We have done many List’s of before this post. To name a few – List of FREE VPN Providers!, List of Cell Phone Forensic tools! and List of TOP LiveCD’s for Penetration Testers!. But, nothing like the one we are doing today. Infact, we don’t know if some one has attempted to list down hardware devices that could assist in a penetration test covertly. We have tried our best to include all of the available devices, but we might have missed some. Incase you know of any, please let us know.
Again, we have arranged these devices alphabetically. This does not represent our preferences in any way.
1. DigiConnect ME:
Digi International’s DigiConnect ME measures 0.75 x 0.75 x 1.4 inches (19 x 19 x 36mm), and weighs 0.64 ounces (18 grams), packaged in a metal housing only slightly larger than a standard RJ-45 module. The DigiConnect ME is based on an SoC (system-on-chip) from Digi subsidiary NetSilicon. The NetSilicon NS7520 SoC features a 32-bit ARM7TDMI core supporting clock rates of 36, 46, or 55MHz. Kleinhenz lists 55MHz as the clockspeed for Picotux. The NS7520 integrates a 10/100 Ethernet MII and ENDEC MAC, as well as a serial port, external memory controller, JTAG, and 13-channel DMA.
2. DigiConnect WI-ME:
DigiConnect WI-ME supports wireless 802.11b networking and includes an RP-SMA antenna port in place of the RJ-45 port. The WI-ME measures 0.75 x 0.70 x 1.85 inches (19 x 18 x 46mm), not including the antenna port, and is available from NetSilicon in both standard and developer (with JTAG interface) models.
Both these devices are as simple as it gets. They contain a small flash memory too. But, included because of its size and can be stealthily placed anywhere. They cost 99 euros and upwards. More information about these devices can be found here.
3. SheevaPlug:
The Plug Computer is a tiny, low power server, intended to provide network-based services within the home. It is an always-on system, and can serve data and applications to computing devices within the home. It can also be a bridge between home computing devices and Internet-based services. The SheevaPlug is Marvell’s first plug computer, based on a powerful 1.2GHz Sheeva processor. Its main connectivity is gigabit Ethernet to the network, and USB for peripherals. The Plug ships with Linux, which is the most popular open source operating system. However, any operating system that is compatible with ARM CPUs may potentially run on the platform, such as FreeBSD, NetBSD, Windows CE, and more.
Read more about SheevaPlug here.
4. VIA ARTiGO A1100:
The VIA ARTiGO A1100 DIY PC Kit packs HD video, HDMI and full 64-bit computing in an Ultra Compact Desktop form factor. The VIA ARTiGO A1100 is powered by a 1.2GHz VIA Nano™ processor, offering a high performance native 64-bit computing experience while remaining within a low power thermal envelope. The VIA Nano™ processor is joined the VIA VX855 media system processor, a fully integrated all-in-one chipset that brings exceptional multimedia experience to small form factor devices including playback of the most demanding HD video formats. The VIA ARTiGO is the smallest full featured PC Kit on the market today. With dimensions of a mere 14.6 x 9.9 x 5.2cm (5.7″ x 3.9″ x 2″), totaling only 725 cm3, this mini PC is suitable for myriad of applications in the home or office, including home server, media streaming and surveillance applications. The VIA ARTiGO is also great as a straightforward desktop PC, taking a fraction of the physical real estate. Supports Microsoft Windows 7 & Linux.
Yes, this is a bit bigger than its counter parts, but it supports a 64 bit processor! More information about VIA ARTiGO can be found here.
5. PWN Plug:
The PWN Plug is a SheevaPlug microserver, that is loaded with pentesting goodies! Just plug it in! It comes preloaded with Ubuntu, Metasploit, Fasttrack, SET, SSLstrip, nmap, dsniff, netcat, nikto, nbtscan, xprobe2, inguma, scapy, ettercap, JTR, medusa, & more! It maintains a reverse persistent SSH tunnel to your external pentest box. It also traverses strict egress firewall filters, webfilters, HTTP proxies, and application-aware firewalls! It is unpingable & no open ports in stealth mode! It is only 4.3 x 2.7 x 1.9 inches and consumes only 2.3 watts when idle! All this in a 1.2GHz ARM cpu with 512M SDRAM, 512M flash HDD!
