MiniPwner is a pen-testing “drop box” designed to offer both simplicity and effectiveness. By discreetly plugging it into a network and gaining remote access to said network, the pen-tester can effectively complete their job.
A pwner can be used for a variety of different things – from wireless auditing/network auditing and recon to a rogue access point for man-in-the-middle attacks.
Most commonly, MiniPwner’s are used to aid pen-testers by establishing rogue access points to the networks being tested.
“The penetration tester uses stealth or social engineering techniques to plug the MiniPwner into an available network port. (Common locations include conference rooms, unoccupied workstations, the back of IP Telephones, etc.)
Once it is plugged in, the penetration tester can log into the MiniPwner and begin scanning and attacking the network.”
MiniPwners also offers integrated wired/wireless connections, low power consumption, flexibility and convenience, “MiniModes”, and multiple pen-testing tools.
The tools include (but are not limited to):
In order to set up your MiniPwner successfully, you will need TPLink TL-WR703N (or alternate version), a USB flash drive, a battery pack, an Ethernet cable, and Velcro.
After gathering the essentials, start building:
- Install the most recent version of OpenWrt firmware (downloads.openwrt.org)
- Utilizing the network interface of the factory firmware, flash the router
- Configure the network
- Mount the USB flash drive
- Install security packages listed above
Login credentials are usually relative to the place of purchase. For example, Ace Hackware’s default login is “root” and their default password is “acehackware”.
A couple useful tips:
- Change the name of your network in the directory: /etc/config/wireless
- opkg update will update the list of existing packages
- opkg –dest usb install packagename will install whatever package to your USB flash drive