We are Legion: Pentesting with an Army of Low-power Low-cost Devices

DEF CON 21

Presented by: Phil Polstra
Date: Saturday August 03, 2013
Time: 13:00 - 13:45
Location: Track 3
Track: Track 3

This talk will show attendees how they can do penetration testing with a network of small, battery-powered, penetration testing systems. The small devices discussed will be running a version of The Deck, a full-featured penetration testing and forensics Linux distro. The Deck runs on the BeagleBoard and BeagleBone family of devices (including the next-gen BeagleBone released in April aka the Raspberry Pi killer). These devices are easily hidden and can run for days to weeks off of battery power thanks to their low power consumption. Various configurations will be presented including a device the size of a deck of cards that is easily attached to the back of a computer which is powered by USB and can be connected inline with the computer's Ethernet connection. While each device running The Deck is a full-featured penetration testing platform, connecting systems together via 802.15.4 networking allows even more power and flexibility. Devices may be constructed for $70-$200 each depending on configuration with the typical device costing less than $100. Devices may be located up to 1 mile from each other and from the command console which could also be running The Deck or any other version of Linux. A powerful pentesting army is easily built for much less than the cost of an Apple MacBook Pro.

Phil Polstra

Philip Polstra (@ppolstra) was born at an early age. He cleaned out his savings at age 8 in order to buy a TI99-4A computer for the sum of $450.Two years later he learned 6502 assembly and has been hacking computers and electronics ever since. Phil currently works as an Associate Professor and Hacker in Residence at a private Midwestern university. He teaches computer security and forensics. His current research focus involves use of microcontrollers and small embedded computers for forensics and pentesting. Prior to entering academia, Phil held several high level positions at well-known US companies. He holds a couple of the usual certs and degrees one might expect for someone in his position. Phil is also an accomplished aviator with several thousand hours of flight time. He holds 12 ratings including instructor, commerical pilot, mechanic, inspector, and avionics tech. When not working, he likes to spend time with his family, fly, hack electronics, and has been known to build airplanes. Over the last few years Phil has spoken on various USB-related topics at a number of conferences such as 44Con, NetSecure, ForenSecure, MakerFaire Detroit, THOTCON, GrrCON, DEF CON, and Black Hat. He has developed a number of cheap, fun, and useful devices for infosec and forensics professionals.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats