Book Image

Penetration Testing with Raspberry Pi - Second Edition

By : Michael McPhee, Jason Beltrame
Book Image

Penetration Testing with Raspberry Pi - Second Edition

By: Michael McPhee, Jason Beltrame

Overview of this book

This book will show you how to utilize the latest credit card sized Raspberry Pi 3 and create a portable, low-cost hacking tool using Kali Linux 2. You’ll begin by installing and tuning Kali Linux 2 on Raspberry Pi 3 and then get started with penetration testing. You will be exposed to various network security scenarios such as wireless security, scanning network packets in order to detect any issues in the network, and capturing sensitive data. You will also learn how to plan and perform various attacks such as man-in-the-middle, password cracking, bypassing SSL encryption, compromising systems using various toolkits, and many more. Finally, you’ll see how to bypass security defenses and avoid detection, turn your Pi 3 into a honeypot, and develop a command and control system to manage a remotely-placed Raspberry Pi 3. By the end of this book you will be able to turn Raspberry Pi 3 into a hacking arsenal to leverage the most popular open source toolkit, Kali Linux 2.0.
Table of Contents (13 chapters)
Penetration Testing with Raspberry Pi - Second Edition
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Preface

Getting data to the Pi


One of the most important tasks to keep in mind for a lot of the tools we are discussing here is making sure data flows through or to our Raspberry Pi. In order to be the man-in-the-middle (MITM), we need to make sure traffic flows from the source target, through our Pi, to the destination target. This way, we can eavesdrop on the conversation and do what we need to do.

With the Raspberry Pi, there are a couple ways to accomplish this. One involves physically putting our Raspberry Pi on the network, inline between the two targets. For the other two options, we will redirect traffic to the Raspberry Pi.

Physically inline option

Having our Pi physically inline between the source and destination target makes sniffing the traffic very easy, but accomplishing this can be very hard. First, we will need physical access to the data center/network closet to achieve this. That can be very hard to achieve, and may involve social engineering to gain that type of access. Secondly...