[Discuss] Pwn Pad: A Nexus 7 as a network security testing tool

Tom Metro tmetro+blu at gmail.com
Sat Apr 13 17:13:12 EDT 2013 

A company that develops open source security hardware and software has
bundled a Google Nexus 7 tablet with a custom ROM (which includes a
chroot Ubuntu install and a bunch of security tools) and some USB
network interfaces (wired, WiFi, and long range Bluetooth) to create a
portable network security testing tool. This article reviews it.

Page 2 of the article has some interesting things to say about the
Ubuntu chroot environment, saying how well it performs, how well it
integrates into Android, and how you can quite easily port over Linux apps.

http://www.thepowerbase.com/2013/04/back-to-the-future-pwn-pad-review/

  By taking what is arguably the most popular and best supported Android
  tablet available, the Nexus 7, and combining it with their software
  tweaks and real world knowledge of the security industry, Pwnie
  Express is adhering to the same formula that put them on the map.

  At first glance, the Pwnie Express Pwn Pad looks like a regular Nexus
  7 tablet. ... The only difference between the consumer Nexus 7 and the
  Pwn Pad version is the software that's loaded up on it. ... Pwnie
  Express even plans on making a free version of the Pwn Pad firmware
  available for existing Nexus 7 owners who just want to poke around
  with the system; just as they did with the Pwn Plug before it.
  [...]
  The USB hardware included with the Pwn Pad is really one of the main
  selling points of the kit, as it has all been matched to the software
  installed on the Nexus 7. If you had to use only the meager internal
  WiFi and Bluetooth radios on the Nexus 7, you'd be constrained by both
  their relatively poor performance (in terms of sensitivity and range)
  and their limited chipset and software support.

  ...the Pwn Pad kit contains the following external devices: TREDnet
  TU2-ET100 [wired Ethernet] ... TP-LINK TL-WN722N [WiFi adapter] ...
  SENA Parani UD100 ...a high performance Class 1 Bluetooth adapter that
  can extend the effective range of Bluetooth up into the hundreds of
  meters.
  [...]
  ...the Pwn Pad kit includes the poetic SLIMLINE case for the Nexus 7.
  Aside from simply protecting the Nexus 7 and being able to prop it up
  for hands-free viewing, Pwnie Express has put a strip of Velcro down
  the back of the case which mates up to the strips they put on all of
  the other devices. While a decidedly low-tech solution, this does let
  you quickly slap one of the external devices right on to the back of
  the case, and not have to worry about holding it separately
  [...]
  They've included an entire Ubuntu 12.04 installation along side of
  Android, and with it, brought all the software and capability that a
  full Linux distribution offers.
  [...]
  When the Pwn Pad uses chroot to start up the Ubuntu environment, there
  is no functional impact to the Android side. Everything still works as
  expected, and performance is unchanged. But the user can now open up a
  terminal, or start a Linux program directly, and they will run just as
  if they were on a regular computer.

  With some clever scripting, Pwnie Express has managed to wrap this
  functionality up so well that you could be excused for thinking
  Linux-only applications installed on the Pwn Pad are native to
  Android. All of the Linux tools have their own icons right on the home
  screen, and the starting of the chroot environment is done
  automatically when you select one.
  [...]
  ...chroot on Android doesn't allow graphical Linux applications to
  run. As there is currently no X implementation available for
  Android...That being said, it IS possible to run X on a VNC session
  from the Linux side, and then connect to that with an Android VNC
  viewer.
  [...]
  Many of of the tools on the Pad are geared towards wireless scanning
  and attacks, such as Kismet, Airodump, wifite, Bluelog, and the
  ubertooth suite. There are also network agnostic tools such as
  SSLstrip, Ettercap, tcpdump, and Dsniff, as well as the comprehensive
  SET and Metasploit suites.
  [...]
  I was especially impressed with the performance of the Linux side of
  the Pwn Pad. The raw power of the Nexus 7 really does the Ubuntu
  environment justice, compiling software on the tablet was much faster
  than I was expecting. I wouldn't want to compile a new kernel on it,
  but the tools I tried were all built within a reasonable amount of
  time.

The above has been largely the positive aspects of the product. See the
article for the criticisms and conclusion.

 -Tom

-- 
Tom Metro
Venture Logic, Newton, MA, USA
"Enterprise solutions through open source."
Professional Profile: http://tmetro.venturelogic.com/

More information about the Discuss mailing list