The Ethical Hacker Network - My next purchase coolest pen test toys ever!

R3B005t

Newbie

Offline

Posts: 43

My next purchase coolest pen test toys ever!

« on: April 28, 2011, 08:43:34 PM »

http://pwnieexpress.com/

Hotness!


	Logged

lorddicranius

Sr. Member

Offline

Posts: 447

Re: My next purchase coolest pen test toys ever!

« Reply #1 on: April 28, 2011, 10:47:51 PM »

There was so much chatter about those on twitter during Source Boston last week. Looks like a fun little toy


	Logged

GSEC, eCPPT, Sec+

R3B005t

Newbie

Offline

Posts: 43

Re: My next purchase coolest pen test toys ever!

« Reply #2 on: April 29, 2011, 06:04:57 AM »

Yeah Jason Street clued me in on them during source boston. I have yet to make it out to a con gonna have to get my act together one of these days.


	Logged

hayabusa

Hero Member

Offline

Posts: 1632

Re: My next purchase coolest pen test toys ever!

« Reply #3 on: April 29, 2011, 07:36:07 AM »

Yeah, I was talking about pwnie's, recently, to the folks attending the CEH v7 launch class. I'd planned to order a couple (still do,) but had to finish some extra-curricular stuff I've been working on, first.

But they definitely look promising.


	Logged

~ hayabusa ~

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

OSCE, OSCP , GPEN, C|EH

millwalll

Guest

Re: My next purchase coolest pen test toys ever!

« Reply #4 on: April 29, 2011, 11:12:01 AM »

looks interesting but only in the USA Sad


	Logged

sil

Hero Member

Offline

Posts: 549

Re: My next purchase coolest pen test toys ever!

« Reply #5 on: April 29, 2011, 11:45:48 AM »

Anything and everything is a tool. The reality of the neater tools is placement. It would be a difficult task deploying this tool in a corporate environment, not impossible, just difficult.

For the cost of this tool, I can get a netbook, "load it up", send it to a CFO as a present from a vendor who recommended him on LinkedIn, wait for him to plug it in whether at home or work... Instant and almost guaranteed pwnage. Fulfilling my SOW, game over. So a tool is a tool is a tool.

USB keys ... check, Netbook ... check ... Free iPad ... check These almost always pay off without the hassle of thinking about where to deploy plugs. Not to mention, companies believe it or not, are actually wising up. This means in an environment where NAC is deployed, you wasted money on a plug.


	Logged

http://www.infiltrated.net/mgz/puppylecter.jpg

hayabusa

Hero Member

Offline

Posts: 1632

Re: My next purchase coolest pen test toys ever!

« Reply #6 on: April 29, 2011, 07:21:00 PM »

I'd agree, sil, for black / grey box. One semi-exception - same exception for which I'm getting mine. White box testing, where I'm tasked to see from the insiders' perspectives. Yeah, I could deploy a laptop or machine, etc, but cheaper (shipping, if remote) and easier to just have them plug in a pwnie for me, and go about my business.

But again, I fully agree with you on the rest. Just that there are times the little units do come in handy. Believe it or not, I easily deployed a similarly 'modified' unit (non-pwnie, but another vendor's outlet pc, with my added code - and no, I don't work for pwnie) in a hospital, in a paid, black box test, too. Amazing how easy to slap one in a spare network jack under a desk at the check-out / release desk, when they turn their back or go to the printer... ;-). I have another similar gig coming up, so looking forward to testing out a real pwnie for this one.


	Logged

~ hayabusa ~

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

OSCE, OSCP , GPEN, C|EH

R3B005t

Newbie

Offline

Posts: 43

Re: My next purchase coolest pen test toys ever!

« Reply #7 on: April 30, 2011, 11:37:56 AM »

Options Sil options, sending a netbook to someone in a corporate environment is a great plan and all and the free iPad is even better! I'll give you that a small handful of companies are wising up and implementing NAC's these little guys are still great tools and one can never have too many tools in ones arsenal.


	Logged

millwalll

Guest

Re: My next purchase coolest pen test toys ever!

« Reply #8 on: May 01, 2011, 12:26:15 PM »

I have Nokia n900 does anyone know where I can get the software to pwn it ? I have had search on Google but could not find ti anywhere.


	Logged

tturner

Sr. Member

Offline

Posts: 432

Re: My next purchase coolest pen test toys ever!

« Reply #9 on: May 05, 2011, 06:35:38 AM »

I believe pwnieexpress will be releasing a free downloadable n900 image for existing n900 owners. Not sure on ETA but I got an email on it a few days ago.


	Logged

Certifications:
CISSP, CISA, GPEN, GWAPT, GAWN, GCIA, GCIH, GSEC, OPSE, CSWAE, CSTP, VCP

WIP: OSWP, GSSP-JAVA, GXPN

Udacity on hold, again. I suck.

http://sentinel24.com/blog @tonylturner http://bsidesorlando.org

millwalll

Guest

Re: My next purchase coolest pen test toys ever!

« Reply #10 on: May 05, 2011, 10:32:49 AM »

Thanks Tturner Tongue


	Logged

sil

Hero Member

Offline

Posts: 549

Re: My next purchase coolest pen test toys ever!

« Reply #11 on: May 05, 2011, 12:50:53 PM »

Quote from: tturner on May 05, 2011, 06:35:38 AM

I believe pwnieexpress will be releasing a free downloadable n900 image for existing n900 owners. Not sure on ETA but I got an email on it a few days ago.

silica > *

http://www.zdnet.com/photos/silica-a-wireless-hacking-tool/53766
http://immunitysec.com/products-silica.shtml