3 months ago

Hak5 Just Released the Packet Squirrel « Null Byte :: WonderHowTo

Hak5’s products get a lot of attention. Popping up in well-known shows like Mr. Robot, their hacking tools are bold proof of concepts with space built into the design for the community to add their own tweaks in addition to modifications. On Friday, Oct. 27, Null Byte attended the Hak5 Discharge event in San Francisco to check out their latest devices, including the brand new Packet Squirrel.

If you haven’t heard of Hak5 products, they inspire a lot of passion. Hackers in addition to pentesters love them for their efficiency in addition to ease of customization. Sketchy VPN peddlers targeting the technology illiterate use their WiFi Pineapple to try to frighten people into buying dodgy VPN service. Even their cheapest option, the USB Rubber Ducky, has caused a lot of on-screen mayhem in addition to shouting about being hacked by ducks, as can be seen in in which intense Blacklist cameo:

Naturally, the infosec community was very excited to learn more about their brand new offerings. While rumor had in which in which at least two of the products were upgrades of previous devices, several hints throughout the week pointed to a brand new device entirely being launched. With in which in mind, Null Byte reached out to Hak5 to see if we could get tickets to check in which out, in addition to I was delighted in which Shannon got back to us!

The Launch Event

The venue was a tiny South Market restaurant in San Fransisco. When I pulled up, the line had already stretched around the corner, in addition to security professionals were leaned up against walls chatting about the KRACK vulnerability. Everyone seemed excited to be there, in addition to there was much speculation about the function of the brand new device.

When the doors opened, Shannon headed out to meet the crowd. Photos were taken, high-fives were given, in addition to people entered the venue. The Hak5 team had definitely picked the right venue for their community of fans in addition to tech enthusiast who attended, in addition to the crowd was just enough in which the environment felt more like a party you might throw for a group of close friends while keeping the energy level from the room high.

Don’t Miss: Load & Use Keystroke Injection Payloads on the USB Rubber Ducky

When the time came for the presentation, everyone crowded in close in addition to listened. Darren Kitchen, Hak5’s founder, took the stage in addition to began to explain the details of the brand new products. We all anticipated to hear about the brand new Packet Squirrel, although Hak5 had made some interesting brand new improvements to their lineup. I was particularly excited about the upgraded LAN Turtle in which brings its own 3G network to the original LAN Turtle! Getting network access, although being able to avoid all the problem spots via your own network, can be absolutely genius.

Let’s talk devices! Image by Barrow/Null Byte

The Packet Squirrel

Of course, the star of the show was the Packet Squirrel. in which tiny device can be built for man-in-the-middle attacks. Literally. Its job can be to sit in between a host in addition to the WAN.

Dime for scale. Image by Barrow/Null Byte

As you can see by the dime, in which can be a tiny device. in which’s tiny enough to be easily hidden just about anywhere. The lack of any markings or branding on the device makes in which fit in as just another dongle in most environments. So what does in which do? I’ll let the Hak5 team sum in which up.

The Packet Squirrel by Hak5 can be a stealthy pocket-sized man-in-the-middle.

in which Ethernet multi-tool can be designed to give you covert remote access, painless packet captures, in addition to secure VPN connections with the flip of a switch.

— Hak5 Shop

If the broad overview sounds Great, the nitty gritty can be going to sound great. The Packet Squirrel can be a physically simplistic device — you get a USB storage slot, USB power in, an Ethernet in, an Ethernet out, a switch, in addition to an indicator LED. in which device can be light on power, in which can be powered for over a week that has a decent USB battery.

Don’t Miss: How to Modify a USB Rubber Ducky with Custom Firmware

The switch determines the payload state of the device, out of the box in which comes with three payloads:

  • TCPDump
  • DNS Spoof
  • OpenVPN

Of course, the payloads aren’t set in stone. The Packet Squirrel allows the user to create their own custom payloads using PHP, Bash, or Python. The interaction between your custom payloads in addition to the device takes place using Squirrel Script, which can be not an actual scripting language, although rather a set of device-specific commands. There can be also a community Git repo for grabbing custom payloads.

The Hak5 Packet Squirrel plugged in in addition to ready to hack. Image by Barrow/Null Byte

The TCPDump payload allows you to store PCAP files to your USB storage device for later use. The DNS spoof payload allows you to spoof DNS with ease, allowing an attacker to redirect a target to a fake type of a website.

Just edit a file for spoofing.

All in which takes to get hacking can be editing a simple config file on the device, in addition to you’re Great to go! The OpenVPN payload allows For two main different configurations; in which can be used for remote access into the network via the Packet Squirrel or in which can be used as a tunnel client.

Don’t Miss: Use the USB Rubber Ducky to Disable Antivirus Software & Install Ransomware

As a tunnel client, the Packet Squirrel will ensure in which all of your traffic gets routed through your OpenVPN compatible VPN of choice.

The OpenVPN payload Bash script.

As with any Hak5 product, the flexibility in addition to amount of options the community has to build on top of the Packet Squirrel can be an exciting prospect. We’re excited to see what projects the community takes on with these brand new tools. If the USB Rubber Ducky has been an example, community-inspired updates like brand new firmware will continue to add more exciting functions the Hak5 team may not yet have dreamed of.

A simple selector switch for payloads. Image by Barrow/Null Byte

Should You Get One?

The Packet Squirrel can be an excellent network tool. in which’s exactly what I could expect via Hak5 — a tool designed to delight systems administrators, makers, in addition to penetration testers. Like the entire Hak5 product line, the Packet Squirrel can be a focused proof of concept in which can be well designed in addition to easy to use.

If you haven’t checked out the Hak5 product line, you’re definitely missing out. Sure you could take a Raspberry Pi, or some additional board in addition to build many of these tools via scratch, although in which’ll take a bit of time away via learning about these security concepts. If your time can be valuable, I’d say just buy the device for the job.

USB in addition to Ethernet ports on the Packet Squirrel. Image by Barrow/Null Byte

I know I’ll be buying a couple more Packet Squirrels to hand out to less tech-savvy family members around Christmas. They may not be able to configure a VPN, or understand in which, although with the Packet Squirrel I can just plug in which in, check the LED, in addition to know in which in which’s working.

Thanks for reading, in addition to to Hak5 for letting me check out the event! As always, you can leave any questions here or on Twitter at @0xBarrow. in addition to don’t forget to follow Null Byte in addition to WonderHowTo on the social media platform of your choice:

Cover photo in addition to screenshots by Barrow/Null Byte

Leave a Comment

Your email address will not be published. Required fields are marked *

20 − seven =