Micro Hacking Station

Kali Linux Micro Hacking Station Raspberry Pi

Kali Linux Micro Hacking Station Raspberry Pi

 

Raspberry Pi is a small pocket-sized low-cost computer. Today we will be setting up Kali Linux on Raspberry Pi. We can use Kali Linux on Raspberry Pi to hack WiFi passwords, launch various social engineering attacks, Set up rogue access points and a wide range of other attacks. Kali Linux comes with many of the best hacking tools pre-installed. Thanks to Raspberry Pi’s small size its stealthy and can be hidden easily, The Raspberry Pi does not use a lot of power and can be run from a portable power bank.

Since the Raspberry Pi runs on Linux it’s a perfect choice for pen-testing. Raspberry Pi is not good at performing compute-intensive tasks such as brute force attacks. If you plan on using Raspberry Pi to crack captured password hashes using brute force methods it’s best to use Raspberry Pi to collect data and send data to be cracked by larger computers.

 

Requirements:

 

You will need

  • Raspberry Pi
  • SD Card (16GB +)
  • 2.5 Amp 5 volt micro USB power supply
  • Computer to write Kali Linux ARM image to your SD Card (Must have SD Card Reader)
  • Keyboard & Mouse (Only needed until Raspberry Pi is set up to be used headless)
  • HDMI Display (Only needed until Raspberry Pi is set up to be used headless)

 

Downloading & Writing Kali Linux IMG to SD Card

 

First, download the Kali Linux ARM image for your Raspberry Pi model.

 

Download Kali Linux ARM Image Kali Linux RaspberryPi 2 and 3

 

Download Kali Linux ARM Images

 

In this guide, I will be using Kali Linux version 2019.1 (kali-linux-2019.1-rpi3)

 

Extracting SD Card Image

When we download Kali Linux for Raspberry Pi it will come packed inside an img.xz archive. We need to extract image from the archive.

 

Linux:

To extract the image from the archive using Linux we can use command unxz. Modify ‘/root/kali-linux-2019.1-rpi3-nexmon.img.xz’ to your Kali Linux img.xz download location.

unxz '/root/kali-linux-2019.1-rpi3-nexmon.img.xz'

unxz-command-kali-linux

 

Windows:

To extract .xz archives using Windows we can use 7-Zip is a file archiver with a high compression ratio.

 

Write SD Card Image

 

Now we have extracted the Kali Linux image we are ready to write the image to an SD Card.

Insert SD card into a computer or laptop with an SD card reader.

 

Linux:

In Linux, we can use dd to write the image to SD Card.

First, use fdisk to find out your SD Cards disk identifier. Your SD Cards disk identifier should look something like this /dev/mmcblk0.

 

fdisk -l

 

If you’re using Kali Linux you can also use gnome-disks to find your disk identifier.

 

gnome-disks

 

in gnome-disks you can find disk identifier under Device. My SD Cards disk identifier was /dev/mmcblk0

gnome-disks-kali-linux

 

Now that we know what disk identifier our SD Card uses we can use dd command to write Kali Linux img to SD Card.

Usage:

sudo dd if=NameOfImageToWrite.img of=/dev/rdiskNUMBER bs=1M

 

if = kali linux image location
of= SD Card disk identifier
bs= block size

 

Example:

sudo dd if=’/root/Downloads/kali-linux-2019-1-rpi3-nexmon-img-xz/kali-linux-2019.1-rpi3-nexmon.img’ of=/dev/mmcblk0 bs=1M

 

dd-command-kali-linux

 

Windows:

If you’re using Windows you can use Etcher or Win32 Disk Imager to write Kali Linux img to SD Card.

Once we have written the Kali Linux ARM image to SD Card slot SD Card back into Raspberry Pi.

 

Getting Kali Linux Ready To Be Used Headless

A computer system or device that is used headless has been configured to operate without a monitor, keyboard, and mouse. A headless system is usually controlled over a network connection. In this guide, we will be setting up our Raspberry Pi running Kali Linux to be controlled remotely over our network using SSH.

 

Plug power cable, HDMI display, Keyboard & Mouse into your Raspberry Pi. Note: We will be running Kali Linux headless HDMI display, Keyboard & Mouse are only needed while setting up prerequisites.

 

Once your Raspberry has booted you will see a Kali Linux login on your display.

 

The default username and password is

 

Username: root

Password: toor

Using root default password can hold security risks before we continue open a new terminal and use passwd command to change the default password.

