Friday, November 25, 2016

Nexus 6

Back to a bit of blogging from time to time since the OSCP and work is taking quite a bit of my time. Not to mention family time with the Hyrulian princess.

A few months back, I've gotten a Nexus 6 pre-owned. Now why would I want a pre-owned 2 years old handset when I could have spend a bit more money and maybe get a not too 'old' handset? Well I wanted to replace my Nexus 7 as my mobile penetration testing device. I wanted something reliable, cheap and easily modified. The Nexus 6P was still pretty expensive back then and even though the price had come down a little (for pre-owned sets) thanks to the Pixel phones, they are still quite a bit of a wallet-drainer. The Nexus 6 on the other hand, is a gem. Big screen, faster processor than my Nexus 7, more mobile than a tablet and it's a phone for goodness sake so ... sorry Nexus 7 ... you are relegated to a backup device for now. Besides, Nougat 7.0 runs officially on the Nexus 6 which makes it a tad more 'updated'.
Ain't she a beauty? If you look carefully, you'll see a TP-Link WN722N behind the phone which I used some velcro to attach it to the phone. Works pretty well. At least I don't have to look awkward holding a phone in one hand and the other a wireless adapter. Besides this setup sorts of conceals me when I am doing assignments walking around randomly in companies without raising concerns among its employees.

By the way, in case you plan to make a Nexus 6 your only device for penetration testing or acting cool like in Mr. Robot (although that was a PwnPhone which is essentially a Nexus 5 with a customized Pwn ROM), do take note of its limitations. For one, if you heard of the recent BlackNurse attack (read up on's an interesting effective 20 years old attack technique) the Nexus 6 caps out at TX less than 10mbps which is below the 15mbps required to launch a successful attack. Not that I've never heard of people actually using their phones to DoS networks ...

No comments: