I'm going to start a little hobby project soon using the PIC18F97J60 chip made by Microchip. The PIC18F97J60 is a powerful microcontroller that has built-in support for Ethernet.

Loads of people have used this chip to make a tiny little webserver, but I want to do something new, innovative and fun.

The final device will hopefully be about the size of a matchbox.

I'm looking for ideas on what to make:
At the moment I'm thinking of making a network mapper. Basically you'd take my device and connect it into switch... leave it for a few minutes, take it out and bring it home and see what information it was able to gather.

Any other ideas? What would be a cool little device the size of a matchbox?

You're talking like a gumstix?

Interesting idea........

I have been toying with an idea along these lines myself for quite some time now, but I am afraid that my engineering skills might not be quite up to the task.

I was however thinking more along the lines of building a tiny box with an integrated wireless chip capable of sniffing data and decrypting WEP and saving all the data on an flash memory card. It would also be interesting to make it capable of some filtering options and perhaps even a MITM attack, but this is getting pretty advance already. The whole project has anyhow been put on hold since I am fairly certain that there is such a device out there already, as it does not seem like too original an idea.

I have been toying with an idea along these lines myself for quite some time now, but I am afraid that my engineering skills might not be quite up to the task.

I was however thinking more along the lines of building a tiny box with an integrated wireless chip capable of sniffing data and decrypting WEP and saving all the data on an flash memory card. It would also be interesting to make it capable of some filtering options and perhaps even a MITM attack, but this is getting pretty advance already. The whole project has anyhow been put on hold since I am fairly certain that there is such a device out there already, as it does not seem like too original an idea.

Yes, it's been done, and mounted in a Teddy bear for disguise.

But the OP's idea is a good one. It could be a good tool for gathering information before a pentest. something that could be plugged into an open ethernet port somewhere and not really be noticed.

Yes, it's been done, and mounted in a Teddy bear for disguise.

Well that's what I figured. Do you know anywhere I could read more about this project as I still find it intriguing even though it seems to be an old idea? I tried googling for it but my keywords did not return any interesting results.

Well that's what I figured. Do you know anywhere I could read more about this project as I still find it intriguing even though it seems to be an old idea? I tried googling for it but my keywords did not return any interesting results.

http://www.renderlab.net/projects/teddy-net/

http://www.renderlab.net/projects/teddy-net/

Thank you for the link, it was interesting reading even though not exactly what I had in mind.

The Teddy was a disguised rogue AP whereas what I was thinking about is a wireless sniffer that would run on batteries and be able to sniff the traffic on an existing AP nearby.

Thank you for the link, it was interesting reading even though not exactly what I had in mind.

The Teddy was a disguised rogue AP whereas what I was thinking about is a wireless sniffer that would run on batteries and be able to sniff the traffic on an existing AP nearby.

It could do that too with some minor configuration of the firmware on the AP, with all the different types of things you can do with the WRT you could disguise one as anything and have it do pretty much anything you want.

It could do that too with some minor configuration of the firmware on the AP, with all the different types of things you can do with the WRT you could disguise one as anything and have it do pretty much anything you want.

So right you are, ones imagination is pretty much the limit when it comes to its abilities. I might just have to investigate this a bit further since this sure does sound like a teddy bear in my taste :)

My sincere apologies to penguin_to_bits for hijacking your thread, but your idea got me all fired up again.

At Blackhat USA 2002 there was a presentation on a device with a similar concept done by Chris Davis and Aaron Higbee, and called "DC Phone Home". The "DC" in this case was a Sega Dreamcast, running a special Linux, which was designed to be attached to an open Ethernet port, sniff out the network, and "phone home" the information it had collected via a tunnel to a remote server.

Looking over what they did and how they went about it may give you some ideas for your device.

Here' s a list of what they had on board the Dreamcast:

Network Autoconfig
* DHCP

Scanning
* netcat
* nmap

Sniffing
* PHoss
* ngrep
* tcpdump

Tunneling
* VTun
* CIPE
* httptunnel
* icmptunnel
* stunnel
* ppp
* ssh

The original Powerpoint presentation:
http://www.blackhat.com/presentations/bh-usa-02/higbee-davis/higbeedavis-bh-us-02-phone.ppt

Security Focus had a quick article about it here:
http://www.securityfocus.com/news/558