Tomorrow at the Black Hat security conference in Las Vegas, the Pwnie Express will officially unleash Pwn Plug R2, the next generation in its arsenal of penetration testing and hacking hardware. Ars got an exclusive rundown in advance on the device from Dave Porcello, founder and CEO of Pwnie Express.
The new Pwn Plug looks less like a DC power supply plug—the form factor of its predecessor—and more like a small Wi-Fi access point or router. But inside, it's really a Linux-powered NSA-in-a-box, providing white hat hackers and corporate network security professionals a "drop box" system that can be remotely controlled over a covert Internet channel or a cellular data connection.
"Some people will use these for physical penetration tests," Porcello said. "They can go into a bank branch or a retail store, or even a corp office, and pretend to be a telecom technician or someone from the power company or whatever and drop it under someone's desk, or in a wiring closet, or behind a printer." And for other applications, such as corporate security auditing, Porcello said, "it's just as useful to send to remote sites without having to travel—a corporate security manager can just ship a box out to a retail store and have a store manager or branch manager just plug it in."