April 16, 2011 (Powerhomebiz.com) Security researcher Jeremiah Talamantes will release a new penetration testing tool called ”PlugBot” at this year’s TakeDownCon Dallas, a new IT security conference designed by the EC-Council.
PlugBot is an ultra compact penetration testing hardware device, designed to evade anti-virus and firewall detection, significantly reduce face-to-face social engineering interaction, and provide an onboard set of tools to allow an ethical hacker (penetration tester) to covertly infiltrate and dynamically hack the target from the inside out.
”I am excited to unveil this new tool at TakeDo wnCon Dallas,” said Talamantes. ”As an ethical hacker for many years, I set out to create a tool that would enable us to widen our window of opportunity while reducing the chance of being discovered and still have the luxury of hacking the target dynamically. I honestly wanted to make it as easy as … walk in, plug in, and walk out.”
”PlugBot will be an interesting new tool for the pen-test community and TakeDownCon Dallas attendees will be the first to see it,” said Leonard Chin, Conference Director for TakeDownCon, and EC-Council Director of Global Marketing. ”Jeremiah is a respected researcher and security practitioner and we’re pleased he chose TakeDownCon as the place to debut this new tool. ”
PlugBot was designed to facilitate penetration testing in many ways, such as:
• Reducing the need face-to-face social engineering, which may lead to compromise
• Allowing the dynamic use of other popular tools, such as nmap and Metasploit
• Remotely installing custom Perl and Python scripts on the fly
• Traversing strict egress firewall rules and filters
• Incorporating remote kill switch and IDS evasion capabilities
• Providing the ability to hack over multiple interfaces, including Ethernet, Bluetooth, and Wi-Fi
• Saving of tool output locally or via a web interface
• Viewing of statistics and logs for bot health and diagnostic purposes
In addition, PlugBot challenges:
• Physical Security
o Personnel access to conference rooms
o Wi-Fi range
o Bluetooth usage
o Rogue device detection and sweeps
• Technical Security
o Port configuration in conference rooms
o Wi-Fi security settings
o Bluejacking and Bluesnarfing
o Rogue AP detection
By using this pluggable device, penetration testers can gain access to the target location (e.g., a conference room), plug the PlugBot into the nearest wall outlet, and walk out. The PlugBot is configured to make an external connection (e.g., Wi-Fi or Ethernet) to a specified IP address in order to receive instructions. The Central Command allows the penetration tester to invoke scripts and applications. Output, as a result of testing, is encrypted and securely transmitted to the Drop Zone where the penetration tester imports data into the Central Command for analysis.
PlugBot is driven by a 1.2GHz processor, with 512MB of RAM, drawing just under 5 watts of power. It offers a suite of hardware and software features, including Debian, Perl, PHP, Gigabit Ethernet, Bluetooth, and 802.11b Wi-Fi, as well as a MicroSD socket for expandability of disk space – all in a small form factor for increased stealth and portability.
TakeDownCon Dallas, held at the InterContinental Dallas from May 14 – 19, is sponsored by Application Security, Element K, SAINT Corporation, and Damballa Inc, among others. It is supported by InfraGard’s North Texas Chapter and NAISG’s Dallas Chapter. The conference also enjoys the support of (ISC)2 as lead global education partner. For more information, including a complete program, presentation synopses, and registration details, go to: http://www.takedowncon.com
Website: http://www.theplugbot.com
ABOUT JEREMIAH TALAMANTES
Jeremiah Talamantes, CISSP, CEH, is a 13-year veteran of the information security industry, currently serving as Managing Partner and Security Researcher for RedTeam Security Corporation, based in Minneapolis, MN, where he also leads RedTeam Labs. His research – most notably in advanced penetration testing and application security – has led to the discovery of numerous 0-day exploits. An ISSA chapter board member, he writes collegiate level curricula, as well as writes and presents regularly on topics ranging from war driving, to live hacking demonstrations, to network boot camps, to enterprise 802.1x deployments.
In addition to being the founder of the PlugBot project, Jeremiah is the technical editor for ”When Botnets Attack,” an upcoming security book from Syngress Publishing.
ABOUT TAKEDOWNCON
TakeDownCon is a new technical IT security conference series that provides advanced, highly technical research, presentations, and training to accomplished information security professionals. Developed by EC-Council, it debuts in 2011 with two conferences in Dallas and Las Vegas. TakeDownCon focuses on technical research in cutting-edge exploits and vulnerabilities and also provides EC-Council certification training, including the renowned Certified Ethical Hacker (CEH) program (a recently accepted certification of DOD Directive 8570.01M Change 2). Website: http://www.takedowncon.com .
ABOUT EC-COUNCIL
The International Council of E-Commerce Consultants (EC-Council) is a member–based organization that certified individual in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (CEH) course, Computer Hacking Forensics (CHFI) program, License Penetration Tester (LPT) program and various other programs offered in over 60 countries around the glove. EC-Council has trained over 80,000 individuals and certified more than 30,000 security professionals. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government, National Security Agency (NSA), Committee on National Security Systems (CNSS), Army, FBI, Microsoft, and CERTs (Computer Emergency Response Team) of various nations. The U.S. Department of Defense (DoD) included the CEH program into its Directive 8570, making it one of the mandatory standards to be achieved by Computer! Network Defenders Service Providers (CND-SP). Website: http://www.eccouncil.org