Home | Blog | Software | Reviews and Features | Forum | Help | Donate | About us
topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • September 01, 2015, 01:13:55 PM
  • Proudly celebrating 10 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: PWNIE EXPRESS! This is hilarious, and real!  (Read 5579 times)

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 12,787
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
PWNIE EXPRESS! This is hilarious, and real!
« on: July 03, 2011, 04:43:41 PM »
A friend of mine shot me this link:

http://pwnieexpress.com/wireless.html

Quote
Pwn Plug Wireless

A commercial-grade wireless pentesting drop box.

:: Includes an external 1000mW USB ALFA
:: Karmetasploit Evil AP mode!
:: Auto-crack all WEP networks in range! (WEPbuster)
:: Maintains a covert, encrypted, firewall-busting backdoor into your target network [Details]
:: Includes "Plug UI" for simple web-based setup
:: Tunnels through application-aware firewalls & IPS
:: Sends an SMS message when SSH tunnel is activated
:: Preloaded with Ubuntu, Kismet, Aircrack-NG, WEPbuster, Karma, Metasploit, SET, Fasttrack, SSLstrip, nmap, dsniff, netcat, scapy, ettercap, medusa, & more!
:: Unpingable and no listening ports in stealth mode



Nice. :)

Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

Stephen66515

  • Animated Giffer in Chief
  • Honorary Member
  • Joined in 2010
  • **
  • Posts: 2,998
    • View Profile
    • Donate to Member
Re: PWNIE EXPRESS! This is hilarious, and real!
« Reply #1 on: July 03, 2011, 04:50:57 PM »
o_0

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,530
    • View Profile
    • Donate to Member
Re: PWNIE EXPRESS! This is hilarious, and real!
« Reply #2 on: July 04, 2011, 01:06:58 AM »
Why am I a little skeptical about this?  

Maybe it's this:

zzz.gif

Or this (Marvell's Sheeva Plug computer - picture directly taken from Marvell's sales brochure)

2GHz-Sheeva-Plug-1.jpgPWNIE EXPRESS! This is hilarious, and real!

(Note: I guess you could set it up as a "pen box" since the Sheeva Plug is a Linux PC. All it would take is to load it up with a free copy of BackTrak or a similar NIX 'security' distro. But you can also run BackTrak off a live DVD (or a USB drive) using any computer so I'm not sure what the advantage of putting it on it's own plug computer would be. Unless maybe you were planning on quietly slipping it in someplace you shouldn't, and then accessing it remotely? :mrgreen:)

Then there's the Go Daddy private registration on the website...(a security firm uses Go Daddy as their registrar?)

It's also weird (to me) how Rapid Focus Security, LLC of 27 French Street, Barre, VT - (the alleged operator of the website) doesn't show up as a registered corporation in Vermont. They could be registered in another state. But checking the usual corporate shell registration places like Nevada and Delaware comes up blank. Nothing in shows up for Nevada. (Can't check Delaware until Tuesday since they only allow online corporate registration verifications during regular business hours.)

Or the fact there's no phone number or contact information on the webpage - or a street address - or any company history or related info - or...

There might be a reason why they're so 'invisible.' But I'm always a little concerned when a security company is totally stealthed, and doesn't at least have a token 'front office' that's out in plain sight.

It also strikes me as odd they offer intrusion assessment and penetration testing services - and then list some recent clients. (Most big corporations like Cisco have a confidentiality clause in their contracts that forbids vendors from using their name in any marketing activities. Especially if it's security related, in which case the vendor is usually contractually forbidden from even saying they did work for the corporation.)

Dunno...I could be wrong...but I'm a little leery about this.  :'(

« Last Edit: July 04, 2011, 02:09:38 AM by 40hz »

zridling

  • Friend of the Site
  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 3,292
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: PWNIE EXPRESS! This is hilarious, and real!
« Reply #3 on: July 04, 2011, 02:20:14 AM »
Kevin Mitnick is quoted. Isn't that the hacker that went to jail and is never allowed near the internet for life?

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,530
    • View Profile
    • Donate to Member
Re: PWNIE EXPRESS! This is hilarious, and real!
« Reply #4 on: July 04, 2011, 06:46:47 AM »
Kevin Mitnick is quoted. Isn't that the hacker that went to jail and is never allowed near the internet for life?

The same.

