Welcome Guest.   Make a donation to an author on the site September 01, 2014, 06:22:10 AM  *

Please login or register.
Or did you miss your validation email?


Login with username and password (forgot your password?)
Why not become a lifetime supporting member of the site with a one-time donation of any amount? Your donation entitles you to a ton of additional benefits, including access to exclusive discounts and downloads, the ability to enter monthly free software drawings, and a single non-expiring license key for all of our programs.


You must sign up here before you can post and access some areas of the site. Registration is totally free and confidential.
 
Check out and download the GOE 2007 Freeware Challenge productivity tools.
   
   Forum Home   Thread Marks Chat! Downloads Search Login Register  
Pages: [1]   Go Down
  Reply  |  New Topic  |  Print  
Author Topic: PWNIE EXPRESS! This is hilarious, and real!  (Read 5001 times)
Renegade
Charter Member
***
Posts: 11,191



Tell me something you don't know...

see users location on a map View Profile WWW Give some DonationCredits to this forum member
« on: July 03, 2011, 04:43:41 PM »

A friend of mine shot me this link:

http://pwnieexpress.com/wireless.html

Quote
Pwn Plug Wireless

A commercial-grade wireless pentesting drop box.

:: Includes an external 1000mW USB ALFA
:: Karmetasploit Evil AP mode!
:: Auto-crack all WEP networks in range! (WEPbuster)
:: Maintains a covert, encrypted, firewall-busting backdoor into your target network [Details]
:: Includes "Plug UI" for simple web-based setup
:: Tunnels through application-aware firewalls & IPS
:: Sends an SMS message when SSH tunnel is activated
:: Preloaded with Ubuntu, Kismet, Aircrack-NG, WEPbuster, Karma, Metasploit, SET, Fasttrack, SSLstrip, nmap, dsniff, netcat, scapy, ettercap, medusa, & more!
:: Unpingable and no listening ports in stealth mode



Nice. smiley

Logged

Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker
Stephen66515
Animated Giffer in Chief
Honorary Member
**
Posts: 2,464



see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #1 on: July 03, 2011, 04:50:57 PM »

o_0
Logged

No trees were harmed during the creation of this message.  Millions of electrons, however, were terribly inconvenienced

"Think left and think right and think low and think high. Oh, the things you can think up if only you try!" - Dr. Seuss
40hz
Supporting Member
**
Posts: 10,637



see users location on a map View Profile Read user's biography. Give some DonationCredits to this forum member
« Reply #2 on: July 04, 2011, 01:06:58 AM »

Why am I a little skeptical about this?  

Maybe it's this:



Or this (Marvell's Sheeva Plug computer - picture directly taken from Marvell's sales brochure)



(Note: I guess you could set it up as a "pen box" since the Sheeva Plug is a Linux PC. All it would take is to load it up with a free copy of BackTrak or a similar NIX 'security' distro. But you can also run BackTrak off a live DVD (or a USB drive) using any computer so I'm not sure what the advantage of putting it on it's own plug computer would be. Unless maybe you were planning on quietly slipping it in someplace you shouldn't, and then accessing it remotely? mrgreen)

Then there's the Go Daddy private registration on the website...(a security firm uses Go Daddy as their registrar?)

It's also weird (to me) how Rapid Focus Security, LLC of 27 French Street, Barre, VT - (the alleged operator of the website) doesn't show up as a registered corporation in Vermont. They could be registered in another state. But checking the usual corporate shell registration places like Nevada and Delaware comes up blank. Nothing in shows up for Nevada. (Can't check Delaware until Tuesday since they only allow online corporate registration verifications during regular business hours.)

Or the fact there's no phone number or contact information on the webpage - or a street address - or any company history or related info - or...

There might be a reason why they're so 'invisible.' But I'm always a little concerned when a security company is totally stealthed, and doesn't at least have a token 'front office' that's out in plain sight.

It also strikes me as odd they offer intrusion assessment and penetration testing services - and then list some recent clients. (Most big corporations like Cisco have a confidentiality clause in their contracts that forbids vendors from using their name in any marketing activities. Especially if it's security related, in which case the vendor is usually contractually forbidden from even saying they did work for the corporation.)

Dunno...I could be wrong...but I'm a little leery about this.  Cry

« Last Edit: July 04, 2011, 02:09:38 AM by 40hz » Logged

Don't you see? It's turtles all the way down!
zridling
Friend of the Site
Charter Member
***
Posts: 3,290


Linux captive

see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #3 on: July 04, 2011, 02:20:14 AM »

Kevin Mitnick is quoted. Isn't that the hacker that went to jail and is never allowed near the internet for life?
Logged

- zaine (on Google+)
40hz
Supporting Member
**
Posts: 10,637



see users location on a map View Profile Read user's biography. Give some DonationCredits to this forum member
« Reply #4 on: July 04, 2011, 06:46:47 AM »

Kevin Mitnick is quoted. Isn't that the hacker that went to jail and is never allowed near the internet for life?

The same.

