We are Legion: Pentesting with an Army of Low-power Low-cost Devices

Presented at DEF CON 21 (2013), Aug. 3, 2013, 1 p.m. (45 minutes).

This talk will show attendees how they can do penetration testing with a network of small, battery-powered, penetration testing systems. The small devices discussed will be running a version of The Deck, a full-featured penetration testing and forensics Linux distro. The Deck runs on the BeagleBoard and BeagleBone family of devices (including the next-gen BeagleBone released in April aka the Raspberry Pi killer). These devices are easily hidden and can run for days to weeks off of battery power thanks to their low power consumption. Various configurations will be presented including a device the size of a deck of cards that is easily attached to the back of a computer which is powered by USB and can be connected inline with the computer's Ethernet connection. While each device running The Deck is a full-featured penetration testing platform, connecting systems together via 802.15.4 networking allows even more power and flexibility. Devices may be constructed for $70-$200 each depending on configuration withthe typical device costing less than $100. Devices may be located up to 1 mile from each other and from the command console which could also be running The Deck or any other version of Linux. A powerful pentesting army is easily built for much less than the cost of an Apple MacBook Pro.


Presenters:

Links:

Similar Presentations: