The DARPA-Funded Power Strip That Will Hack Your Network 176
An anonymous reader writes "The Power Pwn may look like a power strip, but it's actually a DARPA-funded hacking tool for launching remotely-activated Wi-Fi, Bluetooth, and Ethernet attacks. If you see one around the office, make a point to ask if it's supposed to be there. Pwnie Express, which developed the $1,295 tool, says it's 'a fully-integrated enterprise-class penetration testing platform.' That's great, but the company also notes its 'ingenious form-factor' (again, look at the above picture) and 'highly-integrated/modular hardware design,' which to me makes it look like the perfect gizmo for nefarious purposes."
O RLY (Score:5, Funny)
Omg Pwnies!
Made in China ? (Score:5, Interesting)
Hopefully this strip is not made in China
I'm crossing my fingers
Re:Made in China ? (Score:5, Funny)
Re:Made in China ? (Score:5, Insightful)
So easy to make your own.
DARPA paid for this? It's Backtrack/Aircrack/Metasploit on a board.
Hello, Raspberry Pi!
Re: (Score:2)
Your power strip looks a little damp.
Better dry it out in the microwave.
Re: (Score:3)
Yeah?
I have also been worrying about that laser printer you got.
It has gig ethernet on your corp VLANs, a webserver, a JVM with hard-disk persistence - and a "cloud print" option for the Internet.
What could we do with that?
Re:Made in China ? (Score:5, Interesting)
Hopefully this strip is not made in China I'm crossing my fingers
According to the link from cryptome than an AC has provided further down here [cryptome.org], the hardware is indeed mostly made in China. What makes this US made to the satisfaction of the government is that the software that makes this thing what it is, is made in the US, replacing all the original code.
This document goes on at length about how that can be. As an EE, not a lawyer, I found the information that the "brain" is a SheevaPlug to be more interesting.
Licenses? (Score:4, Interesting)
TFA says "Preloaded with Debian 6, Metasploit, SET, Fast-Track, w3af, Kismet, Aircrack, SSLstrip, nmap, Hydra, dsniff, Scapy, Ettercap, Bluetooth/VoIP/IPv6 tools, & more". Which leads us to a question, since they're distributing it: are they in compliance with relevant licenses (e.g. GPL) if they have they modified any of the FOSS packages ?
Re:Licenses? (Score:4, Informative)
Found of Pwnie Express here - we are indeed in compliance with all OSS, and none of the OSS packages have been modified (our value add is in the custom ruby-based web UI, automation scripts, etc.)
Re: (Score:2)
I believe he's taking the tack that GPL and so forth are not free as they impose restrictions (the encumbrance he refers to) in which case he appears to be saying that the only true free open source is BSD/PD and so forth
Can't do everything... (Score:2, Funny)
it's actually a DARPA-funded hacking tool for launching remotely-activated Wi-Fi, Bluetooth, and Ethernet attacks.
Might be somewhat impressive, but it can't get first post!
Re: (Score:2)
Would you be impressed if it fits in your electric meter?
There is a perfectly logical explanation (Score:5, Insightful)
...for the appearance of this device.
Part of a penetration test should be, and I don't think I need to remind those who are active in the cybersecurity industry of this(!), creating hacking devices that look as if they're part of the furniture - like they're supposed to be there.
Discuss.
Re:There is a perfectly logical explanation (Score:4, Funny)
Re:There is a perfectly logical explanation (Score:5, Informative)
Why would they? Newer power strips have "USB Charging Ports" for cell phones and other gadgets, so you don't need to waste a normal outlet on them.
Re: (Score:2)
Ethernet also passes as surge protection for telephone/network cables.
Re: (Score:2)
Re: (Score:2)
Paint it black and it looks like some low-end UPSes I've seen
Re: (Score:3)
Yes, but how how long until some manufacturer starts advertising "wi-fi surge protection" on their power strips?
Re: (Score:2)
I think we're there: http://www.monstercable.com/productdisplay.asp?pin=2353 [monstercable.com]
"Optically aligned"? Sounds almost as bad as their previous pitch of "Gold-plated optical cables".
..Cough.. (Score:3)
http://unex.com.tw/wifi-surge-protection [unex.com.tw]
Re: (Score:2)
Re: (Score:3)
prior art: dumpster diving.
Hacking isn't all about dictionary files and bruteforce attacks, autodiallers and Ally Sheedy. :)
Re: (Score:2)
the problem with a wastebasket is that it's not generally supposed to have cables going to/from it. That means you will have to run off batteries (running off batteries long term is a MAJOR PITA) and you will be limited to wireless hacks.
