Tools & Techniques - Kali Linux of a Raspberry Pi

There are a couple of reasons why you might want to install Kali linux on an inexpensive hardware platform that you can deploy, abandon or hide somewhere. An obvious use might be to serve as an 'Evil AP' in support of wireless assessments. Kali linux is officially supported on a number of low-cost ARM based devices, with Offensive Security maintaining minimal, streamlined pre-built images which can be copied across to an SD card, installed and then configured with the packages you need for the task you have in mind. 

Installing Kali Linux on a Raspberry Pi 


Offensive Security maintain good documentation here. For the our needs:
  • Download and verify the image from here.
    • $ shasum -a 256 /Volumes/SANDISK/kali-2017.01-rpi2.img.xz
  • DD the image over the SD cards
    • $ sudo dd if=kali-2017.01-rpi2.img of=/dev/disk2 bs=1m
  • Insert the SD cards after the dd has completed and boot the rpi. I had a DHCP reservation set on my router so I knew what IP it would get. I also made sure I plugged in the extra wireless adaptor with a high gain antenna. 
  • Login to your new Kali install with the default credentials (U:root,P:toor) and change the password (passwd)
  • Update Kali
    • $ apt-get upgrade && apt-get update

Installing WifiPhisher (for an Evil AP)

Because the ARM pre-builds are streamlined you'll probably need to install some packages to get everything you want. For example, to install WifiPhisher

  • $ apt-get install wifiphisher

Then to run it:

Check for the AP on a wireless device:
Connect to the AP:
Fall for the 'upgrade':


Back on the Kali-pi, you should see the password provided:

A crude demonstration, but not bad for ~20 minutes work with zero customisation. 

Links

  • Kali on ARM page: https://docs.kali.org/category/kali-on-arm 
  • Kali Install Guide: https://docs.kali.org/kali-on-arm/install-kali-linux-arm-raspberry-pi 
  • Kali Tools Listing: https://tools.kali.org/tools-listing 

Popular posts from this blog

PCI-DSS: Your CDE may be getting bigger

Image
In December, the PCI Security Standards Council released guidance around scoping and network segmentation for card data environment (CDE) assets. In their own words: “Many organizations struggle to understand where PCI DSS controls are required and which systems need to be protected. This document provides guidance to help organizations identify the systems that, at a minimum, need to be included in scope for PCI DSS. Additionally, the document provides guidance on how segmentation can be used to help reduce the number of systems that require PCI DSS controls.” The guidance goes on to visualise a scoping process, considering each category of system in turn: I believe it’s worth highlighting the ‘broadness’ of the “Connected to OR Security Impacting Systems” . These are cases where the: System component is on a different network (or subnet or VLAN), but can connect to or access the CDE (e.g., via internal network connectivity). System component can connect
Read more

Splunk Security Cheat Sheet

Image
Apart from being a source of all too frequent and embarrassing typos, Splunk is a big data platform which allows you to interrogate data and present results is a variety of contexts and visualisations. I've been using it for a little over 12 months, self teaching or Googleing as I go, predominantly to sift through the terabytes of logs from various applications and appliances that get generated in my 9-5 every day.  You can use Splunk to build dashboards which are typically better than the ones that come with the product ( full size )  I've started to pull together all the searches, notes and bits of code into a sort of security cheat sheet which I thought would be a good thing to share as well as providing some real world examples of how you might use Splunk in a security context.  Cheat Sheet I'm actively working back through my notes and adding to this all the time so it might be a good thing to reference via the URL or re-visit from time to time. I'll t
Read more

Tools & Techniques - Cloud Firewalls (DigitalOcean)

Image
My home lab is (probably) typical of most security professionals: a beefy workstation running VMWare workstation, a beefy-ish workstation running ESXi and a bunch of laptops, switches and other devices.  I utilise a couple of VPS providers for hosting and exposing VMs to the cloud. My VPS provider of choice has been DigitalOcean for the last couple of years (going by my billing history) and to date, they've been excellent. They recently introduced and advertised a new service feature called 'Cloud Firewalls' and I had chance to have a play with them today. Essentially, they've incorporated a network level firewall service to their VPS offering which can be used as an alternative or in addition to host-based firewalls like iptables, firewalld, etc.  Initial Impressions - Pros, Cons and Limitations Pros No Cost (free!!) - Cloud Firewalls are available at no additional cost. Availability - Cloud Firewalls are available in ever region DigitalOcean operate.
Read more