A new series about hacker hardware coming to a computer near you!
Hello there 0x00sec! I’m going to be starting a new series based off of my EDC bag post and a suggestion from @ricksanchez that I should do something like this.
To start things off, I’ll be discussing the Raspberry Pi. It’s something that I feel every self-labeled hacker should own and use frequently.
What is a Raspberry Pi!?
First of all, it’s certainly not something you eat…
A raspberry pi (henceforth known as Rpi) is a “credit-card-sized mini-computer that plugs into your T.V. and keyboard.” In other words, it’s a computer you can fit in the palm of your hand and in your pocket or even hide somewhere within a target building (more on that later).
Okay cool, but what can I do with it?
Well, nearly anything that a full sized computer can do!
You can turn it into an emulator platform for your favorite retro games, you can build an Rpi Laptop, media server, or your very own mesh net.
Geared more toward our mentality however, you can use it to create a pentesting drop-box with pwnpi or kali linux ARM. This is what we will be focusing on today.
A pentesting drop-box? HOW?!
Well, essentially, you just do some hardware mods, install kali (or pwnpi) on it, drop it in a hidden location, (might I suggest a Pringles can wrapped in matte-black tape?) connect to it via NetCat or SSH and hack away.
That’s all for today folks. I’ll leave you a few things to think on…
This can be lifted by a drone. Any ideas on this one?
It’s portable and can fit in your pocket while it’s on.
What other things do you think this could be used for in a hacker environment?
You can find many guides to build one. It will be usefull for war driving, SE , and some other tasks
Battery is the thing which stop you from doing this , i have made a portable one and it run smoothly till i dont try to compute hashes on it
but i dont think its nessesary it runs on DC supply of any mobioe charger (yes, even that old nokia phone in your basement ) and a inverter will not be more than a size of battry.
anywhere where you need a hardware backdoor, i once stick it on a RC car and it found to be a very good decision.
I’d like to make an eviltwin Pi, and have it hooked up to a drone (or even a balloon?) And fly it over areas with free WiFi. Have it automatically evil twin the strongest open WiFi network.
Hey guys, I recently got myself a pi, and downloaded kali arm on it.
I decided to make the r-pi behave like a wireless access point, with later the option to mitm it, analog to this guide. That way i can plug it in with an eternet cable at work (Ethernet cable -> pi -> my phone -> internet).
i didn’t have the chance to simulate a company network, so forgive me my lack of knowledge (its on my to do list). Would the sysadmin fail to see what pages i visit etc, if i use a vpn ?
pry0cc
(Leader & Offsec Engineer & Forum Daddy)
10
I am not 100% clear how it is connected up. [quote=“Valkyr, post:9, topic:1671”]
I decided to make the r-pi behave like a wireless access point,
[/quote]
You’re running a hostapd type deal on the pi? The Pi is making a wifi network.
Not really sure what you mean by “mitm it”.[quote=“Valkyr, post:9, topic:1671”]
(Ethernet cable -> pi -> my phone -> internet).
[/quote]
So work network <-----> Pi <------> Phone <-----> Internet (via cell connection?)
Neat idea but going on a kind of “007” way of thinking, I don’t think that’s too feasible. I’d want to put the pi in a small enclosed space. Perhaps wire it into some power source that’s already within the room like a clock or something.
Unfortunately, those spaces would almost certainly be without sunlight.
EDIT: I too have an Aldi about two towns over lol.
pry0cc
(Leader & Offsec Engineer & Forum Daddy)
20
I think it would be cool to make our own version of the hak5 LAN turtle. This is way less conspicuous than a Pi.