I was lucky enough to get my hands on a LAN Turtle, the tiny Linux based computer disguised as a USB ethernet adapter.
- Atheros AR9331 SoC at 400 MHz MIPS
- 16 MB Onboard Flash
- 64 MB DDR2 RAM
- 10/100 Ethernet Port
- USB Ethernet Port – Realtek RTL8152
- Indicator LED (Green Power, Amber Status)
- Button (inside case for Factory Reset / Firmware Recovery)
- Dimensions: 95 x 23 x 31 mm
What is it?
The whole idea of the Lan Turtle is to be an innocuous pentest dropbox. That being said this isn’t the device which you would run your entire suite of tools on. The idea is to just simply use the Turtle to pivot into an internal network.
The main way in which you connect to the device to manage and configure it is via SSH. The main interface is a Ncurses style text-based menu system. This makes the device extremely simple to use. Within in a few clicks you can have reverse SSH set up on this thing and go and throw it into a target network. If there is more customization you wish to do, or make some more advanced configurations to the device, you can simply exit this menu system and have full root SSH access.
In order to install packages you need to connect an ethernet cable to the device. The entire package system is based off an HTTP connection to lanturtle.com. This mimics a full package manager, and again, makes the device extremely simple to deploy and use.
The number of packages or ‘modules’ for the Lan Turtle seems to be ever expanding. The ‘Quick Creds’ module gained some notoriety as Mubix was able to set this thing up to steal SMB creds when plugged into a target machine. A number of other familiar modules are seen above, aswell as SSHFS which was probably my favourite module. SSHFS is as Linux tool which allows you to mount a remote directory over SSH. In the case of the LAN Turtle this meant I could have logs from the device sent via SSH in real-time to a VPS.
Is it worth the cash?
I’d say the LAN Turtle is priced very competitively. Especially considering this thing definitely stands up against the likes of Pwnie Express. (VERY EXPENSIVE). It’s a very small price to pay for a device which is super cool. That being said, the specs on the device are not fantastic. This is clearly purpose built as a way into an internal network. Those specs are completely fine for that. However, in some cases (especially on a real pentest) its not viable to have your attacks going via a VPN into the internal network and it would be far easier to have the tools running directly on the device. A Raspberry Pi 3, which has significantly more horsepower, would probably be a better choice for this. This being said, by going down the homebrew route you do miss out on a lot of ready made offensive security scripts.
If you wanna get your own LAN Turtle, head over to https://lanturtle.com/ (NOT A SPONSOR)