The Power Pwn is a fully-integrated, enterprise-class penetration testing platform. A successor to the popular Pwn Plug, the device features a highly-integrated modular hardware design. Backed and funded by the Defense Research Projects Agency (DARPA), it aims to provide corporations and security-conscious individuals with a cheaper and easier means to defend themselves against hackers, by providing them with the same set of tools as their digital assailants.

With the appearance of a simple surge protector, the Power Pwn won't turn any heads, but crack open its unassuming casing and you'll find everything you need to run a full-scale security auditing software suite. The biggest draw of the device is undoubtedly its ability to perform tests remotely. A security professional can simply ship the Power Pwn to a corporate facility and gain access to the device covertly over Ethernet, wireless or 3G/GSM cell networks.

Text to bash functionality

The cellular network functionality allows users to text in bash commands via SMS. There's even the potential to take advantage of voice-recognition software such as Apple's Siri to push commands to the device.

Shipping with the Debian 6 instance of Linux, the Power Pwn aims to make comprehensive pentesting easier and cheaper for corporations and security professionals. Companies can mail the US$1,295 hardware out to their branches and conduct full-scale penetration tests of their remote networks, completely eliminating travel expenses.

A wide range of connectivity options including wireless, dual Ethernet and 3G/GSM cell networks.

There are concerns that hackers may use the device against its intended owners, but the backing and funding of DARPA should go some way to ensuring that the Power Pwn stays firmly in the hands of the good guys. To this effect, the CEO of Pwnie Express, Dave Porcello told Wired that 90 percent of the company's customers work for corporations or the federal government.

Full features and specs are as follows:

  • Onboard high-gain 802.11b/g/n wireless
  • Onboard high-gain Bluetooth (up to 1000')
  • Onboard dual-Ethernet
  • 120/240v AC outlets
  • 16 GB internal disk storage
  • External 3G/GSM adapter
  • Fully-automated NAC/802.1x/RADIUS bypass
  • Out-of-band SSH access over 3G/GSM cell networks
  • Text-to-Bash: text in bash commands via SMS
  • Web-based administration with “Plug UI”
  • One-click Evil AP, stealth mode, & passive recon
  • Maintains persistent, covert, encrypted SSH access to your target network
  • Tunnels through application-aware firewalls & IPS
  • Supports HTTP proxies, SSH-VPN, & OpenVPN
  • Sends email/SMS alerts when SSH tunnels are activated
  • Preloaded with Debian 6, Metasploit, SET, Fast-Track, w3af, Kismet, Aircrack, SSLstrip, nmap, Hydra, dsniff, Scapy, Ettercap, Bluetooth/VoIP/IPv6 tools and more.
  • Unpingable and no listening ports in stealth mode
  • Sources: Pwnie Express, Wired