Tuesday, October 10, 2017

Building a Raspberry Pi Hacking Box

This has been on my mind for some time now, on and off. The emphasis is almost exclusively on having a lightweight wireless reconnaissance and hacking device, instead of carrying out a laptop with a 2-hour battery life during wireless testing.

The current setup is as follows:

Raspberry Pi 3 Model B (onboard wifi) + heatsinks for CPU and LAN

LiFePO4wered long-life battery backup/UPS: Expensive but worth it. Now the Pi can be moved between locations and plugs without needing to be turned off. It also has a touch-sensitive power button. (Minor downside is that the UPS itself is always in very low power mode.) Actual power will be provided by an external battery pack during engagements, and with the UPS backup it is assured that power loss caused by accidentally removing the battery pack connection doesn't cause wireless data to be lost.

Raspbian: The Kali Linux image for Pi3 has proved to be quite frustrating, as it does not allocate all the space on a 16 GB SD card to itself, instead requiring manual resizing which always fails due to either read-only issues or a fake bad superblock. I tried several times without success, which is unfortunate as having the base Kali install plus the Kali wireless metapackage would be much easier to build.
I also tried to add the Kali repo but ran into issues using the latest version of Raspbian (Stretch) and java dependencies.

Instead I installed Raspbian Jessie and followed the following steps:

1. Sudo raspi-config.
2. Sudo apt-get update && sudo apt-get upgrade && sudo apt-get install git screen htop && sudo apt-get install nmap
3. Rather than connecting the pi via a cable to a travel router, or connecting the Pi to a wireless travel router AP and connecting a phone to that same AP, you can make the Pi its own AP with hostapd using this guide: http://www.ericescobar.com/wordpress/raspberry-pi-3-wireless-hacking-platform-wifipi/ and connect to the AP with a phone and SSH connection. Update 10-11-17: The end result was flaky, so I tried https://gist.github.com/Lewiscowles1986/fecd4de0b45b2029c390 which worked perfect on a clean install of Raspbian Jessie.
4. sudo apt-get install kismet iw wireshark tshark tcpdump masscan wifite
5. Install giskismet (which failed, but here are the steps):
  1. cpan configuration
  2. sudo reboot
  3. cpan install YAML
  4. cpan install DBI (like to do the packages separately)
  5. cpan install DBD::SQLite
  6. sudo apt-get install libxml++2.6-2
     
6. Install Fruitywifi, then access it on the phone and install some modules, such as GPSD to work with kismet.
7. Install hax0rpi collection of hacking tools.

Update 10-10-17: This guide from BlackHillsInfosec had the flag that helps Kali take up all the space (in red):


xz -cd kali-2017.01-rpi2.img.xz | dd of=/dev/mmcblk0 bs=4M iflag=fullblock oflag=direct status=progress


Once that was done, it was possible to successfully use gparted to resize the partition, without losing any data from the fresh install.


 

No comments: