Greetings fair ladies and kind sirs, I present yet another episode of Healthy Paranoia. In this episode we examine the notoriously mad, bad and dangerous to know; pentest dropbox. Joining Mrs. Y are some poètes maudits of the security realm, including; Taylor Banks, Dan Tentler, Kyle Stone, Nick Lennox and Jay James.
A dropbox or creeper is a small, unobtrusive, form factor device used by pentesters to gain a backdoor into a target network. Using social engineering techniques, the pentester will plug it into an unsecured network port and the device will either “phone home” via a reverse shell over a covert channel or using a 3G/GSM wireless adapter.
In this episode we explore:
- Make or buy?
- Alternative uses for a dropbox.
- Hacking in your underwear.
- When is a pentest dropbox like a grenade launcher?
- How security professionals love really bad puns.
- Why hasn’t anyone built one called “My Little Pwnie” yet? Seems like a natural…
Pwn Your Own Network – The original post that started it all.
Acehackware (Mrs. Y is registered here, in case you’re wondering what to get me for my birthday, Xmas, Kwanzaa or Hanukkah)