and overclocking. – This is what I used and it works!
  8. Lehto is another cool customer overclocking his N900 and reporting on the different speeds achieved.
  9. Finally all these brilliant people can be found at Maemo.org in the forums sharing their knowledge and it should be the place where you go first to read up on Overclocking the N900. This topic has managed to generate 495 pages so far, which just goes to show how popular this topic is.

Below are ten large (content heavy) websites that I loaded up with ease with my 1000Mhz setup.

The screen below shows the CPU widget showing 1000MHz. I have fixed the MIN and MAX to 1000MHz. I was running my N900 all day at 1000MHz and it was fast, very responsive, and an absolute pleasure to use.

Nokia N900 is a pentest device


The Nokia N900 has a lot of pentesting potential thanks to the numerous pentest software that has been ported to Maemo. Today I will be doing a guide on how to fully equip your N900 so that it becomes a must-have device for every pentester. Everything that your going to read is for testing only, you should NOT use it on computers you don’t own. Anything you do with this software is your own fault. You have been warned.

Before continuing you should first enable the extras-devel repository on your phone – go to Application Manager and Add this catalogue:

 Catalogue name: Extras-Devel
 Web address: http://repository.maemo.org/extras-devel/
 Distribution: fremantle
 Components: free non-free

To begin with, I will start with aircrack-ng. It is one of the most popular pentesting programs out there and it serves the purpose of breaking wep/wpa/wpa2 keys and gaining access to a wireless network. To get it, you need to follow these instructions:

apt-get install aircrack-ng

However, so far you will not be able perform packet injection, which will slow down WEP cracking and will make wpa handshake capture much harder. So next thing to do is go tolxp’s blog and get the patched wireless driver and carefully follow the instructions. If you find the driver useful donate at his blog! It adds much more than just packet injection, but you can read all about that on his blog.

As of May,2011 you can now install successfully mdk3, genpmk and cowpatty. You need to have updated your aircrack-ng to version 1.1. To install them follow this post. You can further install wessid-ng ,kiptun and airolib by placing them in /usr/bin and chmod them.

A great addition to aircrack-ng are one of the two available GUI’s. If you are a Backtrack user, you have most probably gotten used to GrimWepa. Luckily for you, a N900 version exists. Here is the actual file. To install it follow these instructions:

apt-get install libgif4

apt-get install icedtea6

java -jar grimwepa-n900.jar

However, I personally don’t like how it works on the N900 and I prefer wifite v2. To install it,use :

– wget https://raw.github.com/derv82/wifite/master/wifite.py

– chmod +x wifite.py

– ./wifite.py

The biggest change from version 1 is support for “reaver”, a Wifi-Protected Setup (WPS) attack tool. Reaver can compromise the PIN and PSK for many routers that have WPS enabled, usually within hours.

Other changes include a complete code re-write with bug fixes and added stability. Due to problems with the Python Tkinter suite, the GUI has been left out of this latest version. Most of the new router now got WPS. For example,the default configuration in UniFi router- Dlink Dir-615 – got WPS enabled. Instead of attacking WPA key,wifite attack WPS pin. And have tested using wifite v2, i can crack wpa password without using WPA dictionary. Wifite v2 use pyrit + cowpatty to attacking WPA key.

And for your info wifite just for LINUX, not working in windows or mac…so put yourself with LINUX.

Next thing on the list is getting nmap – apt-get install nmap – easy as that. Quite a useful ip/port scanner that is needed for many exploits. You can run it from terminal by typing ‘nmap’.

My favorite tool of them all is ettercap-ng. It is used to poison a network, redirect traffic,sniff packets and even for DoS attacks. Installing it is a bit harder,but thanks to colin.stephane, who build it into deb packages, it is quite easy if you follow the commands. The files and instructions can be found in this post.

If you want to get the gui working you should also do “dpkg -i ettercap-gtk_0.7.3-1.2.armel.deb”. DO NOT install it via xterm from the repositories as the package uploaded there is completely broken.

A great tool combination for ettercap is sslstrip – it basically turns https links to http and allows you to steal passwords from secured sites.It is quite hard to notice even for a person thats familiar with this exploit. Installation here is a bit harder. First you need to get python-twisted-web and iptables – “apt-get install python-twisted-web iptables python-pyopenssl”. Next you need to download the latest sslstrip package at http://www.thoughtcrime.org/software/sslstrip/ . Unpack it with “tar zxvf sslstrip-0.x.tar.gz”, then cd into that directory “cd sslstrip-0.x” and do a “python setup.py build” & “python setup.py install”. If you get any dependency errors, install the missing packages first (sometimes you will have to install a different package – for example if you are missing package ABC you will have to type in the Xterminal “apt-get install python-ABC”, not just “apt-get install ABC”.) If you have any issues with installing make a comment and I will try to help you.

Another cool program that you can get is Wireshark – “apt-get install Wireshark”. It can be used for packet sniffing or for examining files created by ettercap for example. The gui is a bit messed up,but it is useable.

The famous metasploit framework can also be run on the N900 and the instructions + the actual file can be found HERE. Everything works flawlessly and I have successfully exploited my Virtual Machine’s Windows XP through the phone. However, some people have had issues with the official metasploit installation guide – so here is a second one with optified ruby packages : http://talk.maemo.org/showpost.php?p=535129&postcount=1 .

The Online password cracker tool – THC-Hydra. Ported by SuperDumb. To downloadhttp://forums.internettablettalk.com/showpost.php?p=1021807&postcount=35. Install by doing a dpkg -i hydra_6.3-src-1_armel.deb.

That is it for today. If you have any issues/recommendations please make a comment.