Power-strip lookalike hacks office networks

Jul 23, 2012 by Nancy Owano weblog

(Phys.org) -- Pwnie Express, the company specializing in cyber security products, calls its new device “ingenious.” Bloggers hearing about it are paying attention to the fact that it is a power-strip lookalike but with far more ambitious intentions, such as stealth-penetrating a corporate network. Power Pwn is the name of the little device for security testing on corporate networks. It looks like an under the office desk power strip. It is actually a testing platform where security can be put to the test, a self-hacking tool for launching remotely-activated Wi-Fi, Bluetooth, and Ethernet attacks.

The testing platform covers the range from physical to application layers. Pwnie Express is taking pre-orders for the device with a pricetag of $1295 and an estimated ship date of September 30.

The Pwnie Express product description says it is a first-to-market “commercial penetration testing drop box platform” for remote security testing of corporate facilities, including branch offices and retail locations.

The device has Bluetooth and Wi-Fi adapters, a cellular connection, dual Ethernet ports, and hacking and remote access tools that let security professionals test the and call home to be remotely controlled via the cellular network. The device comes with easy-to-use scripts that cause it to boot up and then phone home for instructions.

A “text-to-bash” feature allows sending commands to the device using SMS messages. Power Pwn is preloaded with Debian 6, Metasploit, SET, Fast-Track, w3af, Kismet, Aircrack, SSLstrip, nmap, Hydra, dsniff, Scapy, Ettercap, Bluetooth/VoIP/IPv6 tools and. It really can function as a 120/240v AC outlet strip.

The Power Pwn has funding from a new Defense Advanced Research Projects Agency (DARPA) program called Cyber Fast Track (CFT), which is looking to advance new cyber-defense tools. The officially stated purpose of CFT is to fund research to be performed by boutique security companies, individuals, and hacker/maker-spaces, and allow them to keep the commercial intellectual property for what they create.

While the purpose is to place this in the right hands for identifying network weaknesses, Tony Bradley of PCWorld is asking what about the device landing in the wrong hands, as an attacker could communicate with the device from inside the network or around the world. The device can, after all, bypass Network Access Control and other measures in place to keep unauthorized devices off the network. It can tunnel through firewalls, he notes, maintain an encrypted connection to the attacker, and operate in stealth mode.

“The fact is that any attacker with $1,300 can buy one and surreptitiously plant it in your office,” he said. His advice for those in business settings is to check out and mark their office surge protectors and strips and allow only approved power strips to be in the inventory.

Explore further: Government ups air bag warning to 7.8M vehicles

More information: pwnieexpress.com/products/power-pwn

Related Stories

Dell Introduces Switches With Advanced Security, Power

Jun 27, 2005

PowerConnect 3400 Series Delivers Cost-Effective Platform for High-Performance Workgroup Connectivity Dell today announced a new series of high-performance PowerConnectTM switches with advanced security capabilities and ente ...

US-CERT says Wi-Fi hole open to brute force attack

Dec 29, 2011

(PhysOrg.com) -- The US Computer Emergency Readiness Team (US-CERT) has issued a warning about a security hole in the Wi-Fi Protected Set-up protocol for Wi-Fi routers. Security researcher Stefan Viehbock ...

Android suited up for C-level security

Oct 11, 2011

(PhysOrg.com) -- Android is enterprise-ready, with this week's announcement of a new security platform for Android, from Motorola Mobility's subsidiary, 3LM (stands for Three Laws Mobility). This is a potential ...

Researchers find way to measure effect of Wi-Fi attacks

Sep 12, 2011

Researchers from North Carolina State University have developed a way to measure how badly a Wi-Fi network would be disrupted by different types of attacks – a valuable tool for developing new security technologies.

Recommended for you

Government ups air bag warning to 7.8M vehicles (Update)

17 hours ago

The U.S. government is now urging owners of nearly 8 million cars and trucks to have the air bags repaired because of potential danger to drivers and passengers. But the effort is being complicated by confusing ...

HP supercomputer at NREL garners top honor

Oct 21, 2014

A supercomputer created by Hewlett-Packard (HP) and the Energy Department's National Renewable Energy Laboratory (NREL) that uses warm water to cool its servers, and then re-uses that water to heat its building, has been ...

User comments : 18

Adjust slider to filter visible comments by rank

Display comments: newest first

indio007
3 / 5 (10) Jul 23, 2012
Much ado about nothing.
If you can plug this in you already have physical access.
Your security is already defeated.
No fancy devices required.
Skepticus
1 / 5 (8) Jul 23, 2012
Too expensive. I am waiting another few months for a $100 Chinese ripoff.
ackzsel
4.7 / 5 (3) Jul 23, 2012
@indio007
How about selling it to companies and let them smuggle it into their offices like a Trojan horse.
Sonhouse
5 / 5 (3) Jul 23, 2012
It's a two edged sword, the company touts it as a test box to test your security but it obviously can be used not as a test box but as a penetration aid:)
GeToChKn
4.8 / 5 (5) Jul 23, 2012
Much ado about nothing.
If you can plug this in you already have physical access.
Your security is already defeated.
No fancy devices required.