OTOH power strips are expected to have power and ones with communication surge protection while relatively unusual are not unheard of. This means that you can have power and network going to the "hacking device disguised as a power strip" without it looking too suspicious.
Re: (Score:2)
Build it into something above a waste can like a shredder. While you're at it, make a shredder that is also a scanner. Getting it to work when fed multiple sheets at once would be the and-one-more-thing feature.
Re:There is a perfectly logical explanation (Score:5, Interesting)
When I have been around data installations, everything got marked and recorded - component boards, memory sticks, hard drives, cabinets, power strips, UPS bricks, cables, even down to any piece of plastic that could potentially house a small bug (such as three pin plugs, notwithstanding the fact that I insisted on using plugs that were moulded to the cable at both ends). During the regular hardware audits, every device, cable and connector was checked against the catalogue. Anything that didn't match up was ripped out immediately and replaced with a known quantity.
If I didn't install it, it didn't belong.
Re: (Score:2)
Interesting. But how do you actually hear anything on the AM radio over all those servers?
Re: (Score:2)
for some reason I can't pick up any broadcast between 504-1791KHz unless I'm outside. Nottingham really is an AM black hole.
Re: (Score:2)
Depends on the mobile technology. Only GSM actually does that - WCDMA and CDMA do not. So if you have 3G inside, it fails.
Parking Lots (Score:5, Funny)
Aim higher than that (Score:3)
Showing up in corporate parking lots?
You should be considering how and where you are going to convincingly deliver 1,000 of these devices to the top 50 banks as if they were part of the normal office supply delivery.
I recommend branch offices rather than corporate HQ. Stuff like power strips are always in short supply, and at branch offices they'd happily accept (and without any questions) an accidental delivery of 3 from the office supply company via FedEx. And at branch offices I've done work in, there'
Re: (Score:2)
F no! For $1,295, I'm wrapping this sucker up in several layers of aluminium foil [wired.com] and I'm taking it home to sell on ebay. The same goes if I find any nefarious-looking device stuck on my car.
Translation (Score:5, Interesting)
The opposition (who ever they may be) has figured out that we were using this device. Word has gotten out. We no longer need it. You may now do with it as you wish...
Re: (Score:2)
No, it's just recently come out. It's one of the mini-projects funded via the DARPA Cyber Fast Track, currently run by Mudge. Their list of funded projects is publicly available on their website (and updated reasonably frequently) and they encourage sharing the results of projects.
Great for ad-hoc wifi (Score:2)
Seems like this could be great for ad-hoc wifi. Hide enough tiny routers in power strips (or even light fixtures, etc) and you can spread your signal without anyone noticing.
Is it filled with helium? (Score:4, Interesting)
I don't know how attentive the average person is, but if I picked-up a power strip and it weighed twice as much as others, I'd be very suspiscious that something was off with it (maybe something fell in?)
It would strike me as much more effective to use a device that already has a lot more heft to it, so the weight difference wouldn't be noticed.
I know the Soviets discovered several CIA bugs because things like their copiers were just a few ounces heavier than a stock model.
Re: (Score:2)
I don't know how attentive the average person is, but if I picked-up a power strip and it weighed twice as much as others, I'd be very suspiscious that something was off with it (maybe something fell in?)
Well, I said this elsewhere, but when I saw the picture I thought it could pass for a UPS -- and who is going to question a heavy UPS? You can get even nastier with a UPS, since it normal for it to be connected to a USB port or to a LAN (if my power strip were connected to a LAN, I would be a bit curious).
Re: (Score:3)
if my power strip were connected to a LAN, I would be a bit curious
Many power strips include surge suppression ports for RJ-11 and RJ-45.
Re: (Score:2)
Re: (Score:2)
"I don't know how attentive the average person is, but if I picked-up a power strip and it weighed twice as much as others, I'd be very suspiscious that something was off with it (maybe something fell in?)"
They'd think it was higher quality because it weighed more.
Includes external 3G/GSM adapter. (Score:2)
Re: (Score:2)
Just make the adapters look like wall warts plugged into the strip...
And for the home amateur on a budget ... (Score:5, Interesting)
Get one of these: http://www.asus.com/Networks/Wireless_Routers/WL330N3G/ [asus.com]. Hack OpenWrt to fit you needs, and flash the router with that. It's small and discrete enough to go unnoticed when set up and left somewhere, like behind a curtain, plugged into a forgotten Ethernet port in a wall somewhere. Power it with one of these: http://www.philips.co.in/c/cell-phone-accessories/universal-dlm2262_97/prd/ [philips.co.in].
