Re: Pentesting drop boxes

[David Porcello <DPorcello () vermontmutual com>]

Excellent idea! Would definitely like to mod these plugs to do this; at 2-7 watts even a small battery pack or solar 
panel could run these for a while. Heck, without any modding these could run off a standard UPS even longer. Course 
you'd probably want to clip the speaker to stop the incessant beeping. =)

The new Guruplugs do have built-in wireless, but last I heard these units still have some pretty major overheating 
issues.


-----Original Message-----
From: pauldotcom-bounces () mail pauldotcom com [mailto:pauldotcom-bounces () mail pauldotcom com] On Behalf Of Jim 
Halfpenny
Sent: Friday, November 05, 2010 11:38 AM
To: PaulDotCom Security Weekly Mailing List
Subject: Re: [Pauldotcom] Pentesting drop boxes

Hi,
A low powered system that can run off batteries (which I don't think
the sheevaplug can) would be useful. If wireless penetration is an
option a small form factor device and a car battery locked in a case
could be a viable option for an in-plain-sight drop box. Something
that looks like a telecoms cabinet might be inconspicuous enough to
leave next to an exterior wall and the weight of a car battery might
may a casual observer think it's fixed to the wall.

There are sheevaplugs available with built-in 802.11 which would be
less conspicuous that one with a USB adapter.

Cheers,
Jim

On 5 November 2010 14:15, David Porcello <DPorcello () vermontmutual com> wrote:
> Has anyone used a "drop box" in a pentesting engagement? I've been building
> on this idea and would like to hear suggestions on what to add. The end goal
> is to have a Backtrack-esque tool set on a plug-based microserver, and a set
> of reverse tunneling scripts that walk through all the commonly allowed
> egress ports/protocols to establish a backdoor shell into the target
> network.
>
>
>
> Here's what I have so far:
>
>
>
> Hardware: Ubuntu-based Sheevaplug microserver, wifi support via USB ALFA
>
> Tools: Metasploit, Fasttrack, SET, SSLstrip, nmap, dsniff, netcat, nikto,
> nbtscan, xprobe2, inguma, scapy, ettercap, JTR, medusa
>
> Reverse tunnel scripts (running every minute for persistence): SSH over port
> 443, SSH over HTTP requests (proxy support), SSH over DNS queries, SSH over
> ICMP
>
>
>
> What else would everyone like to see?
>
>
>
> grep.
>
> http://grep8000.blogspot.com
>
>
>
> ________________________________
> NOTICE: The information contained in this e-mail and any attachments is
> intended solely for the recipient(s) named above, and may be confidential
> and legally privileged. If you received this e-mail in error, please notify
> the sender immediately by return e-mail and delete the original message and
> any copy of it from your computer system. If you are not the intended
> recipient, you are hereby notified that any review, disclosure,
> retransmission, dissemination, distribution, copying, or other use of this
> e-mail, or any of its contents, is strictly prohibited.
>
> Although this e-mail and any attachments are believed to be free of any
> virus or other defects, it is the responsibility of the recipient to ensure
> that it is virus-free and no responsibility is accepted by the sender for
> any loss or damage arising if such a virus or defect exists.
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom () mail pauldotcom com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

NOTICE: The information contained in this e-mail and any attachments is intended solely for the recipient(s) named 
above, and may be confidential and legally privileged. If you received this e-mail in error, please notify the sender 
immediately by return e-mail and delete the original message and any copy of it from your computer system. If you are 
not the intended recipient, you are hereby notified that any review, disclosure, retransmission, dissemination, 
distribution, copying, or other use of this e-mail, or any of its contents, is strictly prohibited.

Although this e-mail and any attachments are believed to be free of any virus or other defects, it is the 
responsibility of the recipient to ensure that it is virus-free and no responsibility is accepted by the sender for any 
loss or damage arising if such a virus or defect exists.
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com