The lifetime ban on internet use got overturned by the courts following his release from prison. There are different stories as to why he was able to cut a deal. One rumor has it this deal got made in exchange for him not pursuing a civil rights case against the government for its questionable act of holding him in solitary confinement for something like most of a year because somebody convinced prison officials he would be able to start a nuclear war if he so much as sat in the same room with a telephone. Other stories cite the inconvenient fact (for prosecutors) that he already served 4 years in prison (on pre-trial detention) before his case even got to court. (Note: The US still had a functioning Bill of Rights back then. Today Kevin Mitnick would wind up being classified as an "enemy combatant" and disappear into some non-existent government detention facility where he would soon learn that there are no secrets to be kept from an angry government.  *Splash!!!*)

But he's since seen the error of his ways. Jail cells and solitary confinement can do that to ya! He now writes books, consults, and speaks publicly on computer security topics.

There really is a Mitnick Security Consulting LLC btw:

Quote
Mitnick Security Consulting, LLC is a full-service information security consulting firm. Founded by Kevin Mitnick, Mitnick Security Consulting offers a comprehensive range of services to help businesses protect their valuable assets. read more >>

I just wonder if that Pwnie testimonial is real.

 8)


« Last Edit: July 04, 2011, 07:59:56 AM by 40hz »

J-Mac

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 2,905
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: PWNIE EXPRESS! This is hilarious, and real!
« Reply #5 on: July 10, 2011, 11:51:27 AM »
I read his book, "The Art of Deception" and yes, he does have quite a few tall tales in it!

Jim

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,530
    • View Profile
    • Donate to Member
Re: PWNIE EXPRESS! This is hilarious, and real!
« Reply #6 on: July 10, 2011, 01:02:10 PM »
I read his book, "The Art of Deception" and yes, he does have quite a few tall tales in it!

Jim

+1! There's a whole lotta BS being slung around.

That's the problem when you deal with hackers and cybersecurity stories. Everybody - and I mean everybody - from the hackers, to the "white hats" - to the agents of the law enforcement community itself - all exaggerate wildly about the events and exploits they were involved with - along with the significance of what actually went down.

About the only thing you can count on is they all want to magnify their individual roles (and importance) in the eyes of their peers, their superiors, and the general public.

 :-\

« Last Edit: July 10, 2011, 01:06:30 PM by 40hz »

pwnieexpress

  • Participant
  • Joined in 2011
  • *
  • gravatar avatar
  • Posts: 1
    • View Profile
    • Donate to Member
Re: PWNIE EXPRESS! This is hilarious, and real!
« Reply #7 on: August 15, 2011, 08:03:39 PM »
Hi!

I work for Pwnie Express and I just wanted to reach out into this community and address a couple things people said in this thread:

First of all, we are very small and so getting sudden exposure is certainly revealing the fact that we are a tiny startup which is a group of friends. Just gonna run through a few points in the thread above

Kevin Mitnick did buy a plug and that was a quote from him after he bought the plug. Before buying it he sent this tweet: https://twitter.com/#!/kevinmitnick/status/42370853526175744

Also, Mitnick did go to jail but he is out and we just saw him quite a bit ad Defcon 19 where we were vendors. We sold over 200 plugs and quite a few of the Pwn Phones -- a mobile pentesting platform build on the Nokia N900 platform..

The plug is indeed based on the Marvell Sheeva Plug hardware. We purchase the plugs from GlobalScale who manufactures them and then flash them with our own image (build on Ubuntu) with our own custom software.  We have been working on adding other grpahics besides just those from the manufacturer to the pages.

The domain was registered by a friend who is a webdeveloper when we were quite small. At some point in the future we will tranfer the domain registration to the LLC itself and make that information public. Good point tho!

Final point regarding our list of clients: the high profile clients we listed are indeed clients but they are hardware clients, not clients who we have provided infosec services to. In the case of Cisco we saw no reason not to list them because we are partnering with them in certain ways. At Black Hat Cisco gave out some of our PwnPhones as a prize for a contest at their vendor booth. Check out: http://blog.pwnieexpress.com/post/8974758207/black-hat-interview-with-cbs

Regarding the validity of our company you can search for Pwnie Express here : http://www.sec.state.vt.us/seek/keysrch.htm

If anyone has any other specific questions  (or skepticism!) please feel free to respond in this thread or reach out to use directly by emailing info {AT} pwnieexpress [dot] com

Thanks for your time!

The Pwnie Express Team

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 12,787
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Re: PWNIE EXPRESS! This is hilarious, and real!
« Reply #8 on: August 15, 2011, 08:51:44 PM »
@pwnieexpress - Thanks for dropping in and clearing up some of that. It's always good to have vendors give their $0.02.

Cheers!
Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

r0bert0

  • Participant
  • Joined in 2013
  • *
  • Posts: 4
    • View Profile
    • Donate to Member
Re: PWNIE EXPRESS! This is hilarious, and real!
« Reply #9 on: January 20, 2013, 09:29:23 PM »