Tech Segment: MiniPwner (TP-Link TL-WR703n Pen Testing Drop Box)

Background

The MiniPwner is a pen-testing drop box. Prior to the MiniPwner we were using a Pwnie Express or an Apple travel router as drop boxes during physical penetration tests. But these solutions depended on a known IP addressing scheme or DHCP, a power outlet near an open network port, and unfiltered Internet access. My wish list for a home-built drop box was a router that was small, inexpensive, OpenWRT supported, had wired and wireless interfaces, had space for a USB drive, and could be battery powered, all without soldering or custom firmware. The WR703N router had recently become available and OpenWRT supported and seemed to be a perfect fit.

What Makes it Cool

TL-WR703N is cheap (under $25)
Small but powerful - Wired, Wireless, USB, battery power
No need to compile firmware or do any soldering to build a MiniPwner
Flexibility - add whatever packages you desire

MiniPwner Build Overview

What you'll need:

TPLink TL-WR703N (or the slightly larger TL-MR3020)
USB flash drive (I like the low profile Cruzer Fit drives)
Battery Pack (I get the Sharper Image charger kit)
Ethernet cable, velcro

High Level Build Steps 1) Download the current OpenWrt firmware from downloads.openwrt.org or the 5/14/2012 "Derbycon" build off minipwner.com. 2) Use the web interface of the factory firmware to flash the router 3) Configure the Network 4) Mount the USB Drive 5) Download and install security packages

Some of the packages in the build script include: Nmap, Tcpdump, Aircrack-ng, Kismet, Openvpn, Airpwn, Dsniff, SSLsniff, Parasite, Reaver, Nbtscan, Snort

The "DerbyCon" build uses the nightly snapshot from 5/14/2012 with a couple mods. A custom build script can be found in /user/share after the firmware is applied, and Reaver has been added to the packages repository. It is the only build I know of with Dsniff, Kismet and Reaver all working.