www.storm.net.nz
[ / ] [ Metlstorm ] [ Projects ] [ ice.storm.net.nz ] [ \m/ ]

Projects
Security
Metlstorm, in the hizzous at Defcon 13's Apollo room. SSH 'Jack

Brett Moore of Insomnia has released PuttyHijack, an implementation of the same sort of thing for the Putty Win32 SSH client. Might come in handy for...

Viewing the results of a Hai2IVR run. Each PIN attempt is listed, and some sorting and tagging tools are available to sift through the results. Note the playback controls at the bottom, which allow you to play back the call; the little arrows indicate where in the call a DTMF tone sequence was sent. Hai2IVR

Hai2IVR is a SIP-client for brute forcing DTMF prompts in IVR systems.Many systems (banking, voicemail, calling card) rely on short PIN numbers...

MAFL-Load

During both my 2k5 and 2k7 ssh-jack presentations, I used mafl-load to execute ssh-jack. People have been asking about it, so, here it is....

Haxxing firewire on the middle screen, and about to unlock the volunteer's windows box on the right. Firewire, DMA & Windows

Updated Mar 7th, 2008: Holy crap, three quarters of a million hits later. oO. Some people have reported trouble getting things to work - one thing to...

The PoC exploit in action. Ahh, the rootshell moneyshot. Asterisk Remote Root

While reading the source to Asterisk one exciting weekend, I spotted an integer overflow, which lead to a heap overflow, which lead to a remote root...

No, it doesn't actually look like this when it runs. Lay off the hollywood UI crackpipe, huh. Metl-o-UnNetCrypt

A python tool which decrypts perl files that have been obfuscated with Filter::Netcrypt. I have no idea who wrote Filter::Netcrypt, or who uses it,...

Wireless
Action shot! Wow. Geeking is so exciting huh? Metl Kismet GPS Plotter - Google Earth Edition

I've been contemplating how to better visualise war-driving data, and after Cam demoed the Airmagnet site survey tools while on the 802.1X Roadshow...

More 3dviz. In my opinion, there should be only two sorts of user interface; commandline, and full-VR-wankovision ones. Metl War Tri Pod

What do you get when you cross a lego mindstorms kit with a 14dbi yagi? The MetlWarTriPod. MWTP is a project who's eventual goal is automated 802.11...

Newer screenshot, showing new AP list, multiple-AP-selection-and-filtering, different plots of data and management frames, and the new improved channel utilization display. Metl Kismet Client

A spin-off from MWTP, a fullscreen, hardware-accelerated graphical Kismet client. Initially I wrote it to vizualise the azimuth input data from the...

Here MKGP renders a query for all AP's who observed range is less than 500m in downtown Auckland (yes, there's that many APs in Auckland city. So far over the last couple of years I've seen over 3000 unique networks). You can see range circles, coloured by channel, and some lines plotting where we recieved a packet to where the AP is predicted to be. The blue line is the GPS track, and the black blobs are APs. Metlstorms Kismet GPS Plott0r

MKGP was my first foray in to geospatial visualization of wardriving data. I'd got plenty of georeferenced Kismet logs from wardriving with the Helix...

Wireless device detection done, pretty usable Metl Helix Wireless Grapher

A straightforward 802.11 wireless network sniffer and grapher. Uses RFMON mode to detect access points, and then displays a rolling graph of signal...

MNRV is still mostly pictures like this, rather than shiny output. Welcome to the Metlstorm School of UI Design. Metl Network Recon Visualizer

MNRV is a still-very-early-stages project to build a wireless sniffer that does more than just give you a list of APs. My goal is to be able to have...

Home
Wow. Screenshots of scripts are pretty rockin' huh. Altho, all up, this got me 57 Airpoints. Oh lordy, how will I cope with the excitement? Rotoseat

Heh. So I travel a bit for work, and when people are pimping for full fare economy, I feel duty bound to collect the airpoints. Except that I never...

The what's-playing interface. But don't look at pictures, go <a href="http://ice.storm.net.nz">listen</a>. Noise

Noise, that's what. Back in 1999, when I worked at an ISP and had loads of free bandwidth, I started a 128kbps all metal streaming MP3 server. The...

See, I'm editing this entry. Weblstorm

A custom python web content management system with through the web editing and stuff. What's rendering this content. Uses the TurboGears python web...

OMG wow, it's got nothing to display! Viewtron

I turned an old screen into an 'electronic picture frame' for the missus to put some of her ~20k digital camera pictures onto. I soon got...

Main configuration screen; list of layouts, list of images, list of page-instances, and a preview-render of the current working page. CharGrill

"Char's Graphical Renderer of Images in Lots of Layouts" My partner is a graphic designer. At one point she was producing a magazine that consisted...

Abandonware
GTK based GPS moving map display. It builds the display out of a collection of raster map images, and composits them to build the map. The black squares indicate map boundaries, so the little smaller black squares show that there's more high-res data available for Auckland City. Obscured By Clouds

About the same time I was writing MKGP, I was working on a raster moving-map-display GPS application, due to my dissatisfaction with GPSDrive. I...