A bit costly, but if you want all of that pre-loaded for you, this is the right choice! Read more about PWN Plug and many more additional mobile devices that can be used for penetration testing here.
6. The PWN Phone:
This is from the same guys who got us the PWN Plug. It is a full pentesting suite for the Nokia N900! It Includes Aircrack, Metasploit, Kismet, GrimWEPa, SET, Fasttrack, Ettercap, nmap, and more. It also has custom pentesting screen with shortcuts to macchanger, injection on/off, etc. The built-in wireless card supports packet injection, monitor mode, and promiscuous mode too!
If you already have a phone and would like to convert it to something like this, then a series of posts named Weaponizing the Nokia N900; found here, can help you. This seems most promising as the Nokia N900 is a phone that comes pre-loaded with Debian and a huge memory space!
7. The PlugBot:
PlugBot is a hardware bot. It’s a covert penetration testing device designed for use during physical penetration tests. PlugBot is a tiny computer that looks like a power adapter; this small size allows it to go physically undetected all the while powerful enough to scan, collect and deliver test results externally. It runs on a 1.2 GHz processor, 512 MB RAM and drawing just under 5 watts of power. Extra hard disk space can be added with an SD card. Here are some of the on board components: 802.11b, Gigabit Ethernet, Bluetooth, 1.2 GHz processor, 512MB RAM, USNAP I/O, MicroSD socket and more. With the PlugBot, you can issue scan commands remotely. It is wireless 802.11b ready in addition to being Gigabit Ethernet capable. It has Linux, Perl, PHP, MySQL on-board. It is also capable of invoking most Linux-based scan apps & scripts and uses an intelligent scan engine.
This project hasn’t had a release yet, but still sounds promising and can be accessed here.
UPDATE:
8. The DreamPlug:
It is a small robust product which draws under 5 watts of power, and can handle the most demanding of tasks. If compared to the average desktop computer using 175 watts of power, we are able to save potentially in the region of 96% on energy costs. The ecologically friendly “DreamPlug” has been designed for 24/7 type applications and the truly remarkable new enclosure, even with no internal moving components, ensures efficient heat dissipation in the most challenging conditions. It features the Marvell Sheeva core 1.2GHz speed, Linux 2.6.3x Kernel with a 512MB 16bit DDR2-800 MHz RAM and 1 GB on board micros-SD for kernel and root file system, 2 x Gigabit Ethernet 10/100/1000 Mbps, 2 x USB 2.0 ports (Host), 1 x eSATA 2.0 port -3Gbps SATAII, 1 x SD socket for user expansion/application, WiFi 802.11 b/g, Bluetooth BT2.1 + EDR, Audio Interfaces, Headphone (analogue) out x 1, Mic In, Fiber Optics (SP/DIF) out x 1, Jtag and Uart connections for external module, 5V3A DC power supply! All this fits into 108mm (L) x 54mm (W) x 24mm (H)!
More information about the DreamPlug here.
UPDATE 2:
9. PWN Plug 3G:
Pwnieexpress have done it once again! This time, they have given us the PWN Plug 3G, their stealthiest plug yet! Just a small glitch in their Sheeva Plug based bug – it depends on an active Verizon mobile broadband plan. We think it mostly has to be because of an embedded SIM card or such. In countries like India, where Verizon is not available, this is certainly NOT a good idea. Anyways, it comes fully loaded! Ubuntu, Metasploit, Fasttrack, SET, SSLstrip, nmap, dsniff, netcat, nikto, nbtscan, inguma, scapy, ettercap, JTR, medusa! It sends an SMS message to your phone whenever a reverse SSH shell over 3G/GSM is established! It is unpingable and no listening ports are detected in stealth mode. Its physical attributes are only 4.3 x 2.7 x 1.9 inches and consumes only 2.3 watts when idle!
Read more about the PWN Plug 3G here.
Searches leading to this post:
list of portable devices, best free portable apps, pwn plug web
Comments on this entry are closed.