Raspberry Pi: Installing PwnPi & using SSH from a Windows System

RaspiModelB

In my previous post I briefly discussed what PwnPi is, and what the requirements are to run it. In this article we will actually learn how to install PwnPi on a Raspberry Pi board, creating a $35 pentesting platform!

Most posts I have seen cover installing Raspberry Pi disk images from a Linux view point. In this post we will cover installing PwnPi from a Windows perspective.

For this install we will need a Raspberry Pi (I used the 512MB model B), a power source for the Pi, an SD card 8GB or Larger (I used a 16GB) and a Windows System to install the PwnPi disk image onto the SD card. You will also need an Ethernet connection and optionally a keyboard and mouse.

(Check out the notes on these items in the intro article.)

Once we have everything together, it is time to install PwnPi.

1. Download the PwnPi image.

2. Install the image to your SD card – Disk Imager works great.

Just plug your SD card into your Windows Laptop, and run Disk Imager. Point the image file to your PwnPi image that you downloaded and point the device to the drive letter of your SD card:

Disk Imager 2

Then just hit “Write”.

Disk Imager will write the PwnPi image to your SD card:

Disk Imager 3

3. Now eject the SD card from your windows laptop and insert it into the SD card slot on your Raspberry Pi. Connect your video, Ethernet cable, and keyboard and mouse. (See connection chart at the top of the post)

4. Connect power to the Raspberry Pi and in a few seconds it will boot up into PwnPi.

That is it! You know have a Raspberry Pi Pentesting platform!

Connecting to the Raspberry Pi remotely from a Windows system using SSH

Now you can run commands from the command prompt, or if you want to run the Raspberry Pi headless (without monitor or keyboard). You can connect to the Pi from a Windows system remotely using SSH!

To Do so:

1. Download Putty for Windows

2. Run Putty and put in the IP address for your PwnPi. You can get this by typing “ifconfig” if you have a keyboard attached or by checking the address given to it by your router if you are running PwnPi headless.

My IP address was 192.168.1.101 in this case. Also, make sure port 22 is entered and select SSH as shown below:

Putty

Then just hit “Open”.

You will be asked asked to log into the Raspberry Pi. If this is the first time, just use the PwnPi default credentials:

Username: root
Password: toor

SSH Interface

That’s it!

Now you can run any of the commands you want on your Raspberry Pi remotely from your Windows System.

Here is a sample nmap command:

NMap

We now have a $35 pentesting platform!

We will take a closer look at other things we can do with PwnPi in future articles.

Enjoy!

Advertisements

Raspberry Pi: Creating a Pentesting Platform with PwnPi – Intro & Requirements

SSH Interface

Finally got my hands on a Raspberry Pi – the $35 computer. My first project that I wanted to do with this little wonder was create a security testing platform with it. How hard would it be to make this little wonder into a pentesting platform?

Not hard at all – With the help of PwnPi!

PwnPi brings the power of over 200 security tools to the Raspberry Pi platform. In this article I will cover getting PwnPi installed on the Raspberry Pi using a Windows based system.

First you need to get a Raspberry Pi. There are several places to get them, Google it. I purchased mine from the RIT Linux club. I know the professor that runs it and it was for a good cause.

Next you need a SD Card, power and peripheral devices. The Pi does not come with any of these. I will leave this step up to you also. But note, the video you use must either have an HDMI or RCA jack. Also the power plug type and amperage is a bit picky. From what I read you need one that puts out 1-2 amps of current. If it puts out 1 or less amps the PI may become unstable if your peripherals are not low power.

The power adapter that I had that fit it was only 700ma. Using this I could only have the keyboard, mouse or network line connected, but not more than one. This wasn’t a problem, as you can use SSH to connect to it from a Windows machine. I will discuss this later.

Also, are saying that class 4 SD Cards are very slow, and recommend higher ones. I found a Sony 16GB card with a  speed of 15MB/S which works great! (You could probably get a way with an 8GB one for PwnPi).

Okay, let’s get this going! In my next post I will cover installing PwnPi.