Cheap Security Lab Training with Raspberry Pi 4, Docker & Kali Linux

The Raspberry Pi is a small yet power platform that is perfect for building a cost effective cybersecurity training lab. In this article we will look at installing Docker on a Raspberry Pi 4 (4GB) running Kali Linux (64 bit).

The case pictured is the Official Raspberry Pi 7″ touchscreen in a modified touchscreen case. It was made for the Pi 3, only slight modifications were made so the Pi 4 could fit in it. Modify cases at your own risk, you could cut yourself or destroy your case.

Installing Kali Linux on a Pi 4

This article assumes that you have already installed and updated Kali Linux on your Pi 4. If you have not, simply download the 64 bit Kali Linux 4 ARM image from Offensive Security.

Extract the image, write it to an MicroSD Card, insert it into your Pi4, attach peripherals, and power last of all. Allow the system to boot up completely.

Login with “kali/ kali” – Since Kali 2020, you no longer use “root/ toor” to log in. Reboot, Update and Upgrade, and reboot one last time. You are now ready to install Docker.

Installing Docker on Raspberry Pi

Full docs for installing Docker on the Pi are available on the Official Kali Website: https://www.kali.org/docs/containers/installing-docker-on-kali/

• sudo apt update
• sudo apt install -y docker.io
• sudo systemctl enable docker –now
• docker

You can add a user to the Docker group if you wish:

• sudo usermod -aG docker username

You may need to start the Docker service manually

• sudo service docker start

That’s it! You can now run Docker and install any Docker images that you want.

OWASP Juice Shop on the Raspberry Pi

Some Docker containers will not run on ARM, but you can find ports for some of the more popular ones. Just realize that some times these aren’t “Official” images, so proceed with due caution.

Also, the purposefully vulnerable Docker Images are just that, so follow all precautions necessary to protecting your systems while running them. The most preferred method is a stand alone local address only test LAN, disconnected or firewalled from both the internet and any production systems.

We will install the Docker “OWASP Juice Shop” image from the Docker library. This is an ARM port of the official OWASP Juice Shop program.

Tool website: https://hub.docker.com/r/santosomar/juice-shop-arm64

To install, and run, simply open a terminal and type:

• docker run -d –name juice-shop -p 3000:3000 santosomar/juice-shop-arm64

Docker will pull down the image, and run it.

Once it is installed:

• Open a browser and navigate to localhost:3000 or IP_Address:3000

You are now good to go! You can begin testing your skills locally on the Pi or you can use a LAN system to practice your skills. A full write up on “Pwning OWASP Juice Shop” can be found here:

https://bkimminich.gitbooks.io/pwning-owasp-juice-shop/

and a list of Solutions can be found here:

https://bkimminich.gitbooks.io/pwning-owasp-juice-shop/content/appendix/solutions.html

A list of challenges for Juice Shop is available. As you complete each challenge, the website keeps track of your pwning progress. Here is one of my favorites, the “Melee Kitty”!

Enjoy and most importantly, have fun!

If you would like to learn a lot more about using Raspberry Pis in the security field, check out my latest book, “Security Testing with Raspberry Pi“!

Pi 4 Hacking Platform using DietPi and PTF

Building a Raspberry Pi 4 Ethical Hacking platform using The Pentesters Framework and DietPi.

I’ve been playing with using different hacking tools and Operating Systems with the Pi 4. In this article I cover installing The Pentesters Framework on a RPi 4 running DietPi.

DietPi is a very lightweight Debian OS for the Raspberry Pi. The Pentesters Framework by TrustedSec is an Ethical Hacking installation script that automatically installs and updates over 250 modules/ tools. It would be great if they would work together on a Raspberry Pi 4. The good news is that is does – With a couple tweaks.

I cover installing and using The Pentesters Framework on Raspberry Pi in my latest book. So, I am not going to go into great detail on using the tools in PTF. I just want to cover actually installing it on DietPi.

Installing

NOTE: You will need a Raspberry Pi 4, and at the minimum a 32 GB MicroSD card if you want to install all of the PTF tools. Don’t have a Pi 4? Seeed is currently offering free shipping for orders over $119 with a Raspberry Pi 4 4GB.

• Download the Raspberry Pi version of DietPi ( https://dietpi.com/#download )
• Next, expand the file
• Write the image to a MicroSD card, balenaEtcher works great!

Insert the MicroSD card into your Pi, attach peripherals and lastly connect power (always connect power last). When DietPi boots up you will be presented with some options.

• Pick any software install options you want, then “Go install software”
• Requested software and updates will be installed
• Reboot when finished

I just run through it quickly the first time to get the latest OS updates. Note the CPU temp warning, it’s a Pi 4, it runs hotter than a Pi 3.

To install an “X” Desktop or any other included software, type, “dietpi-software”.

There are a ton of add-on software options under “Software Optimised”. For example, if you want a graphical desktop, pick the X-Desktop you want and then the “Go install software” option. You can also setup your login preferences from this menu – auto login, desktop login, etc.

All we really need here is to install Python. Then we need to make a small config file tweak and finally install PTF.

Installing Python

From the DietPi-Software menu, go to “Software Additional” and install Python:

• Cursor down to Python Pip, hit the space bar to select it.

• Select “OK”

You will return to the main menu.,

• Cursor down and select “Go >> Start Installation”
• Reboot when finished

We need to install git:

• Open a terminal and enter, “apt install git”

Next we need to comment out a line in the ‘/etc/hosts’ file or the PTF install will error out.

• Comment out the “::1 localhost  IPv6 localhost” line
• Reboot

That’s it! We can now proceed with the standard PTF install:

• git clone https://github.com/trustedsec/ptf.git
• cd ptf
• ./ptf

You will then see the main PTF interface:

Type “show modules” to see all available modules. You can install individual ones if you wish. If you have a large memory card (32 Gb), you can install all of them.

• To install all tools, enter “use modules/install_update_all“

• Reboot when finished

The install will take a very long time, especially if you install all of the modules. After install, all tools will be located in category themed directories under the ‘/pentest’ directory, as seen below:

Many of the tools can be run from anywhere, but some tools require you to change into its install directory for it to work properly. This is usually ‘/pentest’, but some run from ‘/usr/share’ as well. Check it out, there are a ton of very good tools at your disposal, like “Sniper”:

And there you have it. Again, I go into much deeper detail in my book about using PTF on a Pi, I just wanted to show how it could be installed on DietPi. If you want to learn a lot more about using Raspberry Pi for Ethical hacking check out my latest book – Security Testing with Raspberry Pi