I'm sure if you sent 5 of these to a bank or other place, someone would plug them in. Even tout them as some new fancy anti-hackable power strip, put some material in the box stating that fact and your company is offering their bank a free sample to try and I bet someone plugs them in.
SatanLover
1.6 / 5 (7) Jul 23, 2012
linux 2.6? wow do you guys live in the dark ages or something?
dtxx
1 / 5 (6) Jul 23, 2012
$1295 for the equivalent of something I could build esentially for free on an old piece of hardware or in a VM? No thanks. Use BackTrack and you will get many more tools, plus it already comes wrapped up in a VM if you desire. And you get a custom 3.2.6 kernel, which is still not quite current, but definitely better than 2.6.
Bowler_4007
1 / 5 (6) Jul 23, 2012
ordinary power strips don't have ethernet or usb ports and i can't tell what the last one is but that wouldn't be present on ordinary power strips either, not only that but whats with the huge bulk? if it doesn't proclaim to have a feature that needs such space then its obviously going to gain suspicion.

even without the article telling i would find this thing odd
dtxx
2.8 / 5 (6) Jul 23, 2012
ordinary power strips don't have ethernet or usb ports and i can't tell what the last one is but that wouldn't be present on ordinary power strips either, not only that but whats with the huge bulk? if it doesn't proclaim to have a feature that needs such space then its obviously going to gain suspicion.

even without the article telling i would find this thing odd


That's a USB console port like you would find on a switch.
Bowler_4007
1.1 / 5 (8) Jul 23, 2012
ordinary power strips don't have ethernet or usb ports and i can't tell what the last one is but that wouldn't be present on ordinary power strips either, not only that but whats with the huge bulk? if it doesn't proclaim to have a feature that needs such space then its obviously going to gain suspicion.

even without the article telling i would find this thing odd


That's a USB console port like you would find on a switch.

'switch' is a bit vague for example i wouldn't expect to find a usb port on a light switch, and which do you mean by 'that' the usb port i mentioned or the unknown port i mentioned?
dtxx
2.5 / 5 (8) Jul 23, 2012
ordinary power strips don't have ethernet or usb ports and i can't tell what the last one is but that wouldn't be present on ordinary power strips either, not only that but whats with the huge bulk? if it doesn't proclaim to have a feature that needs such space then its obviously going to gain suspicion.

even without the article telling i would find this thing odd


That's a USB console port like you would find on a switch.

'switch' is a bit vague for example i wouldn't expect to find a usb port on a light switch, and which do you mean by 'that' the usb port i mentioned or the unknown port i mentioned?


I'm talking about the unknown port being a console port. I thought it would be obvious since I quoted your question??? And how could it not be clear that I am talking about network switching? It's pretty obvious you have absolutely no idea what you are talking about. I'm not trying to be a dick, but get a clue.
antonima
5 / 5 (1) Jul 24, 2012
Clearly, it can be used for intra-corporate hacking?? I mean, it is DARPA funded so it cant be that shady. But still, I wonder about the abuse potential on such a product.
antialias_physorg
not rated yet Jul 24, 2012
If you can plug this in you already have physical access.

It's for security testing. Not for actual penetration (though I suppose you could abuse it for that).
It's used to simulate an attack from the outside on your unsecured WiFi/Bluetooth/Ethernet.
Jeddy_Mctedder
1.3 / 5 (8) Jul 24, 2012
the quicker there are massive hacker attacks that are in the news all the time, the quicker government has an excuse to take over the entire internet and require internet "i.d." and all sorts of other repressive tactics against a dissenting population.
Squirrel
1 / 5 (1) Jul 24, 2012
Pwnie Express will not let Power Pwn get in the wrong hands--it would be sued into bankrupcy. I bet Pwnie Express has put in a backdoor communication channel that lets it check the location and use of each one. And as for Chinese copies--that is an opportunity for Pwnie Express to create and sell further devices and services to detect them--after all it will be in the best position to know how to do that.
Bowler_4007
1.4 / 5 (9) Jul 24, 2012
I'm talking about the unknown port being a console port. I thought it would be obvious since I quoted your question??? And how could it not be clear that I am talking about network switching? It's pretty obvious you have absolutely no idea what you are talking about. I'm not trying to be a dick, but get a clue.

how is it obvious you condescending prick? i mentioned usb ports in my first post and you mentioned a usb port in your post yet we were still talking about different ports, and i've never used a network switching device so i wouldn't know what one looks like, and even if i did it still wouldn't have been obvious.

for example i have a switching device which allows to plug my keyboard, mouse, usb devices and upto 2 monitors into more than one computer.

i do know what power strips look like, the ones i have seen for offices if they have ethernet ports or usb ports they're there for surge protection
alfie_null
not rated yet Jul 24, 2012
Probably not too difficult to build something that would fit inside the case of one of those generic, inexpensive switches. Custom programmed FPGA, a small processor with embedded linux, voila - a drop-in replacement.
Might be possible to detect incursions like this by measuring the characteristics (electrical, as a transmission line) of the cable, and detecting when they change.
Rdavid
not rated yet Jul 24, 2012
They should provide a GFCI model for that kind of money.