Spy Gear

Power Pwn: a DARPA-funded hack machine

A fully featured pentesting solution
A fully featured pentesting solution
View 6 Images
A fully featured pentesting solution
1/6
A fully featured pentesting solution
A wide range of connectivity options including wireless, dual Ethernet and 3G/GSM cell networks.
2/6
A wide range of connectivity options including wireless, dual Ethernet and 3G/GSM cell networks.
Text to bash functionality
3/6
Text to bash functionality
Text to bash functionality
4/6
Text to bash functionality
Eight fully functioning 120/240v AC outlets
5/6
Eight fully functioning 120/240v AC outlets
The Power Pwn runs the Debian 6 instance of Linux
6/6
The Power Pwn runs the Debian 6 instance of Linux

The Power Pwn is a fully-integrated, enterprise-class penetration testing platform. A successor to the popular Pwn Plug, the device features a highly-integrated modular hardware design. Backed and funded by the Defense Research Projects Agency (DARPA), it aims to provide corporations and security-conscious individuals with a cheaper and easier means to defend themselves against hackers, by providing them with the same set of tools as their digital assailants.

With the appearance of a simple surge protector, the Power Pwn won't turn any heads, but crack open its unassuming casing and you'll find everything you need to run a full-scale security auditing software suite. The biggest draw of the device is undoubtedly its ability to perform tests remotely. A security professional can simply ship the Power Pwn to a corporate facility and gain access to the device covertly over Ethernet, wireless or 3G/GSM cell networks.

Text to bash functionality
Text to bash functionality

The cellular network functionality allows users to text in bash commands via SMS. There's even the potential to take advantage of voice-recognition software such as Apple's Siri to push commands to the device.

Shipping with the Debian 6 instance of Linux, the Power Pwn aims to make comprehensive pentesting easier and cheaper for corporations and security professionals. Companies can mail the US$1,295 hardware out to their branches and conduct full-scale penetration tests of their remote networks, completely eliminating travel expenses.

A wide range of connectivity options including wireless, dual Ethernet and 3G/GSM cell networks.
A wide range of connectivity options including wireless, dual Ethernet and 3G/GSM cell networks.

There are concerns that hackers may use the device against its intended owners, but the backing and funding of DARPA should go some way to ensuring that the Power Pwn stays firmly in the hands of the good guys. To this effect, the CEO of Pwnie Express, Dave Porcello told Wired that 90 percent of the company's customers work for corporations or the federal government.

Full features and specs are as follows:

  • Onboard high-gain 802.11b/g/n wireless
  • Onboard high-gain Bluetooth (up to 1000')
  • Onboard dual-Ethernet
  • 120/240v AC outlets
  • 16 GB internal disk storage
  • External 3G/GSM adapter
  • Fully-automated NAC/802.1x/RADIUS bypass
  • Out-of-band SSH access over 3G/GSM cell networks
  • Text-to-Bash: text in bash commands via SMS
  • Web-based administration with “Plug UI”
  • One-click Evil AP, stealth mode, & passive recon
  • Maintains persistent, covert, encrypted SSH access to your target network
  • Tunnels through application-aware firewalls & IPS
  • Supports HTTP proxies, SSH-VPN, & OpenVPN
  • Sends email/SMS alerts when SSH tunnels are activated
  • Preloaded with Debian 6, Metasploit, SET, Fast-Track, w3af, Kismet, Aircrack, SSLstrip, nmap, Hydra, dsniff, Scapy, Ettercap, Bluetooth/VoIP/IPv6 tools and more.
  • Unpingable and no listening ports in stealth mode
  • Sources: Pwnie Express, Wired

    2 comments
    christopher
    LOL - if it's for testing, why is it disguised and bristling with stealth? This gadget has exactly one use: industrial espionage, which was obvious in itself before they even told us who the customers were :-)
    StWils
    So, 90% of their customers are known corporate & federal users. And who are the other 10%? Not really, sure but the company took their money and sold stuff anyway? Exactly what part of this is supposed to engender a sense of safety? The most likely corporate users are going to be some of the same S%%tHeds in fine, trustworthLess industries like finance, pharmaceuticals, or Oil. The Feds are going to be folks like the A$$Ho@@s at FDA or EPA focused on hunting down employees squealing on the agency or the previously described corporations buying agency control on a rent-to-own plan. While I cheerfully look forward to Julian Assange appearing in a Swedish court or the little Army private serving life for damaging national security I am not entirely certain there is reason to be pleased that someone can sneak into a system by just swapping out a power strip.
    Thanks for reading our articles. Please consider subscribing to New Atlas Plus.
    By doing so you will be supporting independent journalism, plus you will get the benefits of a faster, ad-free experience.