The lifetime ban on internet use got overturned by the courts following his release from prison. There are different stories as to why he was able to cut a deal. One rumor has it this deal got made in exchange for him not pursuing a civil rights case against the government for its questionable act of holding him in solitary confinement for something like most of a year because somebody convinced prison officials he would be able to start a nuclear war if he so much as sat in the same room with a telephone. Other stories cite the inconvenient fact (for prosecutors) that he already served 4 years in prison (on pre-trial detention) before his case even got to court. (Note: The US still had a functioning Bill of Rights back then. Today Kevin Mitnick would wind up being classified as an "enemy combatant" and disappear into some non-existent government detention facility where he would soon learn that there are no secrets to be kept from an angry government.  *Splash!!!*)

But he's since seen the error of his ways. Jail cells and solitary confinement can do that to ya! He now writes books, consults, and speaks publicly on computer security topics.

There really is a Mitnick Security Consulting LLC btw:

Quote
Mitnick Security Consulting, LLC is a full-service information security consulting firm. Founded by Kevin Mitnick, Mitnick Security Consulting offers a comprehensive range of services to help businesses protect their valuable assets. read more >>

I just wonder if that Pwnie testimonial is real.

 Cool


« Last Edit: July 04, 2011, 07:59:56 AM by 40hz » Logged

Don't you see? It's turtles all the way down!
J-Mac
Supporting Member
**
Posts: 2,854


see users location on a map View Profile Read user's biography. Give some DonationCredits to this forum member
« Reply #5 on: July 10, 2011, 11:51:27 AM »

I read his book, "The Art of Deception" and yes, he does have quite a few tall tales in it!

Jim
Logged

"I am getting so tired of slitting the throats of people who say that I am a violent psychopath."
40hz
Supporting Member
**
Posts: 10,637



see users location on a map View Profile Read user's biography. Give some DonationCredits to this forum member
« Reply #6 on: July 10, 2011, 01:02:10 PM »

I read his book, "The Art of Deception" and yes, he does have quite a few tall tales in it!

Jim

+1! There's a whole lotta BS being slung around.

That's the problem when you deal with hackers and cybersecurity stories. Everybody - and I mean everybody - from the hackers, to the "white hats" - to the agents of the law enforcement community itself - all exaggerate wildly about the events and exploits they were involved with - along with the significance of what actually went down.

About the only thing you can count on is they all want to magnify their individual roles (and importance) in the eyes of their peers, their superiors, and the general public.

 undecided

« Last Edit: July 10, 2011, 01:06:30 PM by 40hz » Logged

Don't you see? It's turtles all the way down!
pwnieexpress
Participant
*
Posts: 1

View Profile Give some DonationCredits to this forum member
« Reply #7 on: August 15, 2011, 08:03:39 PM »

Hi!

I work for Pwnie Express and I just wanted to reach out into this community and address a couple things people said in this thread:

First of all, we are very small and so getting sudden exposure is certainly revealing the fact that we are a tiny startup which is a group of friends. Just gonna run through a few points in the thread above

Kevin Mitnick did buy a plug and that was a quote from him after he bought the plug. Before buying it he sent this tweet: https://twitter.com/#!/kevinmitnick/status/42370853526175744

Also, Mitnick did go to jail but he is out and we just saw him quite a bit ad Defcon 19 where we were vendors. We sold over 200 plugs and quite a few of the Pwn Phones -- a mobile pentesting platform build on the Nokia N900 platform..

The plug is indeed based on the Marvell Sheeva Plug hardware. We purchase the plugs from GlobalScale who manufactures them and then flash them with our own image (build on Ubuntu) with our own custom software.  We have been working on adding other grpahics besides just those from the manufacturer to the pages.

The domain was registered by a friend who is a webdeveloper when we were quite small. At some point in the future we will tranfer the domain registration to the LLC itself and make that information public. Good point tho!

Final point regarding our list of clients: the high profile clients we listed are indeed clients but they are hardware clients, not clients who we have provided infosec services to. In the case of Cisco we saw no reason not to list them because we are partnering with them in certain ways. At Black Hat Cisco gave out some of our PwnPhones as a prize for a contest at their vendor booth. Check out: http://blog.pwnieexpress.com/post/8974758207/black-hat-interview-with-cbs

Regarding the validity of our company you can search for Pwnie Express here : http://www.sec.state.vt.us/seek/keysrch.htm

If anyone has any other specific questions  (or skepticism!) please feel free to respond in this thread or reach out to use directly by emailing info {AT} pwnieexpress [dot] com

Thanks for your time!

The Pwnie Express Team


* 2011-08-03 13.17.12.jpg (261.56 KB, 1024x768 - viewed 103 times.)
Logged
Renegade
Charter Member
***
Posts: 11,191



Tell me something you don't know...

see users location on a map View Profile WWW Give some DonationCredits to this forum member
« Reply #8 on: August 15, 2011, 08:51:44 PM »

@pwnieexpress - Thanks for dropping in and clearing up some of that. It's always good to have vendors give their $0.02.

Cheers!
Logged

Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker
r0bert0
Participant
*
Posts: 4


View Profile Give some DonationCredits to this forum member
« Reply #9 on: January 20, 2013, 09:29:23 PM »

another one

http://www.demyo.com/products/demyo-power-strip/
Logged
Pages: [1]   Go Up
  Reply  |  New Topic  |  Print  
 
Jump to:  
   Forum Home   Thread Marks Chat! Downloads Search Login Register  

DonationCoder.com | About Us
DonationCoder.com Forum | Powered by SMF
[ Page time: 0.039s | Server load: 0.08 ]