~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
			@stake WAP Assessment Toolkit
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~
Introduction
~~~~~~~~~~~~
 Welcome to the @stake WAP Assessment Toolkit.  This kit is a loose collection 
 of small utilities which have been written by @stake to aid in pentesting 
 endeavors.

 All of the utilities are based on the WAP 1.2 specification, which is the 
 primary gateway found in production environments as of this writing. In 
 addition, there are few vendors that implement the WAP 2.0 specification, so 
 it did not justify the extra work to transform the tools into 1.2 and 2.0 
 compatible tools.

~~~~~~~~~~~~
The Tools
~~~~~~~~~~~~
 wspget		-	A simple way to craft URLs though the WAP gateway to the 
			end host, which is ideal if attempting to perform 
			directory traversal or other URL-based attacks such as 
			SQL injection.

 wapfinger	-	This has a list of inbuilt signatures of known WAP gateways 
			and their vulnerabilities. The information is based upon
			@stake's research. An ideal tool if you want to know which 
			implementation the operator is using.

 wapscan	-	This is a novel use of the wspget tool that basically 
			performs a port scan using the WAP gateway as a proxy to 
			perform the operation. Based on the time of the response, 
			it will allow you to identify if a port is open on 
			another host. This has only been tested with the 
			OpenWave WAP gateway at time of writing.

 wsppost	-	(Currently under development)
			
~~~~~~~~~~~~
Feedback 
~~~~~~~~~~~~
 This package is maintained by Ollie Whitehouse of @stake, please provide any 
 feedback/comments to ollie@atstake.com. In addition, any new signatures for
 wapfinger can be supplied using the following form...


~~~~~~~~~~~~
Fingerprint
~~~~~~~~~~~~ 
 The reason we ask for three dumps from wapfinger is that it will allow us
 to identify a gateway which may use timestamps or other none static data
 in it's responses.


[1) Your name]


[2) Dump from WAP finger - 1st]


[3) Dump from WAP finger - 2nd]


[4) Dump from WAP finger - 3rd]


[5) WAP gateway software and version if known]


[6) Any known vulnerabilities with this gateway?]

