First off who's Demyo? Demyo, is a Miami Based InfoSec company, who offers the following security services;
- penetration testing
- system vulnerability assessments
- network/security audit and hardening
- forensic collection and incident handling
- web app vulnerability assessments
- risk management
- and a host of other security consulting services
More can be found on their website ; http://www.demyo.com/
1st off the Demyo DemyoPowerStrip also known simply as DPS thru out this thread, looks well........like a power strip :)
A pen-test plug is suppose to not be detectable or suspicious, and hardly noticeable. The ideal of a hardware pen-testing plugs, are to bring the ethical hacker/pen-tester tools local & at the place of engagement. These devices will usually have the engineer toolboxes, with contains the various tools such as; vulnerability scanners, probes, possible compilers, scripts, and other tools commonly used within vulnerability assessment work. They are geared to perform any of the following;
- network/system recon
- pentest ( hardwire/wireles devices )
- vulnerabilities assessments
- launching exploits
- data collection & harvesting ( packets, passwords,etc...)
- services for a reverse shells and remote access options
- packet forgery or interception
The demo plug as tested and as of this review is their 1st and only hardware device. It boasts one of the highest local storage at a whooping 32gig. It's also priced modestly for the features and function that it offers & specially when compared to the competition.
note: During my initial review, I did not test any of the wireless features ( 802.11 or BlueTooth ) At the time of my acquisition the plug didn't have a full completed manual nor was the full "canned" pen-test tools installed as listed on the demyo.com website.
After booting the DPS you will be able to access the unit via ssh. It has no WebUI or any graphical interface enabled by default. But you can run a simple vnc-server script after boot-up.
The devices specs as pulled from their website;
- CPU 700Mhz, boostable to 1Ghz
- RAM 512M
- HDD 32GB
- High gain WiFi adapter, 4dB, IEEE 802.11b/g/n
- High gain bluetooth adapter, 300 yards range
- Ethernet 10M/100M
- MicroSD card slot. It is required to take back cover off for access
- Serial Console. It is required to take back cover off for access
- Functional power outlets, USB charging ports, Ethernet surge protection, Coaxial surge protection.
You have the ability to run a small vncserver after the initial login, if you so desire. I didn't find this method very beneficial, but it does function and seems to be stable in operation.
One thing you will find out very quickly, the CPU shows a steady utilization & upwards to 100% usage at some times. Due to this small form and packaging, this is to be expected & is normal. This device like other hardware plugs, are not really gear'd for heavy cpu tasks. So you would not use this plug to compile a linux kernel or a re-work of your compiler & libraries.
I would recommend the end-user to pre-seed this device and before deploying at the local engagement. The local gcc compiler seems function, and with most libs and works very well. I must warn you, that the speed is not blazing fast by any means. Building your tools ahead of time, or using the apt pkg management, might be more effective tho.
But having the means to build and compile code locally, could be a strong benefit and for any special projects or situations that might come up.
To give you some time examples, I tarball and gzip compress the demyo provided wordlist;
A simple compile of the unix arpwatch tool over 9min to build from start to finish, I would suspect as more line of codes are encountered, your compile times would grow dramatically.
Where the DPS shines at; is the user has full control on what he/she want to install and plenty of space to do it in. Most other plugs like those from pwnie-express, are limited in internal storage size. A similar pwnie-express power-strip plug, is almost at double the price, and at half the storage capacity.
The creator of the Demyo plug has crafted their plug for the experienced pen-tester, and to allow them to build their plug for customization.
I'll quote one of Demyo Security Engineer;
" Our plug allows the end user to install pkgs and tools that fit the type of engagement being present. It also allows the end-user full control to modify the DPS via the common apt-get pkg management or to compile tools as the need arises."
One area of weakness, the plug has a very limited user guided setup and will require the end user to know and understand linux administration. Other available plugs, typically has a very quick and effective setups menus within their WebGUI. This allows for quick manipulation and for conducting a host of tasks with ease.
Another issues that was found, the plug runs a simple LAMP server, but you probably do not want to run the plug on a well-known services port if you want to keep it covert and immune from discovery.
This can be rectified by changing the apache2 conf, and by selecting a different listener port. I would also look at securing the data via certificates. These 2 fixs, could probably keep it more hidden, and from view of any internal network monitor or probes. Ideally, this traffic would be tunnel within something like ssh.
I would like to wrap up the Demyo review; it's a serious contender with regards to hardware base pen-test devices. The plug is reasonable priced, and built with flexibility for the end-user to customize his pen-testing appliance and for his needs.
Key areas that we could see improvement in imho;
- a slightly faster processor to match the extended storage
- possible a faster IO performance with the internal storage device ( 2.5" notedrive or a ssd ide/ata devices from transcend comes to mind )
- user mangement via scripts or easy-wizzard ( call-home, reverse-shell,etc...)
- 3g/4g celluar connectivity as option, and integral to the strip would be a strong point
Strong points for the DPS;
- internal storage capacity
- full end-user customization
- wide option of connectivity ( BlueTooth/wifi/ethernet )
- price $$$.$$
I will keep my eye open on Demyo, and any future services or products from them.
Freelance Network/Security Engineer
kfelix at hyperfeed dot com