Since my purchase, that plug does not seem to be present on the website, but the wireless plug is similar. This website gives you some details on the plug and with regards to mini-plugs formats.
To start; the guys at PwnieExpress, have done their homework and offers a very good functional plug. It's design around; "ease and quick deployment". The plug only draw back; are the limited storage capacity and cost.
The plug has a superior usermanual ( available online ) that's ship with the plug, & that goes over almost all the setup functions. It gives you example of what you need to do to operate this plug.
When you boot the plug, you will be welcome with the following, after your ssh login
The plugs run with no manpages or other misc materials, due to the limited internal storage restrictions. So if you are weak on your linux skills, you better have access externally to Man Pages or other HOWTOs.
I used a few wireless cracking utilities and it ran brilliant.
The systems runs the following listeners ;
note: Port 8443 is used primarily for the Plug webUI.
Once you have the gui accessible, the plug interface is quick and straight forward for setup and configuration. It features quick tabs, which covers most of the plug functions, minus the pen-test tools.
I found these function to be;
- quick to configured
- and ease for the novice to well experience pen-tester to follow
The plugWebUI also cover almost everything from something as simple as resetting the PlugUI password. They even warn you in the document and webGui that this password is not the same as the shell
The plug ethernet is configured for DHCP , but allows you to re-configure it for static-ip, and you can change almost everything that you might encounter.
For alerting you have a host of options;
note: They thought almost everything :)
The plug also has the function to conduct passive recon. This would be great for a tap or hub port, where all traffic is present and no active engagement from the plug. Passive recon would be more effective with a hub , monitor or tap port.
my plug has the ability to setup covert back channels;
So for back channels, the plug has all angles covered. And provides quick status as to what you have running.
note: I would suspect you would want to write a basic bash script, that could provide you all of these status details and could be ran under the user profile to execute at the login.
PwnieExpress also provide some what of a simple on-the-plug help, just in case you get lost or confused.
For network connectivity wired/wireless the device function quite well and even has support for ipv6 natively. Which I'm investigating personally on how to engage my plug within a ipv6 topology and to build covert channels over a ipv6 connectivity. More to come on that as I get going.
The biggest complaint from me , pertains to storage size. This plug is small form factor and this is to be expected, but it would be nice to have more than 250-500+ megs of storage access imho
The plug overall is not bad and well thought out. Where they are lacking at in storage, they made up for with overall access and configuration. You can get a list of the available pre-cannned pen-test tools included on the plug via the website.
- very well design
- design for ease of deployment
- effective management of covert back channels
- lack of onboard manuals pages
- the cost
- external 802.11/celluar wireless adapter could be suspicious
- storage capacity size
Freelance Network/Security Engineer
kfelix at hyperfeed dot com