Hacker Tool Disguised As A Power Strip

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
This is a bit scary, now isn't it?

Building on the game-changing success of the Pwn Plug, the Power Pwn is a fully-integrated enterprise-class penetration testing platform. Through it's ingenious form-factor and highly-integrated/modular hardware design, the Power Pwn covers the entire spectrum of a full-scale pentesting engagement, from the physical-layer to the application-layer.
Click to expand...
 
If its advertised now publicly that means its been in the wild for some time.

Dig the name. Power Pwn, LOL
 
If it isn't the FBI hunting for those interested in pre-ordering such a device? :cool:

No, you're right, the FBI isn't that imaginative. :rolleyes:
 
Where you stick it?
If they stick it in mine, I am keeping it!
 
Anyway, thinking about it, I wouldn't touch it with a turd on a barge-pole. They might have something in it to send my passwords back to them.
 
It would surely be useless most of the itme though. How often do people really bother plugging in the USB/ethernet cables into their machines through it? Most just use it for the power.
 
Ducman69 said:
It would surely be useless most of the itme though. How often do people really bother plugging in the USB/ethernet cables into their machines through it? Most just use it for the power.
Click to expand...

No it's not useless.

It's a penetration testing tool.

The product has a wireless antenna in it, ethernet connections, bluetooth, etc. The idea is that the device doesn't raise suspicion when doing security audits so you can leave it in place or do a physical pen test by plugging it in somewhere on the network if you gain access to the building. You then open up an unsecured AP, try to crack WEP/WAP, and sniff bluetooth signals. Additionally, you can try to sniff network traffic or redirect it via SSH to another network. The device attempts to hide itself from IDS systems.

It's a tool for security professionals. You could use it to actually hack, but it's expensive and there are generally easier ways to get the data you need.

This device is more for a comprehensive security audit including physical security.
 
Ducman69 said:
It would surely be useless most of the itme though. How often do people really bother plugging in the USB/ethernet cables into their machines through it? Most just use it for the power.
Click to expand...

Only those of us who aren't completely retarded and like not having power spikes shunted into our PC's. Remember the days of the regular telephone line modem? How many of those had to be replaced or took out whole systems after a storm because people would put all of their plugs on a surge protector while plugging the phone line right into the wall. Ethernet can transmit a pretty decent amount of power along it.
 
InternationalHat said:
It's a tool for security professionals. You could use it to actually hack, but it's expensive and there are generally easier ways to get the data you need.
Click to expand...

Android phone running a chroot comes to mind. Inconspicuous and most people wouldn't suspect a phone to be capable of that kind of stuff. USB OTG with an Ethernet Dongle could get you the LAN testing done. Wifi sniffing for everything else.
 
Oldie said:
Only those of us who aren't completely retarded and like not having power spikes shunted into our PC's. Remember the days of the regular telephone line modem? How many of those had to be replaced or took out whole systems after a storm because people would put all of their plugs on a surge protector while plugging the phone line right into the wall. Ethernet can transmit a pretty decent amount of power along it.
Click to expand...

1.21 gigawatts?! :D
 
You must log in or register to reply here.
Back
Top