Tuesday, October 24, 2017

talking about Snowden just a resume ...Power Strip's a Penetration Testing Tool in Disguise

Power Pwn is a fully integrated enterprise-class device that can be used over Ethernet, wireless or Bluetooth connections.
It is priced at US$1,300 and is currently available for pre-order.
The Power Pwn "is similar to a 1.2 GHz ARM-based processor running Linux,

he Power Pwn has fully functional 120/240v AC sockets. It comes with 16 GB of internal disk storage and onboard dual-Ethernet ports. It can be used with high-gain 802.11b/g/n wireless services or with high-gain Bluetooth, the latter at a range of up to 1,000 feet.
It also has a fully automated NAC/802.1x RADIUS bypass; out-of-band SSH access over 3G and GSM cell networks; and an unlocked external 3G/ GSM adapter. The 3G/GSM adapter is compatible with SIM cards from AT&T, Vodafone, Orange and GSM carriers in more than 160 countries.
Users can text in Bash commands through SMS.
The Power Pwn maintains persistent, covert, encryptedSSN access to target networks.
It tunnels through application-aware firewalls and intrusion-prevention systems. It supports HTTP proxies and SSH-VPN. It is said to be unpingable, and it has no listening ports in stealth mode.
The Power Pwn comes preloaded with Debian 6, Metasploit, SET, Fast-Track, Aircrack and other tools.
"The tools on it are all open source, well known tools," Pwnie Express' Hughes said.
The Power Pwn has a graphical user interface (GUI) that's used to configure it to a qualified domain name or a public IP address on a receiver station, either over Ethernet or wireless or 3G. It can be managed over the UI or through a command line, Hughes said.

A Double-Edged Sword

Once the Power Pwn is deployed, if it engages network access control and runs in stealth mode, it is essentially undetectable

No comments:

Man in the Rain