Pwnie Express is in your network, pwning your security (again)


Pwnie Express have released some amazing gear in the past for testing network security, including the original Pwn Plug and the Power Pwn. Now they have another innocuous-looking device, due to be presented at the Black Hat security conference in Las Vegas, that can stress-test your internal security.

The Pwn Plug R2 is an evolution of the original device, looking more like a WiFi router than a wall plug, but like the other products in Pwnie Express’ stable, appearances are very deceiving.

Inside the Pwn Plug R2 resides a 1.2GHz Armada-370 processor with 1GB of DDR3 RAM, 32GB of microSDHC storage, gigabit ethernet, Bluetooth and 802.11b/g/n connectivity but this mini-PC-in-disguise is more than just its hardware. The high-gain wireless connectivity is used for the packet injection and monitor mode, ethernet supports NAC bypass and network monitoring and even the high-gain Bluetooth connection allows for packet injection. But those are just a few of the security-testing features that the Pwn Plug R2 features.

Pwnie Express founder and CEO Dave Porcello explains the capabilities of his company’s newest hardware, saying “It’ll automatically tunnel out of whatever network it’s plugged into over a bunch of differently used covert channels that attackers usually use, such as tunneling over a trusted protocol like HTTP, SSL, DNS, and ICMP. And then if none of those works, you can always access over 4G. Or if your test is to try to avoid detection, than 4g is the way to go, because none of your control traffic will hit the target network.”

Of course, once it is in your network the Pwn Plug R2 has some interesting software designed to scoop everything from smartphone signals to network traffic to login details out of systems with sub-par security. The Pwn Plug R2 is currently up for pre-order, costing $895 (R8,850) for pretty much anything a user might need to check the integrity of their networks.

Source: Ars Technica


About Author

Leave A Reply