 

passwd root

 

Expand Partition Size

 

resize2fs /dev/mmcblk0p2

 

Updating Kali Linux

Connect to the internet using wireless or ethernet open up a terminal and use the command below to update & upgrade Kali Linux on our Raspberry Pi.

apt-get update && apt-get upgrade && apt-get dist-upgrade

 

Install OpenSSH Server

To use our Raspberry Pi headless we will need to install OpenSSH Server. OpenSSH is a connectivity tool for remote login with the SSH protocol. Once we have installed and configured OpenSSH we will be able to connect to our Raspberry Pi remotely using an SSH client.

apt-get install openssh-server
update-rc.d -f ssh remove
update-rc.d -f ssh defaults

 

Change Default OpenSSH keys

We now need to move old SSH keys and regenerate new SSH Keys. Default SSH Keys can be guessed easily and can hold a security risk. We can move old SSH keys and regenerate new SSH keys by using commands below.

cd /etc/ssh/
mkdir insecure_old
mv ssh_host* insecure_old
dpkg-reconfigure openssh-server

 

Once we have moved old SSH keys we need to change some settings in SSH config in terminal enter command.

 

nano /etc/ssh/sshd_config

 

This will open up SSH config inside nano editor.

 

Modify this line:

PermitRootLogin without-password

Modify line to:

PermitRootLogin yes

Save and exit nano

Ctrl + X will quit the editor you will be asked if you want to save changes. press Y

 

Restart SSH Server

 

sudo service ssh restart
update-rc.d -f ssh enable 2 3 4 5

 

Checking SSH Server Status

We can check if the SSH server is running using the service command.

sudo service ssh status

 

If SSH server status shows SSH is not running use the command below to start SSH.

 

sudo service ssh start

 

Auto Login

Using user login can cause problems while running our Raspberry Pi headless. By enabling Auto Login we can quickly use our Raspberry Pi headless by skipping the login phase.

To use auto-login features we will need to modify lightdm.conf & lightdm-autologin config.

cd /etc/lightdm
nano lightdm.conf

 

Remove comment # from both lines of code and add username root to the first line of code

Modify This Line: #autologin-user=
Modify This Line: #autologin-user-timeout=0
Modify Line To: autologin-user=root 
Modify Line To: autologin-user-timeout=0

Save file and exit from nano. Ctrl + X will quit the editor you will be asked if you want to save changes. press Y

 

Now we need to open up lightdm-autologin config.

light-dm-autologin

cd /etc/pam.d
nano lightdm-autologin
Remove comment # from line

Modify Line:

#auth required pam_succeed_if.so user != root quiet_success
Modify Line To:
auth required pam_succeed_if.so user != root quiet_success

Save file and exit from nano. Ctrl + X will quit the editor you will be asked if you want to save changes. press Y

 

Login to your Raspberry Pi from your computer or laptop

 

To login to Raspberry Pi via SSH we will need to find the local IP address of our Raspberry Pi. In Linux, we can use the ifconfig command.

ifconfig

 

To find out our local IP address using Windows we can use Advanced IP Scanner.

advanced-ip-scanner

 

Connect to SSH

Windows

To connect to SSH using Windows we can use PuTTY

ssh1

 

Linux

To connect to Raspberry Pi SSH using Linux use ssh command.

 

ssh [email protected]

 

ssh-kali-linux

 

Android

To connect to Raspberry Pi SSH using Android we can use ConnectBot App from Playstore

ConnectBot is an open-source Secure Shell (SSH) client for Android.

 

Hackers Keyboard

Hackers keyboard has separate number keys, punctuation in the usual places, and arrow keys. Hackers Keyboard is based on the AOSP Gingerbread soft keyboard.

This keyboard is useful if you use ConnectBot for SSH access. It provides working Tab/Ctrl/Esc keys, and the arrow keys are essential for devices that don’t have a trackball or D-Pad.

Download Hackers Keyboard Playstore

 

ConnectBot Alternatives for iPhone

 

Wireless Modes

 

cards

 

Now we can use our Raspberry Pi headless we can add our high gain wireless adapters. Consider the size of the card and how big the antennas are if you require stealth. Make sure your wireless adapters have good mode compatibility.

To use many of the wireless hacking tools in Kali Linux we will need wireless cards with monitor mode and master mode. If you want to broadcast access point you will need a wireless card with master mode.

 

Mode compatibility:

Monitor mode: or RFMON (Radio Frequency MONitor) mode, allows a computer with a wireless network interface controller (WNIC) to monitor all traffic received from the wireless network. Unlike promiscuous mode, which is also used for packet sniffing, monitor mode allows packets to be captured without having to associate with an access point or ad hoc network first.

Master Mode: is a type of wireless mode that is often associated with Access Point or Base Station to provide network access.

 

Remotely Accessing Raspberry Pi outside of local network

 

If you want to use SSH remotely from another network you will need to use your public IP address for SSH.

Spread the love

Subscribe to our newsletter!

yoast seo premium free