Power Pwn: This DARPA-funded power strip will hack your network

Power Pwn: This DARPA-funded power strip will hack your network

Summary: The Power Pwn may look like a power strip, but it's actually a DARPA-funded hacking tool for launching remotely-activated Wi-Fi, Bluetooth, and Ethernet attacks. If you see one around the office, make sure to ask if it's supposed to be there.

SHARE:
Power Pwn: This DARPA-funded power strip will hack your network

The Power Pwn may look like an ordinary power strip, maybe with an included surge protector, but it's far from it. Network administrators and IT staff in general need to be wary of this one: it can do much more than meets the eye.

The Defense Advanced Research Projects Agency (DARPA)'s Cyber Fast Track program helped funded the development of the Power Pwn. Pwnie Express, which developed the $1,295 gizmo, says it's "a fully-integrated enterprise-class penetration testing platform." That's great, but the company also notes its "ingenious form-factor" (again, look at the above picture) and "highly-integrated/modular hardware design," which to me translates to: it's the perfect tool for hacking a corporate network.

So what do you get after you drop more than a grand for the device? Check out the list of features:

  • Onboard high-gain 802.11b/g/n wireless.
  • Onboard high-gain Bluetooth (up to 1000').
  • Onboard dual-Ethernet.
  • Fully functional 120/240v AC outlets!.
  • Includes 16GB internal disk storage.
  • Includes external 3G/GSM adapter.
  • Includes all release 1.1 features.
  • Fully-automated NAC/802.1x/RADIUS bypass.
  • Out-of-band SSH access over 3G/GSM cell networks!.
  • Text-to-Bash: text in bash commands via SMS! .
  • Simple web-based administration with "Plug UI".
  • One-click Evil AP, stealth mode, & passive recon.
  • Maintains persistent, covert, encrypted SSH access to your target network [Details].
  • Tunnels through application-aware firewalls & IPS.
  • Supports HTTP proxies, SSH-VPN, & OpenVPN.
  • Sends email/SMS alerts when SSH tunnels are activated.
  • Preloaded with Debian 6, Metasploit, SET, Fast-Track, w3af, Kismet, Aircrack, SSLstrip, nmap, Hydra, dsniff, Scapy, Ettercap, Bluetooth/VoIP/IPv6 tools, & more.
  • Unpingable and no listening ports in stealth mode.

To summarize that for you, the Power Pwn can launch remotely-activated Wi-Fi, Bluetooth, and Ethernet attacks to identify network weaknesses. You can send commands via a convenient Web interface, accessible through the unit's built-in 3G radio, or directly to the device via text message. In fact, if you're feeling really lazy, you can use Apple's Siri voice-recognition software to send it instructions.

It's something "you can just plug in and do a full-scale penetration test from start to finish," Pwnie Express CEO Dave Porcello told Wired. "The enterprise can use stuff like this to do testing more often and more cheaply than they’re doing it right now."

He also said 90 percent of the company's clients are commercial or federal organizations. What's the other 10 percent? That's what you should be worried about.

The good news is you still have time to get the word out. The Power Pwn is currently available for pre-order, but its estimated ship date is September 30, 2012.

See also:

Topics: Security, Government, Government US, Hardware, Networking, Tech Industry

Emil Protalinski

About Emil Protalinski

Emil is a freelance journalist writing for CNET and ZDNet. Over the years,
he has covered the tech industry for multiple publications, including Ars
Technica, Neowin, and TechSpot.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

13 comments
Log in or register to join the discussion
  • Cool, but....

    These things better be serialized in a useful way.
    JustCallMeBC
  • Expensive

    At least it is currently so expensive that casual hackers won't buy one. But serious crooks and criminals might decide that it is worth the price.
    charleyj98
    • However....

      You still have to have physical access to the location and its hardware. This is not something you hang on the outside of a building.

