Rogue server in a UPS

posted Jan 16th 2006 12:01am by Eliot Phillips
filed under: misc hacks

ups

InventGeek’s newest contributor, Dan Williams, has just posted his first project: hiding a server in a UPS surge protector. Dan found himself with a dead UPS surge protector and decided to do something fun. The brick has two built in RJ-45 connectors and power so he figured he could easily hide a server in it. There are three main components involved: a 4-port router, an NSLU, and a USB enclosure for a laptop hard drive. The router and the NSLU were both stripped of their cases to save space. The wall warts were stripped of their cases as well. There aren’t a lot legitimate reasons to make one of these. It is still a fun project and if a burglar runs off with your laptop, but not your disguised file server, you might feel a little better.

[thanks Jared]

Read

Comments [19]

Reader Comments

awesome idea! would be nice if it still worked (at least superficially) as a ups with a low battery – you know, to complete the illusion.

i have plans in the works for a similar sort of device that hides in a cat5 wall jack, normally passive, which wakes up with a specially crafted packet (not wake on lan, but something seemingly legit). intended purpose? simply proof of concept, not anything malicious. could also be a clever hidden way of monitoring your own network for intruders. any suggestions?

Posted at 12:52 am on Jan 16th, 2006 by Steve

strange, my apc ups died just last night… i was contemplating tossing it around in the street, but wound up keeping it on a lark.

once again, hackaday comes to the rescue.

Posted at 5:22 am on Jan 16th, 2006 by weaszel

and of course i only remember this after i’ve posted a comment already, but, steve, this may be of interest to you:

http://www.chippc.com/products/thinclients/jackpc/index.asp

sure, it’s pre-made (and what’s the fun in that?), but it’s neat nonetheless.

Posted at 5:27 am on Jan 16th, 2006 by weaszel

Just a suggestion to all — beware of heat building up. I was very surprised by how much heat these UPS devices generate. As a volunteer firefighter, I have access to a thermal imaging camera. One really cold winter night I borrowed it to walk around the house finding cold spots which needed more insulation, and was stunned by the amount of heat perfectly functional UPS’s were throwing off. They accounted for as much heat as my servers (which were idle, but running).

The cases don’t have fans, so if you toss a processor in there along with a good UPS you’re going to overheat things. Consider stripping an old laptop for its low-heat parts to build your hidden servers.

Posted at 7:58 am on Jan 16th, 2006 by andrew pollack

I wonder if this guy stole the ideas from my mind. Well I’m not hiding a computer inside a broken UPS. I am hiding a light controller that is connected to my computer by PC… I will be submitting this with photos to hackaday.com so keep checking. It will allow you all to switch on and off up to about 32 110v/220v LIGHTS and low-power appliances using your computer! (Think: Light shows, lights synced to music, etc.).

Too bad he was there first with the “Hide it inside your UPS” idea.

SeBsZ

Posted at 11:40 am on Jan 16th, 2006 by Sebsz

very nice job on that. I’m impressed at the quality.

Posted at 1:11 pm on Jan 16th, 2006 by grayskies

I didn’t see in the explanation why he chose to leave the case around the hard drive- especially after sawing the wrapper off of the wall wart. Maybe just because he didn’t need to save any more space?

Posted at 1:26 pm on Jan 16th, 2006 by paul h

Proabably because it made it easier having the data and power over USB with the enclosure than hacking up another way. He probably could’ve removed the casing but it ended up fitting and laziness was able to kick in.

Posted at 4:07 pm on Jan 16th, 2006 by captsnuffy

Thats pretty cool, but i have my 2TB server hidden in my wall…..just in case the feds come :)

Posted at 9:12 pm on Jan 16th, 2006 by cooldude

This concept could keep you vital data safe if your house is ever robbed. No one would ever steal a UPS :)

Posted at 9:18 pm on Jan 16th, 2006 by Alan

that’s the second story from digg i’ve seen posted on here. yikes.

Posted at 12:07 am on Jan 17th, 2006 by blind

blind, im not so sure about that. digg has (rather often) had hackaday features posted. correct me if im wrong eliot, but i’m guessing that it was posted here first and then digg picked it up. the timing is about right.

Posted at 12:15 am on Jan 17th, 2006 by steve

Here’s another project from a couple years ago that was presented at toorcon with a similar concept. Looks like there’s some software that he could probably use as well, =).
http://www.tvsg.org/geeklog/staticpages/index.php?page=20030915100424692
http://www.tvsg.org/ups/

Posted at 12:36 am on Jan 17th, 2006 by aaron

Projects on inventgeek are very popular and usually show up on Digg, Make, Slashdot, BoingBoing, and Engadget (remember the vibrating lockpick last week) Usually I don’t get to carry these stories because they’re old news by the time the story would go up as the hack the following day. Jared (the inventgeek site owner) knows this and sent me the link in hopes that I could get to it before everyone else. That’s why the post went up at 12:01AM, To be the Hack of the Day.

Of course there is a possibility that Digg got it first since iventgeek is a web site on the internet. I searched for it and found these three stories:

http://digg.com/mods/PROJECT_ROUGE_SERVER
http://digg.com/mods/Server_in_a_Dead_UPS
http://digg.com/mods/Rogue_server_in_a_UPS

All apparently duping a Digg link that doesn’t exist anymore. Someone probably reported the original as the dupe and it got deleted. What a wonderfully broken system: Slashdot has met its match.

Posted at 12:50 am on Jan 17th, 2006 by Eliot Phillips

One could use this idea to swap out a existing ups at a company and have a server sitting descretely between the incomming line and the network, (on the other side of the firewall), and you could sniff all traffic in and out of the network..

Posted at 10:01 am on Jan 17th, 2006 by Dean

I did this at DEFCON and ToorCon back in 2003: “UPS: Who can Brown Own For You Today?” The UPS batteries didnt work anymore, but how many UPS’ don’t work after a few years anyway?

My system was plug-and-play – auto network discovery, auto phone-home, PSK DES encrypted exfiltration over a stealth channel (DNS). Came with a nice suite of attack tools – Dsniff, THCRUT, some MS exploits of the day, and even Nessus. It was all remote-controllable, even through a NAT device.

This would _not_ work as a ‘Hide Data from the Feds’ box – they take everything, they open everything. The way to hide data from the Feds is to not be anywhere near it – remote location, plausible deniability.

I fully expected my box to be discovered eventually, and had it reporting to a non-tracible listening post server.

Anyway, nice work, if not entirely original… :)

-Auto

Posted at 2:12 pm on Jan 17th, 2006 by autonin

I don’t think this would keep your server from being taken by thieves. The one time I had my apt burgled they took everything that looked remotely electronic (stereo, old NeXT cube, soldering iron…) and if I’d had a UPS I’m sure they’d have taken that too.

Posted at 3:33 pm on Jan 17th, 2006 by Wim L

Dan
In reference to the remark,

Posted at 11:07 pm on Jan 18th, 2006 by tony james

This was done some years ago at DEFCON as well if I am not mistaken?

Posted at 8:19 am on Jan 21st, 2006 by Geminus

Rogue server in a UPS

Recent Posts

Reader Comments

Leave a Reply

hacks

resources

rss newsfeeds

Most Commented On (30 days)

Recent Comments