Rogue server in a UPS

ups

InventGeek‘s newest contributor, Dan Williams, has just posted his first project: hiding a server in a UPS surge protector. Dan found himself with a dead UPS surge protector and decided to do something fun. The brick has two built in RJ-45 connectors and power so he figured he could easily hide a server in it. There are three main components involved: a 4-port router, an NSLU, and a USB enclosure for a laptop hard drive. The router and the NSLU were both stripped of their cases to save space. The wall warts were stripped of their cases as well. There aren’t a lot legitimate reasons to make one of these. It is still a fun project and if a burglar runs off with your laptop, but not your disguised file server, you might feel a little better.

[thanks Jared]

Comments

  1. Steve says:

    awesome idea! would be nice if it still worked (at least superficially) as a ups with a low battery – you know, to complete the illusion.

    i have plans in the works for a similar sort of device that hides in a cat5 wall jack, normally passive, which wakes up with a specially crafted packet (not wake on lan, but something seemingly legit). intended purpose? simply proof of concept, not anything malicious. could also be a clever hidden way of monitoring your own network for intruders. any suggestions?

  2. weaszel says:

    strange, my apc ups died just last night… i was contemplating tossing it around in the street, but wound up keeping it on a lark.

    once again, hackaday comes to the rescue.

  3. weaszel says:

    and of course i only remember this after i’ve posted a comment already, but, steve, this may be of interest to you:

    http://www.chippc.com/products/thinclients/jackpc/index.asp

    sure, it’s pre-made (and what’s the fun in that?), but it’s neat nonetheless.

  4. Just a suggestion to all — beware of heat building up. I was very surprised by how much heat these UPS devices generate. As a volunteer firefighter, I have access to a thermal imaging camera. One really cold winter night I borrowed it to walk around the house finding cold spots which needed more insulation, and was stunned by the amount of heat perfectly functional UPS’s were throwing off. They accounted for as much heat as my servers (which were idle, but running).

    The cases don’t have fans, so if you toss a processor in there along with a good UPS you’re going to overheat things. Consider stripping an old laptop for its low-heat parts to build your hidden servers.

    AP

  5. Sebsz says:

    I wonder if this guy stole the ideas from my mind. Well I’m not hiding a computer inside a broken UPS. I am hiding a light controller that is connected to my computer by PC… I will be submitting this with photos to hackaday.com so keep checking. It will allow you all to switch on and off up to about 32 110v/220v LIGHTS and low-power appliances using your computer! (Think: Light shows, lights synced to music, etc.).

    Too bad he was there first with the “Hide it inside your UPS” idea.

    SeBsZ

  6. grayskies says:

    very nice job on that. I’m impressed at the quality.

  7. paul h says:

    I didn’t see in the explanation why he chose to leave the case around the hard drive- especially after sawing the wrapper off of the wall wart. Maybe just because he didn’t need to save any more space?

  8. captsnuffy says:

    Proabably because it made it easier having the data and power over USB with the enclosure than hacking up another way. He probably could’ve removed the casing but it ended up fitting and laziness was able to kick in.

  9. cooldude says:

    Thats pretty cool, but i have my 2TB server hidden in my wall…..just in case the feds come :)

  10. Alan says:

    This concept could keep you vital data safe if your house is ever robbed. No one would ever steal a UPS :)

  11. blind says:

    that’s the second story from digg i’ve seen posted on here. yikes.

  12. steve says:

    blind, im not so sure about that. digg has (rather often) had hackaday features posted. correct me if im wrong eliot, but i’m guessing that it was posted here first and then digg picked it up. the timing is about right.

  13. aaron says:

    Here’s another project from a couple years ago that was presented at toorcon with a similar concept. Looks like there’s some software that he could probably use as well, =).
    http://www.tvsg.org/geeklog/staticpages/index.php?page=20030915100424692
    http://www.tvsg.org/ups/

  14. Projects on inventgeek are very popular and usually show up on Digg, Make, Slashdot, BoingBoing, and Engadget (remember the vibrating lockpick last week) Usually I don’t get to carry these stories because they’re old news by the time the story would go up as the hack the following day. Jared (the inventgeek site owner) knows this and sent me the link in hopes that I could get to it before everyone else. That’s why the post went up at 12:01AM, To be the Hack of the Day.

    Of course there is a possibility that Digg got it first since iventgeek is a web site on the internet. I searched for it and found these three stories:

    http://digg.com/mods/PROJECT_ROUGE_SERVER
    http://digg.com/mods/Server_in_a_Dead_UPS
    http://digg.com/mods/Rogue_server_in_a_UPS

    All apparently duping a Digg link that doesn’t exist anymore. Someone probably reported the original as the dupe and it got deleted. What a wonderfully broken system: Slashdot has met its match.

  15. Dean says:

    One could use this idea to swap out a existing ups at a company and have a server sitting descretely between the incomming line and the network, (on the other side of the firewall), and you could sniff all traffic in and out of the network..

  16. autonin says:

    I did this at DEFCON and ToorCon back in 2003: “UPS: Who can Brown Own For You Today?” The UPS batteries didnt work anymore, but how many UPS’ don’t work after a few years anyway?

    My system was plug-and-play – auto network discovery, auto phone-home, PSK DES encrypted exfiltration over a stealth channel (DNS). Came with a nice suite of attack tools – Dsniff, THCRUT, some MS exploits of the day, and even Nessus. It was all remote-controllable, even through a NAT device.

    This would _not_ work as a ‘Hide Data from the Feds’ box – they take everything, they open everything. The way to hide data from the Feds is to not be anywhere near it – remote location, plausible deniability.

    I fully expected my box to be discovered eventually, and had it reporting to a non-tracible listening post server.

    Anyway, nice work, if not entirely original… :)

    -Auto

  17. Wim L says:

    I don’t think this would keep your server from being taken by thieves. The one time I had my apt burgled they took everything that looked remotely electronic (stereo, old NeXT cube, soldering iron…) and if I’d had a UPS I’m sure they’d have taken that too.

  18. tony james says:

    Dan
    In reference to the remark,

  19. Geminus says:

    This was done some years ago at DEFCON as well if I am not mistaken?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s