Book Image

Penetration Testing with Raspberry PI

Book Image

Penetration Testing with Raspberry PI

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Penetration Testing with Raspberry PI
Jan, 2015 | 208 pages
No titles found
Table of Contents (14 chapters)
Penetration Testing with Raspberry Pi
Penetration Testing with Raspberry Pi
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Disclaimer
Disclaimer
Preface
Preface
Free Chapter
1
Raspberry Pi and Kali Linux Basics
Raspberry Pi and Kali Linux Basics
Purchasing a Raspberry Pi
Assembling a Raspberry Pi
Installing Kali Linux
Combining Kali Linux and Raspberry Pi
Cloning the Raspberry Pi SD card
Avoiding common problems
Summary
2
Preparing the Raspberry Pi
Preparing the Raspberry Pi
Raspberry Pi use cases
The Command and Control server
Preparing for a penetration test
Overclocking
Setting up wireless cards
Setting up a 3G USB modem with Kali Linux
Setting up the SSH service
SSH default keys and management
Reverse shell through SSH
Stunnel
Installing a Stunnel client
Wrapping it up with an example
Summary
3
Penetration Testing
Penetration Testing
Network scanning
Cracking WPA/WPA2
Getting data to the Pi
Driftnet
Tuning your network capture
Scripting tcpdump for future access
Beating HTTPS with SSLstrip
Summary
4
Raspberry Pi Attacks
Raspberry Pi Attacks
Exploiting a target
Metasploit
Social engineering
Phishing with BeEF
Rogue access honeypots
Summary
5
Ending the Penetration Test
Ending the Penetration Test
Covering your tracks
Masking your network footprint
Developing reports
Summary
6
Other Raspberry Pi Projects
Other Raspberry Pi Projects
PwnPi
Raspberry Pwn
PwnBerry Pi
Defending your network
Running Raspberry Pi on your PC with QEMU emulator
Other Raspberry Pi uses
More uses
Summary
Index
Index

Scripting tcpdump for future access

You may want to export network captures to avoid running out of space on the local Raspberry Pi. Here are some steps to export the captured data to an external source for more resource-intensive tasks such as password cracking or for reporting purposes. These are also ideal for other sections of this book that require exporting data.

In Chapter 2, Preparing the Raspberry Pi, we recommended setting up a remote server that is also known as a C&C server. We also mentioned transferring captured files to an FTP server in one of the previous steps in this chapter. Regarding the use of FTP, it is important to remember that FTP is inherently insecure. People have used FTP for a variety of different reasons. However, for real world penetration testing exercises, it is critical to protect FTP through another form of encryption such as an Internet Protocol Secutiry (IPsec) tunnel or SSH/Secure File Transfer Protocol (SFTP). IPsec ensures all data transfers never...

Previous Section
End of Section 7
Next Section