RSA: The Pwn Pad is an Android Tablet-Based Penetration Tester

Last year Pwnie Express showed us their Stealthy Pen Test Unit that plugged directly into a 115 VAC wall outlet. This year at RSA they're proudly displaying their Pwn Pad, which is a highly-modified (and rooted) Nexus 7 tablet "which provides professionals an unprecedented ease of use in evaluating wired and wireless networks." They list its core features as Android OS 4.2 and Ubuntu 12.04; large screen, powerful battery; OSS-based pentester toolkit; and long range wireless packet injection. If you can't see the video (or want to read along) the transcript is below.

Pwn Pad Passes Perl Philter Phor

Duplicates

Nice Tablet

[jackb_guppy]

I good see the hardware/software is flexable - even in these days of walled gardens.

My wife just got me a TP adapter, so I now have a net project to look forward too.

Sooo...

It's an $800 sub-par tablet with a bunch of free software installed that any "pwner" worth his/her salt should know how to get on their own. Meh.

Re:Huh? Where?

[mcmonkey]

Click the "Hide/Show Transcript" link under the video.

Yeah, not very clear.

Advice For Doing Interviews

[CanHasDIY]

Tim: Now is this an outgrowth of the Pwnie Plug? The earlier product, the plug that was here last year? And that is still available?

Oliver: Yes. That is correct.

Tim: So what does this cost? And what goes into that? For instance, I see you’ve got a different wireless card on here, can you talk in detail about what’s the wireless that you’ve got attached to the back there?

Oliver: Yeah, so this is a TP-link adapter. This is a unique card in that it supports a packet injection, monitor mode and wireless promiscuous mode, which lets you do sidejacking.

Word of advice: try letting the interviewee answer the current fucking question before you ask another one.

I, personally, would like to know what the cost will be, but thanks to Timmy's piss-poor interviewing skills, I'll have to seek the information elsewhere.

Re:Not Really Revolutionary

[Lunix+Nutcase]

They don't claim it's revolutionary. Also the integration and pre-configuration is very important to many people who would be interested in such a product. Much more so than your dimissive comment would make it seem. Sure, one could buy all the parts separately, recompile the kernel and all the software and put it tall together hemselves. On the other hand, most people's time is not worthless so the price is worth the fact that one can be up and running immediately.

Re:Not Really Revolutionary

[DarkTempes]

First of all, this is neat. I've used usb host mode on my HP Touchpad to run a wireless adapter for kismet before just to see if I could.
But mostly I don't think this is for consumers or enthusiasts .

Let's say $300 for the most expensive nexus 7 and they're selling this for $800.

Maybe $100 for all of the other extra hardware (very generous as the wifi adapter is $15-20, etc)

That means you're paying $400, half of the device, for them to: compile a custom kernel for android (turn on packet injection), install an ubuntu chroot, install most of the packages from apt, and build a couple of them from source.
They're using an ubuntu chroot so no need for android custom gui apps.

$400 is a pretty hefty convenience cost but I guess I could see where for business purposes that would make sense for some people.

Re:Not Really Revolutionary

[CanHasDIY]

You're pretty much dead on with your numbers:

32GB Nexus 7 w/ AT&T 3G - $300

TP-Link TL-WN722N (atheros usb wifi) - $20

Sena UD100 (Bluetooth USB) - $40

USB Ethernet adapter - ~$30 (really? Damn!)

OTG cable (host mode) - $2

I wonder how long it takes them to compile/load all those apps? Would be interesting to break it down and see just how much per hour these guys are charging.