Skip to main content

Raspberry Pi Pwn Plug

I recently got a Raspberry Pi (http://www.raspberrypi.org/) and wanted to turn it into a pwn plug.  Using the instructions from Pwnie Express (http://pwnieexpress.com/blogs/news/6156890-raspberry-pwn-a-pentesting-release-for-the-raspberry-pi), this was a snap.  

A couple of gotcha's:  
1) you have to use a 32GB HCSD card.  16GB is too small
2) not many old SD card readers will read a card this large.  I had to use my mac.  On my mac, when you insert the card it automounts.   This kills your ability to dd an image over it.  So I unmounted (not eject) the SD card first, then I could dd the image.

Installation steps were:

First, set up the Raspberry Pi to be connected to a network and enable ssh
- insert SD card
- unmount the card
- dd the original Raspberry Pi image to the card (dd if=.....img of=/dev/diskx
- boot up the debian Raspberry Pi, and enable ssh by moving the file /boot/boot_enable.ssh to /boot/boot.rc
- set the IP address by nano'ing /etc/network/interfaces.  Mine looks like this:

auto lo

iface lo inet loopback
iface eth0 inet static
address 192.168.100.90
netmask 255.255.255.0
gateway 192.168.100.1

- put a DNS server in /etc/resolv.conf (I used Google's of 8.8.8.8)
- passwd to change the passwords for pi and root

Next are Pwnie Express's instructions to install the Pwn Plug

1. Change to the root user:
  $ sudo -i
2. Confirm your Raspberry Pi Debian release is at least 6.0:
  # cat /etc/debian_version
3. Confirm you have internet access from your Raspberry Pi
  # ping google.com
4. Install git:
  # aptitude -y install git
4.5 I changed to / here (#cd /)... It makes the install cleaner
5. Download the Raspberry Pwn installer from the Pwnie Express Github repository:
  # git clone https://github.com/pwnieexpress/Raspberry-Pwn.git
6. CD into the Raspberry-Pwn folder and run the install script:
  # cd Raspberry-Pwn
  # ./INSTALL_raspberry_pwn.sh
That was it! The Pwn Plug is installed! I'm going to start playing with it now.

Comments

Popular posts from this blog

atftpd vs tftpd-hpa

Recently I was trying to tftp files from a Windows computer to a Kali box.   One version of Windows worked, but another didn't.    After much troubleshooting, here were my symptoms:

I could tftp a file from-to any Kali box from-to another Kali box
I could NOT tftp files to a specific Windows 7 box from any Kali box
I could NOT tftp files to a Chrooted-Ubuntu-Chromebook box from a Kali box

After MUCH troubleshooting, going through every setting in atftpd, it seemed like it literally was a client OS problem.  Different clients simply would not download files---unacceptable.

Thus, I switched to tftpd-hpa.   To install:
apt-get install tftpd-hpa

files go to/come from /srv/tftp, but it needs to be a tftp user. Thus, I needed to:
chroot -R /srv/tftp

Also, if you want to be able to put files ON the tftp server (from a client), you need to modify /etc/default/tftpd-hpa:
change "TFTP_OPTIONS="--secure" to "TFTP_OPTIONS="--secure --create"

I also changed the IP li…

ADS-B plotting with Kali (and other SDR goodies)

Recently I wanted to try some Software Defined Radio stuff.   
I had a RTL-SDR, FM+DAB, DVB-T USB Stick Set with RTL2832U & R820T. that I got from: http://www.amazon.com/gp/product/B00C37AZXK/ref=oh_details_o04_s00_i00?ie=UTF8&psc=1
But, even though this dongle would break out FM radio stations, and ATC frequencies (like the local Ground Control, tower, and even ATIS), which was cool, it wouldn't break out ADS-B.   
Thus, I bought a Vantech Green Mini RTL2832U R820T DVB-T SDR DAB FM USB DIGITAL TV Tuner Receiver RTL-SDR Project + DAB dongle Tuner MCX Input from Amazon, and tried this.  
This dongle was able to listen to the 1090MHz frequency required for ADS-B (as it goes from 25MHz to 1700MHz).  There were tons of Windows programs out there for breaking out and plotting ADS-B Mode S broadcasts, but not many for Linux.  
For Kali Linux, here's how I got it running and plotting planes around my home:
0) before you start, you should do an apt-get update to ensure you hav…

Temper Temperature monitor on a Beaglebone Black

Beaglebone Black as a temperature monitor:

Recently I wanted to monitor the temperature of my shed.  I thought I'd use a small computer such as a Raspberry Pi or a Beaglebone or Odroid.

My Raspberry Pi boxes were all in use, so I grabbed my Beaglebone, which was doing nothing.

I flashed it with the Debian9.32018-03-054GB SDIoTimage, but that seemed like it was running lots of bloatware and the ethernet interface wouldn't take a static IP with /etc/network/interfaces.

So I went with the Debian9.32018-01-284GB SDLXQTi image instead.  I still had the same problem, that lots of junk was running, and I couldn't configure my interface by modifying /etc/network/interfaces

So my first step was to get rid of all the bloatware.  If you're using a Raspberry Pi or something, you can skip this and just go to the second step below

STEP 1--Remove Blotatware from Beaglebone Black:

With some searching, I came across this post:
https://www.linuxquestions.org/questions/linux-newbie-8/inte…