SexyCyborg is at it again. This time tackling the question of what she would do if she wanted to be a hacker. Her final design is a pair of platform heels that include a full hacking suite.
So I got to thinking- if I had to do penetration testing on a corporate facility, how would I do it? Social engineering for one- I’m a natural honeypot. I think there’s a reasonable chance that a guy might invite me back to their office after a few drinks in the neighborhood? 😛 But a handbag would be suspicious and leaving cell phones at the gate would be standard practice in any reasonably secure facility. My typical clothing does not leave room to hide anything- but that’s all the more reason they would not be suspicious of me.
That’s a ton of stuff to fit into a pair of shoes. Especially if you want them to look somewhat inconspicuous.
The heels of both shoes pull out without having to remove the shoe. Stored in each side is a different set of tools.
In my left shoe there is a USB keystroke recorder. This is a pass-through device that goes into the back of the computer where you normally plug the keyboard in and records everything typed on the keyboard (so all passwords) in it’s built in memory.
For the purposes of this first test version, my right shoe contains a pen testing drop box. This is a wireless router running OpenWRT with a built in rechargeable battery that could either be left running inside the shoe (for war-walking, wifi sniffing and logging etc) or could be removed and plugged into a convenient open network jack as soon as I was inside and had direct access to the LAN. Once this is done you can gain remote access anytime you want via SSH tunnel.