1 / 29

Raspberry Pi Workshop

Raspberry Pi Workshop. BSidesDFW , 2013  MAKEUP SESSION. @ BrandenWilliams. Format. Intro to Raspberry Pi Walk around the setup Set up for use EXERCISE Review Additional Resources. Call-out box. What is this thing?. $35 Wunderdevice. What we’re going to do today.

morwen
Télécharger la présentation

Raspberry Pi Workshop

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Raspberry Pi Workshop BSidesDFW, 2013  MAKEUP SESSION @BrandenWilliams

  2. Format • Intro to Raspberry Pi • Walk around the setup • Set up for use • EXERCISE • Review • Additional Resources Call-out box

  3. What is this thing?

  4. $35 Wunderdevice

  5. What we’re going to do today • Interface with the Raspberry Pi • Do some basic configuration work • Walk through scenarios in which it can be used • Exercise • Discuss results • Q/A

  6. Fun Ideas for Covert Hacking • Network sniffer • Wireless backdoor • 2-wifi dongles = Wi-Fi sniffer that you can connect to via Wi-Fi for downloads! • Attach GPS and track a car (power with cigarette lighter/battery) • How much fun to be had at STARBUCKS!!

  7. Fun Ideas for Covert Hacking • Mobile fun with hacked baseband • Audio listening device • Spooky Halloween automation! • Camera system • Pair with Arduino for alarm systems • Tweet stuff when you want it to • Covert signaling!

  8. Things to remember: • BE CREATIVE! • 2 onboard USB ports • Ethernet • Audio • Video • Low power required • Extra pins for EXTRA HACKING

  9. Let’s get to the fun stuff!

  10. Prep work before we plug her in • First, we need to make some adjustments to BerryBoot • Your Pi comes with BerryBoot installed, allowing you to drop multiple operating systems on one card • You could also carry a wallet of smaller cards (they are cheap) with each OS on there • Plug your SD card into your laptop and open cmdline.txt, edit it like this: • smsc95xx.turbo_mode=N elevator=deadline quiet nobootmenutimeoutdatadev=mmcblk0p2 ipv4=192.168.1.50/255.255.255.0/192.168.1.1 vncinstall

  11. OK, now what did we just do? • Couple of things: • BerryBoot now set up for HEADLESS operation • There is a STATIC IP setup • You can make it DHCP if you like • You can also set it to default to WiFi device • We also removed the autoboot… • Options you may want to consider for covert use: • Put a boot timeout (bootmenutimeout=60) • Potentially set static on WiFi for berryboot • Remember, BerryBoot can be different from OS.

  12. Plug her in! • OK, time for some power & ethernet • Insert SD card & Wi-Fi dongle • Plug the ethernet crossover cable into your laptop first • Then plug in the power

  13. Wait a few! • Take a moment to review the indicator lights on the top of your Pi. • Basic troubleshooting starts here: • ACT: Green, flashes during SD card activity • PWR: Red, solid light when unit has power • FDX: Green, solid light when Ethernet is Full Duplex • LNK: Green, flashes on activity • 100: Orange, On when connection is 100Mbps, off 10Mbps

  14. Try testing connectivity • You should be able to pull up your VNC client now and connect to 192.168.1.50 • You can also ping it • You will be presented with the BerryBoot screen…

  15. What you should be seeing…

  16. Try testing connectivity • Choose Raspbian! • Wait a little more… • Then you should be able to ping/ssh into the device at 192.168.1.50 • Few more things to set up! • SSH to pi@192.168.1.50, password raspberry • CHANGE THE PASSWD! (enter command ‘passwd’) • Consider changing root password as well • Next, let’s do some wifi!

  17. Connecting to WiFi • /etc/network/interfaces: allow-hotplug wlan0 iface wlan0 inet manual wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf iface default inetdhcp • /etc/wpa_supplicant/wpa_supplicant.conf network={ ssid=“GuestNetwork” scan_ssid=1 proto=RSN key_mgmt=WPA-PSK psk=“CC06062010” }

  18. Fire up WiFi • ifup wlan0 • Check our routes... • route add default gw192.168.2.1wlan0 • route del default gw192.168.1.1 eth0 • Magic! Ping something! 8.8.8.8 • Now, let’s get some updates and some new packages we need: • apt-get update • apt-get upgrade • apt-get install netatalk x11vnc

  19. Next, we need a couple of files. • cd ~/.config/ • mkdirautostart ; cd autostart • wgethttp://brando.ws/piwork1 • Then rename the file piwork1 to x11vnc.desktop • cd /etc/avahi/services • sudowgethttp://brando.ws/piwork2 • Then rename the file piwork2 to rfb.service • Then REBOOT!

  20. Next, connect back VNC • Boot to Raspbian, and then VNC in again… • You should see…

  21. Now, you should see your desktop:

  22. Next, Kali!

  23. Exercise:

  24. This is where we start to have some fun • Please choose one of the following: • Set up the web server and some wiki software • (apache2, wiki software like mediawiki) • Apt-cache search wiki • Get it serving up a page! • Compromise the vulnerable machine (CTF) • There is a vulnerable machine on the wireless network • Identify it, and break in • CREATE YOUR OWN!

  25. Additional Resources • www.raspberrypi.org • www.arduino.cc • elinux.org/RPi_Distributions • elinux.org/RPi_Hub • www.raspbian.org • www.kali.org • BerryBoot • Karlssonrobotics.com

  26. Some additional notes • If you break your distro, no worries. Just reflash SD card. • You can mount the card & OS on most machines to edit files if you have a config error. • Your Pi comes with BerryBoot. You can add more operating systems by following the instructions on their website.

  27. 214.727.8227brw@brandenwilliams.combrandenwilliams.com@BrandenWilliamsfacebook.com/BrandenRWilliamslinkedin.com/in/bwilliams214.727.8227brw@brandenwilliams.combrandenwilliams.com@BrandenWilliamsfacebook.com/BrandenRWilliamslinkedin.com/in/bwilliams

  28. How about we stay in touch? • If you would like a copy of these slides: • Text b@zip.sh the code bsdfwpi, a comma, & your email address • Example: bsdfwpi,your@email.com • Stay up to date with things I’m working on (opt in)! • Contact: • @BrandenWilliams • brandenwilliams.com

  29. This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. Branden R. Williams reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. This work is an unpublished work and contains confidential, proprietary and trade secret information of Branden R. Williams. Access to this work is restricted to Branden R. Williams and any employee who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected or adapted without the prior written consent of Branden R. Williams.

More Related