Kali Linux Micro Hacking Station Raspberry Pi
Raspberry Pi is a small pocket sized low cost computer. Today we will be setting up Kali Linux on Raspberry Pi. We can use Kali Linux on Raspberry Pi to hack WiFi passwords, launch various social engineering attacks, Set up rogue access points and a wide range of other attacks. Kali Linux comes with many of the best hacking tools pre-installed. Thanks to Raspberry Pi small size its stealthy and can be hidden easily, The Raspberry Pi does not use a lot of power and can be ran from portable power bank.
Since the Raspberry Pi runs on Linux it’s a perfect choice for pentesting. Raspberry Pi is not good at performing compute intensive tasks such as brute force attacks. If you plan on using Raspberry Pi to crack captured password hashes using brute force methods it’s best to use Raspberry Pi to collect data and send data to be cracked by larger computers.
Requirements:
You will need
- Raspberry Pi
- SD Card (16GB +)
- 2.5 Amp 5 volt micro USB power supply
- Computer to write Kali Linux ARM image to your SD Card (Must have SD Card Reader)
- Keyboard & Mouse (Only needed until Raspberry Pi is set up to be used headless)
- HDMI Display (Only needed until Raspberry Pi is set up to be used headless)
Downloading & Writing Kali Linux IMG to SD Card
First download Kali Linux ARM image for your Raspberry Pi model.
Download Kali Linux ARM Image Kali Linux RaspberryPi 2 and 3
Download Kali Linux ARM Images
In this guide I will be using Kali Linux version 2019.1 (kali-linux-2019.1-rpi3)
Extracting SD Card Image
When we download Kali Linux for Raspberry Pi it will come packed inside a img.xz archive. We need to extract image from archive.
Linux:
To extract image from archive using Linux we can use command unxz. Modify ‘/root/kali-linux-2019.1-rpi3-nexmon.img.xz’ to your Kali Linux img.xz download location.
unxz '/root/kali-linux-2019.1-rpi3-nexmon.img.xz'
Windows:
To extract .xz archives using Windows we can use 7-Zip is a file archiver with a high compression ratio.
Write SD Card Image
Now we have extracted Kali Linux image we are ready to write image to an SD Card.
Insert SD card into a computer or laptop with an SD Card reader.
Linux:
In Linux we can use dd to write image to SD Card.
First use fdisk to find out your SD Cards disk identifier. Your SD Cards disk identifier should look something like this /dev/mmcblk0.
fdisk -l
If you’re using Kali Linux you can also use gnome-disks to find your disk identifier.
gnome-disks
in gnome-disks you can find disk identifier under Device. My SD Cards disk identifier was /dev/mmcblk0
Now that we know what disk identifier our SD Card uses we can use dd command to write Kali Linux img to SD Card.
Usage:
sudo dd if=NameOfImageToWrite.img of=/dev/rdiskNUMBER bs=1M
if = kali linux image location
of= SD Card disk identifier
bs= block size
Example:
sudo dd if=’/root/Downloads/kali-linux-2019-1-rpi3-nexmon-img-xz/kali-linux-2019.1-rpi3-nexmon.img’ of=/dev/mmcblk0 bs=1M
Windows:
If you’re using Windows you can use Etcher or Win32 Disk Imager to write Kali Linux img to SD Card.
Once we have written Kali Linux ARM image to SD Card slot SD Card back into Raspberry Pi.
Getting Kali Linux Ready To Be Used Headless
A computer system or device that is used headless has been configured to operate without a monitor, keyboard, and mouse. A headless system is usually controlled over a network connection. In this guide we will be setting up our Raspberry Pi running Kali Linux to be controlled remotely over our network using SSH.
Plug power cable, HDMI display, Keyboard & Mouse in to your Raspberry Pi. Note: We will be running Kali Linux headless HDMI display, Keyboard & Mouse are only needed while setting up prerequisites.
Once your Raspberry has booted you will see a Kali Linux login on your display.
Default username and password is
Username: root Password: toor
Using root default password can hold security risks before we continue open a new terminal and use passwd command to change default password.
passwd root
Expand Partition Size
resize2fs /dev/mmcblk0p2
Updating Kali Linux
Connect to internet using wireless or ethernet open up terminal and use command below to update & upgrade Kali Linux on our Raspberry Pi.
apt-get update && apt-get upgrade && apt-get dist-upgrade
Install OpenSSH Server
To use our Raspberry Pi headless we will need to install OpenSSH Server. OpenSSH is a connectivity tool for remote login with the SSH protocol. Once we have installed and configured OpenSSH we will be able to connect to our Raspberry Pi remotely using a SSH client.
apt-get install openssh-server update-rc.d -f ssh remove update-rc.d -f ssh defaults
Change Default OpenSSH keys
We now need to move old SSH keys and regenerate new SSH Keys. Default SSH Keys can be guessed easily and can hold a security risk. We can move old SSH keys and regenerate new SSH keys by using commands below.
cd /etc/ssh/ mkdir insecure_old mv ssh_host* insecure_old dpkg-reconfigure openssh-server
Once we have moved old SSH keys we need to change some settings in SSH config in terminal enter command.
nano /etc/ssh/sshd_config
This will open up SSH config inside nano editor.
Modify this line: PermitRootLogin without-password Modify line to: PermitRootLogin yes
Save and exit nano
Ctrl + X will quit the editor you will be asked if you want to save changes. press Y
Restart SSH Server
sudo service ssh restart update-rc.d -f ssh enable 2 3 4 5
Checking SSH Server Status
We can check if SSH server is running using service command.
sudo service ssh status
If SSH server status shows SSH is not running use command to start SSH.
sudo service ssh start
Auto Login
Using user login can cause problems while running our Raspberry Pi headless. By enabling Auto Login we can quickly use our Raspberry Pi headless by skipping login phase.
To use auto login features we will need to modify lightdm.conf & lightdm-autologin config.
cd /etc/lightdm
nano lightdm.conf
Remove comment # from both lines of code and add username root to first line of code
Modify This Line: #autologin-user= Modify This Line: #autologin-user-timeout=0
Modify Line To: autologin-user=root
Modify Line To: autologin-user-timeout=0
Save file and exit from nano. Ctrl + X will quit the editor you will be asked if you want to save changes. press Y
Now we need to open up lightdm-autologin config.
light-dm-autologin
cd /etc/pam.d
nano lightdm-autologin
Remove comment # from line
Modify Line:
#auth required pam_succeed_if.so user != root quiet_success
Modify Line To:
auth required pam_succeed_if.so user != root quiet_success
Save file and exit from nano. Ctrl + X will quit the editor you will be asked if you want to save changes. press Y
Login to your Raspberry Pi from your computer or laptop
To login to Raspberry Pi via SSH we will need to find local IP address of our Raspberry Pi. In Linux we can use ifconfig command.
ifconfig
To find out our local IP address using Windows we can use Advanced IP Scanner.
Connect to SSH
Windows
To connect to SSH using Windows we can use PuTTY
Linux
To connect to Raspberry Pi SSH using Linux use ssh command.
ssh [email protected]
Android
To connect to Raspberry Pi SSH using Android we can use ConnectBot App from Playstore
ConnectBot is a open-source Secure Shell (SSH) client for Android.
Hackers Keyboard
Hackers keyboard has separate number keys, punctuation in the usual places, and arrow keys. Hackers Keyboard is based on the AOSP Gingerbread soft keyboard.
This keyboard is useful if you use ConnectBot for SSH access. It provides working Tab/Ctrl/Esc keys, and the arrow keys are essential for devices that don’t have a trackball or D-Pad.
Download Hackers Keyboard Playstore
ConnectBot Alternitives for iPhone
Wireless Modes
Now we can use our Raspberry Pi headless we can add our high gain wireless adapters. Consider the size of the card and how big the antennas are if you require stealth. Make sure your wireless adapters have good mode compatibility.
To use many of the wireless hacking tools in Kali Linux we will need wireless cards with monitor mode and master mode. If you want to broadcast access point you will need a wireless card with master mode.
Mode compatibility:
Monitor mode: or RFMON (Radio Frequency MONitor) mode, allows a computer with a wireless network interface controller (WNIC) to monitor all traffic received from the wireless network. Unlike promiscuous mode, which is also used for packet sniffing, monitor mode allows packets to be captured without having to associate with an access point or ad hoc network first.
Master Mode: is a type of wireless mode that is often associated with Access Point or Base Station to provide network access.
Remotely Accessing Raspberry Pi outside of local network
If you want to use SSH remotely from another network you will need to use your public IP address for SSH.