Disguised Raspberry Pi that can Hack your Network

I’ve been playing around with a Raspberry Pi on and off for a while now. The credit card sized, fully functional computer can do many things, including being transformed into a security testing tool!

There is a great article on TunnelsUp.com that demonstrates disguising a Raspberry Pi computer as a power plug and configuring it to connect out to a control server using SSH. Basically making it into something like the popular Pwnie Plug device.

When assembled, the device looks like a any other power adapter that clutters our power hungry offices. Except this one allows someone on the outside of the building to connect into the building, possibly allowing them to perform attacks against your infrastructure.

Though the author mentions just using “A Linux OS” on the PI, using something like this and placing Kali Linux on it would make it a very powerful (and affordable) attack/ security testing platform. Kali is the latest version of the Backtrack penetration testing platform, is loaded with security tools and works exceptionally well on a Raspberry Pi.

Very cool project, this should jog the creative mind of penetration testers and hopefully be a warning to IT departments to keep an eye out for rogue devices such as this.

Advertisements

Israeli Cyber Defense Interview

Cyber defense war room [llustrative] Photo: Reuters and Marc Israel Sellem
IDF war room [llustrative] Photo: Reuters and Marc Israel Sellem

Not sure if anyone has seen this yet, but Al-Monitor/Israel Pulse has a great interview with two members of the Israeli Defense Force Cyber Security Team.

In the article, “IDF Hackers Test Israeli Preparedness For Cyberattacks” Lt. Col M. and Capt. A. discuss what it is like being on Israel’s crack team of cyber ninjas. They cover several key topics including thoughts on current threats and the current hot button topic, NSA spying.

Lt. Col M. and Capt. A. lead opposing teams in red team drills. They practice constantly to hone and perfect their skills, but also teach and train those under them to think out of the box in cyber security.

How will the IDF cyber team deal with increasingly sophisticated attacks from Islamic countries and are they concerned about NSA espionage practices?

Our job is to monitor the goings-on and keep track of the technological developments, and we need to know what the threats and risks in cyberspace are. In any event, to protect strategic assets, encryption systems that we develop ourselves in-house, rather than off-the-shelf products, are customarily used,” said Lt. Col M.

The best hackers and security teams create their own programs and work on developing their own exploits. But where would the IDF look to find exploits or weaknesses?

Security holes can be found anywhere. The point of hacking is to find the system vulnerability and leverage it to undermine the entire system,” says Lt. Col. M.

The best way to break into a system is not by running head-on into it. Rather, the most sophisticated attacks, the ones that you can brag about, are those that take advantage of a hidden security hole,” added Capt. A.

It is a very good article and well worth the read as it offers a glance into the security mindset of our Middle East allies.

Check it out!

Hard Drive Hacking – Hardware Backdoor even if Drive Wiped!

Hard Drive Hack

With all eyes on the Vegas security conferences, some amazing news comes out of OHM2013, a security conference in The Netherlands. At the show a security researcher demonstrated how a hacker could re-program the firmware on a hard drive to maintain a backdoor, and apparently the attack would still work even if the hard drive was erased and reformatted!

This week at a European security conference a security researcher demonstrated an attack that would allow a hacker to access and modify the Flash Firmware on a hard drive and program it to protect his access.

Firmware is code stored on a special flash-able chip on the drive. The built in code tells the drive how to work, how to read and write data. It is flashable (can be reprogrammed) so the manufacturer can release updates to the firmware. Most people never re-flash or update their hard drive firmware.

At the security conference, the presenter demonstrated how the attack works. He ran the program to modify the firmware on a drive. He pretended his access was detected and the administrator password was reset.

The firmware was programmed to look for a special trigger code, a special website address perhaps, that once the hard drive cache sees, it grabs the password file the next time it is accessed and changes the password back to what the hacker set it to.

And it worked!

So basically, if the hard drive firmware is compromised by a hacker, they could change it to allow them to have access to the compromised system again, even if the entire drive was erased and re-formatted.

Crazy stuff.

For more information, including a step by step explanation and proof of concept code, check out Spritesmods.com.