      Most 'professional' hackers are still cowards when it comes to showing their faces. They prefer to hide in the shadows rather than risking going out in the light and being discovered. James Bonds they are not.
      Zorched
      • The "experts" weigh in

        You've obviously never hacked the Gibson.....
        Kublakhanonomous
    • For what it can do it is not too expensive even for the casual hacker.

      Th scary thing about the other 10% of customers is that they at least some of them bought it to hack it in order to determine how it works and how they can package it, in whole or in part, in less recognizable form factors. This sort of thing has been possible and I'm sure been done before in the world of surveillance and intelligence gathering. The best thing about the news of such a device and its capabilities being available for only $1000 dollars is that it raises awareness as to the risk that was there all along.

      Basically, because of the known availability of such devices, the necessity to bug sweep for out of band signals used for controlling and exchanging information with the devices becomes apparent to companies who otherwise believed their current security practices were sufficient.
      techadmin.cc@...
      • See how it works????

        Why? Just by looking at the feature list, it's obvious that this is *essentially* a highly integrated version of the wifi router in your home, running Linux with a whole lot of OSS s/w and some ingenious custom s/w installed.

        The high cost is from the low production rates.
        Media Whore
        • Don't forget the hardware...

          It is more than a router since I know of no routers with high gain bluetooth or out of band 3G antennas. The software for these capabilities are likely to be based on open source but I'm sure there was a lot of custom code written as well.
          techadmin.cc@...
  • 007

    I would think a gadget like that would be for covert ops and CIA. Not something they would advertise like any type of power strip or computer accessory. Doesn't advertising it defeat the purpose? Now it will be the first thing any IT security guy looks out for in his shop.
    vbprgrmr@...
    • Except that it's a power strip...

      If I were Power Pwn, then I'd make them look as genericly Chinese-bland as possible, so they hide in plain site, not giving the IT guys anything to worry about.
      Media Whore
  • Mmmm

    Cheaper by the gross?
    Altotus
  • They forgot...

    They forgot to mention the power line communications... In other words, access your network over the power lines.

    "In the 1930s, ripple carrier signalling was introduced on the medium (10-20 kV) and low voltage (240/415 V) distribution systems." The technology has been around for a long time and is now a useful backdoor into corporate systems. Soon, it will be your home as well. ;)
    rsn10100
  • words

    "Helped funded" drop the ed on fund. It is not needed or correct, it is hard to read. It is even awkward to say.
    Surely there are network analyzers available that would do the same or more without compromising your system. To put it into a power strip is being devious. $1295 is a steep price, I won't be buying one, I have no need for it either.
    dhays
  • It's a repeater/range booster...

    It can not remotely log into another pc, if it has to go through your internet because hopefully you have a firewall..... You can also make sure of this by blocking the known and un-known pipes, ports and IP's and mac's that you do not know, or shouldn't be there. Then load your own router.switch or repeater OS onto it. Just to be sure. If you think it was... you would have given us more details about what is loaded on the OS. And how it would connect, over your network...to another pc. Pipeline exploits and the description from their site...is too vague. Since most are known...fw/AV usually catches even the feds attempts...unless you use mcaffe or norton etc...which allow the exploits openly...Stateing "that it is not a virus or malware...so they do nothing" It doesn't even sound like you have properly evaluated the device yourself...Just wish to spread misinfo and discredit a company...very cia and fbi of you...This makes me think you are the one's who are darpa funded and work with them.

    There are hundreds of verizon repeaters everywhere...just one of the many, each gathers all wifi and cell in the area and logs and repeats it. Hence the reason why wifi/cell will never be secure, period. Encryption is the only way, and can be cracked as well. Sometimes easily.

    Powerline ethernet will not pose a risk, unless you also use the technology and don't have a firewall that you can monitor real-time, and configure on the fly. You will also have to be aware of pipeline exploits here too.

    Out of range frequencies are a nice feature too...often used to communicate when others are too congested. Not the "emergency" bands you may be thinking of.
    muchpazsion@...