DARPA-funded? Really? (Score:3)
If, like me, you found it unlikely that DARPA would fund something like this and let you talk about it (or at least, suspected this might be a case of hacker braggadocio), check this out:
http://www.cft.usma.edu/currentProjects.htm [usma.edu]
Re: (Score:2)
$1295 power strip? (Score:2)
Only in the US government.
Who ya gonna call? (Score:2)
Let's say I do see one of these things in the office and I take your advice that I should call somebody to find out if that thing is supposed to be there. This raises the important question of whom I should call. If it's not supposed to be there, that means that somebody, possibly one of my co-workers planted it. PROBABLY one of my co-workers planted it. Now my trust in all my coworkers is in question.
Not that it's not already in question. Maybe I should call Homeland Security. And maybe Homeland Sec
Re: (Score:2)
If I find one of these things in my office, I'd call information security; if need be they can talk to physical security to figure out how it got there. If one of my co-workers planted it (and it wasn't a legitimate test, in which case I suppose blue team won),
Re: (Score:2)
I'd just swap it with the plug strip I have in my home shop. The one I use to plug in my 120V MIG welder. If the NSA wants to listen to 'BZZZZZZZ BZZZZZZZ' all day, they are welcome to it.
Not Made in Silicon Valley (Score:2)
The best part of this is the company is located in Barre VT (and its not pronounced Bar!)
Huh... (Score:2)
Now that's thoughtful of me; they wouldn't even have to burn the gas getting that van with the WiFi capture/decode equipment in it out here.
You've all missed the most important fact (Score:2)
Look at the receptacle style.
US outlet. this is built for domestic use... in country-- not foreign service.
I don't think so (Score:2)
Re: (Score:2)
cue the homebrew powerstrip hackers... oh wait.
Re: (Score:3, Insightful)
and how much will the insurance cost to cover your 200$ shit homebrew shoebox power strip when it burns a multi-million dollar factory down.
development cost pennies, to prove you can produce the product in quantity with consistent results is what cost you genius
Re:$1,295? (Score:4, Informative)
and how much will the insurance cost to cover your 200$ shit homebrew shoebox power strip when it burns a multi-million dollar factory down.
A recent quote from an EE company that I just happen to have on my desk right now puts cost of compliance with CE & similar electrical safety rules for a short-run product (a device my client is considering installing at a few hundred of their clients' sites) at about $70 per piece. I'm convinced that this "power strip" is being manufactured in much larger quantities than that, so costs should be reduced: so again, where is the money going? It doesn't do anything innovative, plus it's had government funding for its development, so it should have had lower development costs than if one of us were to make it.
Re: (Score:2)
failures go up when you make more, so tighter testing is required and thus cost more and use much more time
please come back when you have actually produced something in more than limited quantities, most limited quantities in the real world mean prototype samples
Re:$1,295? (Score:5, Insightful)
I work for the government, and if I were ever to contract to the government to make something I would charge an arm and a leg for it because they burn a lot of time in pointless changes, process and administration. Plus they haven't got a clue and pay whatever you charge.
Re: (Score:2)
I commend you for having the courage to admit that in this crowd.
Re: (Score:2)
I commend you for having the courage to admit that in this crowd.
Especially with the nic "Dodgy".
Re: (Score:2)
Your second part about not having a clue is incorrect. I also work in Government, and I can say that the reason is that there is a mentality of "it's only money" which basically means they don't bat an eyelid at spending millions of dollars on pointless consultation and analysis, only to run out of money to implement recommendations.
And that's not all- to the procurement people, it's not just "only money" it's someone else's money. Plus they get brownie points for pushing down costs so vendors intentional
Re: (Score:2)
I have an uncle who runs a small company building electronic devices. He says that certification costs about $200 to get the guy to come out, but once he's there he's happy to do as many devices as you've got ready (within reason, probably).
Re: (Score:2)
I know, hackers always get insurance before they embark on their activities. My local insurance agents all offer "Hacking Insurance". It even comes bundled with my homeowner's insurance, at State Farm!!
Re:$1,295? (Score:4, Funny)
It's listed under the "Homepwners Policies".
Re:$1,295? (Score:5, Insightful)
Instead of being bitter and resentful towards those who actually create new things, why don't you go and invent some yourself?
Oh wait, that's like... real work and effort and thinking and shit. Back to the TeeVee it is!
