The Pwnie Express is a device that is designed for remote security testing of corporate and federal facilities and can be used as an “All-In-One” hacking drop box, aiding the pentesters at Compass Security, to conduct “real world” industrial espionage simulations.
The typical penetration testing scenario is:
1) A Compass analyst manages to “social-engineer” his way into the premises of the customer, who ordered the penetration test.
2) As soon as the analyst finds an unprotected network plug, printer, WiFi network or unprotected computer, he connects the Pwnie Express device to it.
3) The preconfigured Pwn Plug uses extremely aggressive reverse tunneling mechanisms to establish a reverse connection (SSH, SSL, HTTP, ICMP, DNS, 3G) back to the compass C&C (command and control) server.
4) From this server the analyst at Compass is able to penetrate the internal network of the customer, as if he is on site.
All in all a very useful little tool that shows possible impacts of missing user awareness or inadequately secured premises to our customers.
Leave a Reply