Book Image

Penetration Testing with Raspberry PI

Book Image

Penetration Testing with Raspberry PI

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Penetration Testing with Raspberry PI
Jan, 2015 | 208 pages
No titles found
Table of Contents (14 chapters)
Penetration Testing with Raspberry Pi
Penetration Testing with Raspberry Pi
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Disclaimer
Disclaimer
Preface
Preface
Free Chapter
1
Raspberry Pi and Kali Linux Basics
Raspberry Pi and Kali Linux Basics
Purchasing a Raspberry Pi
Assembling a Raspberry Pi
Installing Kali Linux
Combining Kali Linux and Raspberry Pi
Cloning the Raspberry Pi SD card
Avoiding common problems
Summary
2
Preparing the Raspberry Pi
Preparing the Raspberry Pi
Raspberry Pi use cases
The Command and Control server
Preparing for a penetration test
Overclocking
Setting up wireless cards
Setting up a 3G USB modem with Kali Linux
Setting up the SSH service
SSH default keys and management
Reverse shell through SSH
Stunnel
Installing a Stunnel client
Wrapping it up with an example
Summary
3
Penetration Testing
Penetration Testing
Network scanning
Cracking WPA/WPA2
Getting data to the Pi
Driftnet
Tuning your network capture
Scripting tcpdump for future access
Beating HTTPS with SSLstrip
Summary
4
Raspberry Pi Attacks
Raspberry Pi Attacks
Exploiting a target
Metasploit
Social engineering
Phishing with BeEF
Rogue access honeypots
Summary
5
Ending the Penetration Test
Ending the Penetration Test
Covering your tracks
Masking your network footprint
Developing reports
Summary
6
Other Raspberry Pi Projects
Other Raspberry Pi Projects
PwnPi
Raspberry Pwn
PwnBerry Pi
Defending your network
Running Raspberry Pi on your PC with QEMU emulator
Other Raspberry Pi uses
More uses
Summary
Index
Index

Reverse shell through SSH

We have already covered the advantages of using a Raspberry Pi at remote locations. The important thing to consider is how you should control the Raspberry Pi once you have placed the Raspberry Pi on the target's network. The most obvious and flexible way would be to SSH into Kali Linux.

Since Kali Linux is a fully featured Linux operating system, you can control the entire environment through SSH; however, your incoming SSH connections may be blocked by firewalls or other security solutions. Many organizations have security measures in place to block incoming connections with the goal of preventing backdoors into their network. In a white-box assessment, you may be explicitly able to open up a firewall to permit SSH to your Raspberry Pi as shown in the following image. The bad news is even if this is possible from a policy standpoint, it may be difficult to achieve when dealing with multiple sites under multiple administrative controls. Reverse SSH is a good alternative...

Previous Section
End of Section 10
Next Section