Re: (Score:2)
And how is this thing new, or useful? I guess answering that would be too much "real work and effort and thinking and shit" -- ?
Re: (Score:2)
Its probably got the weight down to something reasonably comparable too. After reading through to specs, they seem to have a lot of hardware features with some power behind it too. If a power strip/ surge protector weighs as much as a battery backup, someone is going to ask some questions.
Re: (Score:3)
If a power strip/ surge protector weighs as much as a battery backup, someone is going to ask some questions.
I'd be surprised if they weren't making UPS versions of products like this also. If anything that is more likely something you'd connect to your network without questioning, for monitoring. The chance people would connect the RJ45 ports (I'm guessing these are supposed to protect against power surges) is a lot less in a corporate environment.
The first thing I thought when I saw this was how annoyed I'd be if I spend over $1000 and no-one plugged anything into any of the data ports. I'm guessing it could
Re: (Score:2)
Simple answer? Plug a printer (preferably one of those copier monstrosities) into one of the data ports. Noone would bat an eyelid at sticking a $3000 printer on a "surge protector" so you'd probably get away with it.
Re:$1,295? (Score:5, Insightful)
Think about what you just said. Some cosmetic damage might make the hacked powerstrip more acceptable. Slap a shiny, new bit of equipment into an office, and it might raise a little curiosity.
Now, take a somewhat abused looking home-brew unit, and put it someplace in the same office. No curiosity, at all. Where I work, there is no shiny, pretty, new, or nice. Everything is beaten to hell and back!!
Re: (Score:2)
So maybe you don't have anything hackers are interested in.
Re:$1,295? (Score:5, Insightful)
Minus the development of capital costs of mass production facilities and the engineering to make the internals readily production-capable.
There are actual issues involved in a production product which homebrew doesn't solve, but you'd never know that to read Slashdot.
Re:That looks nothing like a power strip (Score:5, Insightful)
Oh, really? Guess you've never seen a surge-suppressing power strip with sockets for phone and Ethernet to protect those lines as well?
Looks to me almost exactly like the one I used when I still lived in the States [newegg.com].
Re: (Score:2)
I use UPS bricks that come with suppressor circuits for ethernet/RJ11 and USB (they also supply power for USB). Very handy pieces of kit, and the batteries are fairly easily replaced as well. So no, the plethora of different connectors is nothing new for me (I used to sell the things as well).
Re: (Score:2)
Looks to me almost exactly like the one I used when I still lived in the States [newegg.com].
And you still think those things were just surge suppressors, eh?
Re: (Score:2)
it looks similar to the ones we have at my work, IE: not bought in a 4 pack for 9.99 at k-mart, which do dick shit nothing against surges
Re:EMF interference (Score:5, Insightful)
Grab an RF meter and go to town.
Right.
And just how many network admins do you know who actually keep one of those around?
I'd ask ours where he keeps his (assuming he even has one), but he's on vacation until mid-August, and his stand-in works in a different building in another part of town.
I think even you can see where I'm going with this... :)
Re: (Score:2)
its 2012, wifi and bluetooth? What admin wouldnt want to have one around, they cost less than guessing where the dead zones are
Re: (Score:2)
I can find wifi dead zones by wandering around with my phone. Why would I need an expensive, dedicated piece of equipment to perform the same job as one I already own?
Re: (Score:3)
Why would I need an expensive, dedicated piece of equipment to perform the same job as one I already own?
What a very silly question.
Are you sure you're posting on the correct web site?
Re: (Score:2)
then you have an RF meter, did I say expensive, dedicated piece of equipment dumbshit?
Re: (Score:3)
for wifi, I have a t-shirt [thinkgeek.com]. If I come across an unexpected signal (indicated by my chest lighting up) out comes the netbook and sixty seconds later if it's a WEP node I'm in. Sooner if it's an open node.
for Bluetooth I have a nifty little custom app on my netbook that beeps every so often and logs any and all Bluetooth activity that comes into range. Oh, to have something like that on an Android phone...
A good one-size-fits-all tool I've been using for years is a wideband RF meter. This gadget uses custom 8
Re: (Score:2)
It's really not hard to find them with Cisco gear managed by Cisco Wireless Control System [cisco.com]. WCS will automatically triangulate them so you can physically locate them and you can even block/disable rogue APs (talk to legal before blocking/disabling Wifi APs, re:FCC & unlicensed spectrum). I've used it this last week to track down 3 rogue APs which were permanently installed by employees for personal employee use (turns out they BYOI from a WISP and then share with those who want to chip in and only use
Re: (Score:2)
never mind the state of the shielding, what about the overall quality of the bricks?
