Skip to main content

My Phone, The File Server

I'm cleaning out my room.

There's so much stuff that could make other people happier than it makes me. If anyone is interested in a variety of things, from fancy knapsacks to Tsum Tsums to dolls, let me know.

But that's not why we're here - We're here because I found my old Moto X phone. I'm not sure why I stopped using it, but I know I replaced it with the Galaxy S5 in 2014, and eventually my mother's hand-me-down LG Stylo until I dropped it and shattered the screen.



And receiving my own LG Stylo 2 this February. If I knew I still had my Moto, I wouldn't have paid money for an upgrade (Assuming it still works on T-Mobile's networks. It should).

So I found the article - What To Do With an Old Smartphone - And besides some usual suggestions - one stood out.

Make Your Phone into a File Server.

 I picked the app FTP Server - It opens the appropriate ports on the phone and grants file access. Of course, you could probably do it a different way without the help of a third party application.

And Lo and behold;




While the default port for FTP is 21, this one is using 2221. Why? I change it to 21 to see if it still works. It doesn't, so I turn it back.

Here are the settings on the application;







It seems that we can only pick one directory to work from at a time. I took a screenshot, placed it in the appropriate folder, and simply saved it from the "server"!


I can also enable a password and username to log in;

This is a private network, so no problems. But one could probably lure people to an open file server in a public place. How could I monitor hits? 



These are the interfaces the application can listen to. PAN and Wifi make sense, but how would outside connections come through on the Loopback? Does Mobile Data have a port to listen on?

Since the phone I'm using (The Stylo 1) Does not have access to the phone network, Mobile's a moot point anyway. I could install this on my active phone, but that doesn't seem smart. I don't do sensitive business on my phone to begin with, but why allow access?

So, why does this work? Because it's in a private network. It's using a private IP address, significant to our network only.

BUT....can I upload something to it from my Macbook?


I've never used the 'Go' option on my Macbook in the five years I've had it until today. 

I can connect to the server easily, using the IP address, port, and login creds.



So, I'll take this image;


And stick it somewhere on the server. Will it show up? 
There's not an upload option in the server settings, so no. But this was certainly a fun and informative thing to play with! 

I'll be sure to use this more in the future, if I can find an option with upload capabilities.


Labels:

Comments

Post a Comment

Popular posts from this blog

Connecting IoT Devices to a Registration Server (Packet Tracer, Cisco)

In Packet Tracer, a demo software made by Cisco Systems. It certainly has changed a lot since 2016. It's almost an Olympic feat to even get started with it now, but it does look snazzy. This is for the new CCNA, that integrates, among other things, IoT and Automation, which I've worked on here before. Instructions here . I don't know if this is an aspect of "Let's make sure people are paying attention and not simply following blindly", or an oversight - The instructions indicate a Meraki Server, when a regular one is the working option here. I have to enable the IoT service on this server. Also, we assign the server an IPv4 address from a DHCP pool instead of giving it a static one. For something that handles our IoT business, perhaps that's safer; Getting a new IPv4 address every week or so is a minimal step against an intruder, but it is a step. There are no devices associated with this new server; In an earlier lab (not shown), I attached them to 'H
Post a Comment
Read more

Securing Terraform and You Part 1 -- rego, Tfsec, and Terrascan

9/20: The open source version of Terraform is now  OpenTofu     Sometimes, I write articles even when things don't work. It's about showing a learning process.  Using IaC means consistency, and one thing you don't want to do is have 5 open S3 buckets on AWS that anyone on the internet can reach.  That's where tools such as Terrascan and Tfsec come in, where we can make our own policies and rules to be checked against our code before we init.  As this was contract work, I can't show you the exact code used, but I can tell you that this blog post by Cesar Rodriguez of Cloud Security Musings was quite helpful, as well as this one by Chris Ayers . The issue is using Rego; I found a cool VS Code Extension; Terrascan Rego Editor , as well as several courses on Styra Academy; Policy Authoring and Policy Essentials . The big issue was figuring out how to tell Terrascan to follow a certain policy; I made it, put it in a directory, and ran the program while in that directory
Post a Comment
Read more

Create a Simple Network (Packet Tracer) + A Walkthrough

Again; I've done this, but now there's so many new things, I'm doing it again. The truly new portions were...everything on the right side of this diagram; The cloud needed a coax connector and a copper Ethernet connector. It's all easy to install, turn off the cloud (Weird), install the modules. Getting the Cable section of Connections was an unusual struggle - The other drop down menu had nothing within. It required going into the Ethernet options and setting the Provider Network to 'cable', which is the next step AFTER the drop-downs. The rest was typical DHCP and DNS setups, mainly on the Cisco server down there. The post is rather short - How about adding a video to it? Find out what A Record means - This site says 'Maps a name to an IP address', which is DNS. So it's another name for DNS? You can change them (presumably in a local context) to associate an IP address to another name.
Post a Comment
Read more