Disguised Raspberry Pi that can Hack your Network

I’ve been playing around with a Raspberry Pi on and off for a while now. The credit card sized, fully functional computer can do many things, including being transformed into a security testing tool!

There is a great article on TunnelsUp.com that demonstrates disguising a Raspberry Pi computer as a power plug and configuring it to connect out to a control server using SSH. Basically making it into something like the popular Pwnie Plug device.

When assembled, the device looks like a any other power adapter that clutters our power hungry offices. Except this one allows someone on the outside of the building to connect into the building, possibly allowing them to perform attacks against your infrastructure.

Though the author mentions just using “A Linux OS” on the PI, using something like this and placing Kali Linux on it would make it a very powerful (and affordable) attack/ security testing platform. Kali is the latest version of the Backtrack penetration testing platform, is loaded with security tools and works exceptionally well on a Raspberry Pi.

Very cool project, this should jog the creative mind of penetration testers and hopefully be a warning to IT departments to keep an eye out for rogue devices such as this.

Advertisements

Hacking Wi-Fi Networks with Fern, Kali and a Raspberry Pi

Fern Wifi Cracker 1

Wouldn’t it be cool to be able to test wireless network security using your Raspberry Pi? Well, thanks to Kali Linux, you can! With Kali you can scan for Wi-Fi networks and even perform active penetration testing using your $35 Raspberry Pi.

I just finished up another article for Hakin9 Magazine. In the article I covered using a Raspberry Pi to crack Wi-Fi security from install to basic pentesting.

With Kali you can use all the normal command line airmon-ng tools that you can use on a regular Linux machine. Fern is nice because it adds a graphical interface to the airmon-ng tools making things so much easier.

Let’s take a quick look at Fern:

(NOTE: As always, these techniques are for IT teams and computer security testers, never attack or attempt to access a network that you do not own or have permission to access.)

From the main menu (see picture above) just select your wireless card, then scan for access points. As they are found Fern lists them under the WEP or WPA Button.

Fern Wifi Cracker Detected

Clicking the associated button will display a list of the access points found. Then just select the one you want to test. You now have two attack options. You can select the Reaver WiFi Protected Setup (WPS) attack and a normal Association Key dictionary brute force attack :

Fern Wifi Cracker Detected 2

Fern works very well and is actually pretty responsive when run on a Raspberry Pi.

With the Pi being so small and cheap, this opens up some interesting options for professional penetration testers, especially when paired with a USB Wi-Fi adapter and a battery back.

For a lot more information on computer security, including bypassing the most common Wi-Fi security techniques, check out my new step-by-step tutorial book, “Basic Security Testing with Kali Linux”.

Wireless Penetration testing with Kali Linux on a Raspberry Pi

In our last article we saw how to install Kali Linux on a Raspberry Pi and connect to it remotely from a Windows system. This time we will look at how to run some basic pentesting tools including Wi-Fi monitoring.

Once your Kali is up and running you can enter “startx” or run commands from the terminal prompt. If you are using Kali remotely, you will mostly be running commands from the command prompt.

For example, here we ran a simple nmap scan:

Running Nmap

Most of the commands that run in regular Kali Linux have no problems running on the Raspberry Pi. But I did run into some snags.

For Example, I tried running Metasploit on mine, but gave up after it seemed to take forever to come up. I also tried running the Social Engineering Toolkit (se-toolkit from command prompt). Even parts of this gave random errors, thought it did look very cool:

Social Engineering Toolkit 1

Wireless Penetration testing with the Kali on PI worked very well, and was a lot of fun.

Just Plug your USB Wi-Fi adapter into the PI.

I used a TP-Link TL-WN722N.

At the command prompt type “ifconfig” and check to see if your Wi-Fi adapter is listed. It should show up as wlan0. If you don’t see it, type “ifconfig wlan0 up“. Then run “ifconfig” again and it should show up:

Wireless wlan0

Next let’s see what networks our wireless card can see.

Type, “iwlist wlan0 scanning“:

Wireless Iwlist

Very cool, it is working. Now let’s run some of the basic Aircrack-NG tools.

First we need to put our wireless adapter into monitoring mode.

Type “airmon-ng wlan0 start“:

Wireless airmon

This creates a new wireless adapter called mon0. Now we can use this interface to capture wireless management and control frames.

Normally you would just run Wireshark and tell it to capture packets from the mon0 interface. Well, I was remotely logged into Kali and couldn’t run Wireshark through Putty as it is a graphical program.

So I just used tcpdump instead.

Simply type tcpdump -i mon0:

TCPDump

This will display all the management and control communication for all wireless networks within the reach of your Wi-Fi adapter.

So with just a few short commands, we were able to perform basic Wi-Fi monitoring with Kali Linux on a Raspberry Pi.

How cool is that?

This is just a basic look at using the aircrack-NG tools on Kali.

For more information check out “Hacking Wi-Fi Networks with Fern, Kali and a Raspberry Pi

Want to learn a lot more about Wireless Penetration testing? Check out the Backtrack 5 Wireless Penetration Testing book by Vivek Ramachandran.

*** Note – as always do not access networks that you do not own or have permission to do so. ***

Installing Kali Linux on a Raspberry Pi and Connecting to it Remotely

Kali Linux

Kali is the newest version of the Backtrack security penetration testing Linux platform. You can run Kali as a LiveCD or install it to a hard drive. But wouldn’t it be cool if you could run Kali from a $35 Raspberry Pi computer?

Well you can!

In this article we will look at installing Kali Linux on a Raspberry Pi.

The good folks at Offensive Security have created a Kali Linux image for the Raspberry Pi, so installation could not be easier. All you need is a Raspberry Pi, the Kali Image, and an SD Card. I will also use a Windows system to write the image to the SD card.

1. Download the Kali Linux Image (Located about halfway down the page)

2. The image file is compressed you will need to expand it.

3. Next, Install the image to your SD card – Disk Imager works great.

Just plug your SD card into your Windows Laptop, and run Disk Imager. Point the image file to your Kali image that you downloaded and point the device to the drive letter of your SD card.

Then just hit “Write”:

Kali Disk Imager Installing

Disk Imager will write the Kali Linux image to your SD card.

4. Now eject the SD card from your windows laptop and insert it into the SD card slot on your Raspberry Pi. Connect your video, Ethernet cable, and keyboard and mouse.

5. Connect power to the Raspberry Pi and in a few seconds it will boot up into Kali.

That is it! You know have a Raspberry Pi Pentesting platform!

Connecting to the Raspberry Pi remotely from a Windows system using SSH

Now you can run commands from the command prompt, or if you want to run the Raspberry Pi headless (without monitor or keyboard). You can connect to the Pi from a Windows system remotely using SSH!

To Do so:

1. Download Putty for Windows

2. Run Putty and put in the IP address for your Kali System. You can get this by typing “ifconfig” if you have a keyboard attached or by checking the address given to it by your router if you are running Kali headless.

My IP address was 192.168.1.135 in this case. Also, make sure port 22 is entered and select SSH as shown below:

Putty

Then just hit “Open”.

You will be asked asked to log into the Raspberry Pi. If this is the first time, just use the Kali default credentials:

Username: root
Password: toor

Remote Login

That’s it!

Now you can run any of the commands you want on your Raspberry Pi remotely from your Windows System.