Pwnie Express recently announced the upcoming release of the Power Pwn, a complete penetrating testing platform disguised as a surge protector.
“The device is a $1,295 ‘penetration testing’ tool that will lodge remotely activated Wi-Fi, Bluetooth, and Ethernet attacks in an effort to identify network weaknesses,” writes The Verge’s Evan Rodgers. “A convenient web interface can be accessed through the unit’s built-in 3G radio or, failing that, commands can be sent directly to the device via text message.”
“The device is equipped to bypass NAC (Network Access Control) and other security measures designed to keep unauthorized devices off the network,” writes PCWorld’s Tom Bradley. “It can tunnel through application-aware firewalls, maintain a persistent, covert, encrypted connection to the attacker, and operate in a stealth mode that is unpingable and has no listening ports to avoid detection.”
“This Power Pwn was developed with money from a new DARPA (Defense Advanced Research Projects Agency) program called Cyber Fast Track, which is trying to jumpstart a new generation of cyber-defense tools,” writes Wired’s Robert McMillan. “‘It’s kind of taking the tools that the hackers are using and putting them in the hands of the people that need to defend against the hackers,’ [Pwnie Express CEO Dave] Porcello says.”
“A device like this might be created for penetration testers, but will surely also be used by hackers, as even [its] hefty price tag … is no longer a barrier for many of them,” notes Help Net Security’s Zeljka Zorz.