Some years ago, I came across an increasingly familiar problem with eMachines systems. These things are assembled in California using Chinese components, including Bestec power supplies assembled in Taiwan. The problem with these power supplies was the capacitors. Seems that a rather large batch of them were assembled with GP bronze caps, resulting in thousands of units supplied to eMachines which had the potential to cause
Re:Only in America... (Score:5, Insightful)
Only in the USA, because large parts of the world use other outlets and voltages....
Yep. The development effort to retool for 240v and Australian power sockets would be prohibitive. I guess we don't need to worry about them over here.
Re: (Score:2)
It says 120 or 240 volt. I guess the selection is made during checkout.
Re: (Score:2)
You do realize that the US, EU, Japan, Brazil and several other countries also have different pin configurations too right?
It is probably just a matter of country specific housing covers that hold the outlets..
Re: (Score:2)
You do realise the Chinese mains socket is compatible with the Australian mains plug? The only difference is that the Australian pins are slightly thinker, so may make it a little hard to push into the socket, (oh and they are upside down) [wikipedia.org].
Never knew that. You got that my post was sarcastic though, right?
Re: (Score:3)
it really doesn't matter, everything that plugs into this box uses switching power supplies which have a wide range of voltages
never mind the fact that commercial AC transmission standards was developed in the USA in serious scale, thus making every one else "wrong". on a side rant I never figured out why so many people outside the states stick to a 50Hz cycle rate, its just nonsense ... is there a metric second I was unaware of?
Re: (Score:3)
Pro tip - one second / 60 = nothing. There's no unit that is a 60th of a second. If it was one hertz, and the euros were using 0.833Hz, you might have a point.
That's all besides the point anyway. NA started on DC, and when we first went to AC, it was 25Hz.
Not that any of that is related to the connector, in any way.
You poor bastards using 50/60Hz. I'm so much holier than you with my 25Hz. I AM THE ORIGINATOR OF ELECTRICS
Re: (Score:2)
Pro tip: not only is it completely reasonable to declare your own units, but there is a unit that is 1/60 s: the jiffy.
Pro tip for GP: If two standards differ, neither is wrong, they're just mutually incompatible.
Re: (Score:2)
the 25/50/60/120/133/400Hz* standards were just technical compromises based on application, nothing more.
*25Hz: Niagra Project
50Hz: most of the civilised world based on generator, transformer and transmission line size limitations (pretty much)
60Hz: system developed by Lamme to suit most any HV situation
120Hz: (failed) development system (combustion engines just couldn't rotate fast enough to run this frequency)
133Hz: ditto
and then we have DC, system developed by Edison/GE. Problem with DC is that it's frea
Re: (Score:2)
I'm not an EE or anything, but Path 65 is HVDC [wikipedia.org] and appears to work just fine over long distances (842mi) with a line rating of 3100MW.
Re: (Score:2)
lemme do the math...
the Pacific Intertie uses two conductors, each of which is just over 5cm diameter (including the core). The measured dissipation is around 260W/m*. Over the length of the line, 1362km, this equals a net loss through heating the wire of 354MW. The total voltage drop is 114kV. From a source output of 3.1GW, this is a 77% efficiency.
*considering this is about equivalent to solar flux (~0.15W/cm^2), that's a fairly significant loss as far as I can see.
I don't have the figures for the AC line
Re: (Score:2)
You can probably get that version too on custom order.
Re:Nasty piece of work (Score:5, Insightful)
It should be a dismissable offence it bring this thing any where near where you work.
All you need is to ship with UPS a sealed carton of ten or twenty of these devices, each in its own professionally printed box, to the maintenance department of the target company. Lowly workers, just a notch above janitors, will not be asking their bosses about such a simple item, and power strips are always needed. You can do this even if you never set foot into the country where the target company resides.
Re: (Score:2)
Funny, I was just thinking that. Most offices I've worked in and visited are terminally hard-up for power strips. If a box of 20 of them showed up they'd get used, no questions asked...although a bunch of them might make it into people's homes.
For industrial espionage, this would be priceless. Nobody checks to see if visitors are bringing power strips. Contractors bring their own all the time. Stick it in a conference room, or better yet an executive conference room, and you're golden. Does it come with a m
Re: (Score:3)
sadly, ignorance and political bias seems to be the exception to that rule at times. All throughout history, people have been trying to pound some sense into both categories and generally failed.
Re: (Score:2)
+1 insightful, please.
Re: (Score:3)