Book Image

Penetration Testing with Raspberry PI

Book Image

Penetration Testing with Raspberry PI

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Penetration Testing with Raspberry PI
Jan, 2015 | 208 pages
No titles found
Table of Contents (14 chapters)
Penetration Testing with Raspberry Pi
Penetration Testing with Raspberry Pi
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Disclaimer
Disclaimer
Preface
Preface
Free Chapter
1
Raspberry Pi and Kali Linux Basics
Raspberry Pi and Kali Linux Basics
Purchasing a Raspberry Pi
Assembling a Raspberry Pi
Installing Kali Linux
Combining Kali Linux and Raspberry Pi
Cloning the Raspberry Pi SD card
Avoiding common problems
Summary
2
Preparing the Raspberry Pi
Preparing the Raspberry Pi
Raspberry Pi use cases
The Command and Control server
Preparing for a penetration test
Overclocking
Setting up wireless cards
Setting up a 3G USB modem with Kali Linux
Setting up the SSH service
SSH default keys and management
Reverse shell through SSH
Stunnel
Installing a Stunnel client
Wrapping it up with an example
Summary
3
Penetration Testing
Penetration Testing
Network scanning
Cracking WPA/WPA2
Getting data to the Pi
Driftnet
Tuning your network capture
Scripting tcpdump for future access
Beating HTTPS with SSLstrip
Summary
4
Raspberry Pi Attacks
Raspberry Pi Attacks
Exploiting a target
Metasploit
Social engineering
Phishing with BeEF
Rogue access honeypots
Summary
5
Ending the Penetration Test
Ending the Penetration Test
Covering your tracks
Masking your network footprint
Developing reports
Summary
6
Other Raspberry Pi Projects
Other Raspberry Pi Projects
PwnPi
Raspberry Pwn
PwnBerry Pi
Defending your network
Running Raspberry Pi on your PC with QEMU emulator
Other Raspberry Pi uses
More uses
Summary
Index
Index

SSH default keys and management

At this point, you have a Raspberry Pi ready for remote management using SSH. This is good; however, the keys that are installed by default are extremely predictable with every other default installation for OpenSSH. Although this is optional, best practice is changing the default keys. After all, it would be embarrassing if your penetration testing machine got hacked.

Here are the steps to create a new SSH key for your Kali Linux system:

Note

Make sure you use a keyboard and console for the following steps. Do not attempt to perform the following steps over an existing SSH session.

  1. Move the default SSH keys by typing the following into the terminal or command line:

    cd /etc/ssh/
mkdir default_kali_keys
mv ssh_host_* default_kali_keys/

  2. Generate a new key by using the following command and watching the prompts:

    dpkg-reconfigure openssh-server
Creating SSH2 RSA key; this may take some time ...
Creating SSH2 DSA key; this may take some time ...
Creating SSH2 ECDSA...
Previous Section
End of Section 9
Next Section