IMCAFS

Home

create your own penetrating artifact

Posted by lipsius at 2020-03-26
all

Why is this happening today? In fact, when we are infiltrating, some specific targets require us to conduct penetration experiments at close range. I'm sure everyone will bring a notebook, but it's too big to reveal that you're doing something. So what? Then make a small-scale penetrating artifact. (it's mainly the author of h0rey who says every day that his raspberry pie eats ashes at home and doesn't know what to do.)

Tool preparation:

Raspberry pie 3B

16g memory card

Heat sink and shell

Some of the things that you use in common use, such as monitoring network card, network cable, etc

One mobile power supply (5v-2a recommended, 5v-2.5a supported by raspberry pie)

Card reader

Voicessh (mobile platform software)

Putty (WIN platform)

SD formatter4.0 for SD / SDH / SDXC (format)

Win32diskimager (burn)

Are you ready?  

Text begins

I'm sure you've read the WiFi tool article I wrote before, which introduces that installing Kali in raspberry pie has become a hacker artifact, but today we use the official system of raspberry pie to install some penetration software, all based on the Linux operating system, so it's much easier to do.

Installation system:

Open the following webpage, select the first zip file and extract it. A image file will appear:

https://www.raspberrypi.org/downloads/raspbian/

Pay attention to this time. The SD card you bought needs to be formatted and then burned.

Use computer to read and brush SD card of raspbian system.

Raspbian

Create a new text file named SSH in the boot partition, which is the root directory of raspberry Pie / boot, and then save it to exit. In this way, we can use SSH to log in and manage. Remote login requires the IP address of raspberry pie. We can connect to the router to check the IP address of raspberry pie, and then use putty to connect. If you want to enable raspberry pie to power on and automatically connect to WiFi, you can create a wpa_supply.conf (file name must be changed to this) file in the boot partition, fill in the content according to the following format and save it:

/boot wpa_supplicant.conf

Default account number:

User name: Pi password: Raspberry

This allows you to use the putty connection to manage raspberry pie.

Common commands:

Sudo apt get update

Sudo apt get install TTF wqy zenhei. I don't recommend installing this Chinese character library. I just skip over.

Sudo raspi config (switch Chinese)

Then select change? Locale, and in default locale for the system environment: select zh cn.utf-8

You can also install remote desktop to control sudo apt get install xrdp

The above preparation system is ready. We start to install some penetration software.

Penetration software:

Dsniff (network sniffer tool)

Dsniff is a tool set, which is divided into four categories:

1. Tools for purely passive network activity monitoring, including: dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, WebSpy;

2. Mitm (man in the middle) "attack" tools for SSH and SSL, including sshmitm and webmitm;

3. Tools for initiating active deception, including arpspoof, dnsspoof and macof;

4. Other tools, including tcpkill, tcpnice

Installation command:

sudo apt install dsniff  

The software will install itself, input the command man arpspoof, and check the use of the command

man arpspoof

Nmap

I don't need to introduce this one more. It's a very easy-to-use network scanning and sniffing toolkit.

Advantages of nmap:

1. Flexible support for dozens of different scanning methods, support a variety of target object scanning.

2. Powerful nmap can be used to scan large-scale computers on the Internet.

3. Portability supports the mainstream operating systems: Windows / Linux / Unix / MacOS, etc.; the source code is open and easy to transplant.

Windows/Linux/Unix/MacOS

4. Simple default operation can cover most functions, basic port scan nmap targetip, comprehensive scan nmap – a targetip.

nmap targetip nmap –A targetip

5. As an open source software, free nmap can be used freely within the scope of GPL license.

6. Document rich nmap official website provides detailed document description. Nmap authors and other security experts have compiled many nmap reference books.

7. There is strong community team support behind community support nmap.

8. Praise has been rewarded and appears in many films and TV works (such as matrix 2, die hard4, etc.).

9. Nowadays, nmap has been listed as one of the necessary tools by thousands of security experts.

Installation command:

sudo apt install nmap    

After input, you will install by yourself. Enter the command nmap for instructions:

Mdk3

Mdk3 is a wireless DoS attack testing tool, which can launch beacon flood, authentication DOS, authentication / disassociation amok and other attacks. In addition, it also has the violence detection mode for hidden ESSID, 802.1x penetration test, wids interference and other functions. ".

Beacon Flood、Authentication DoS、Deauthentication/Disassociation Amok

Installation command:

sudo apt install mdk3  

You need to use the highest permission to enter sudo Su, then enter airmon ng to let the network card enter the monitoring mode (plug in the monitoring network card first), and then two network cards will appear, one is your own and the other is the one you just missed. Remember the corresponding monitoring network card name under your interface, and then enter airmon ng start The name of the network card can then be used to monitor the WiFi nearby:

sudo su airmon-ng airmon-ng start

Metasploit

Metasploit is a penetration framework. It's a magic artifact for the penetration practitioners. It's really difficult to install it. At the beginning, I used a lot of installation commands. At last, I found an installation command that can be used on raspberry pie.

Order:

curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall

After the input is completed, it will be stuck in a place for a long time. Don't worry about whether it is offline. When it is downloaded, enter Chmod 755 msfinstall and execute it

chmod 755 msfinstall

./msfinstall

Then we can use Metasploit normally:

(isn't the little sister very beautiful)

Type help to see the command. He has a lot of commands below that I intercepted:

You don't mean to make a small penetrating artifact?

But he still needs a computer to connect or screen. What's the difference between this one and the notebook, and an extra raspberry pie?

No, no, I didn't see the tools on top of us ready?

We use mobile phones to control raspberry pie, making our penetration more secluded. The above pictures are all operated on the mobile phone.

Download the joinesssh opening software:

JuiceSSh

Select the connection, create a login, enter the IP of your raspberry pie, and enter your raspberry pie user name and password in the authentication

Log in successfully:

Conclusion:

A small raspberry pie is something that can surprise you. How to make it create more value depends on how you use raspberry pie to create your own things. Of course, it's not perfect. If you want him to do a lot of data operations, let's forget it. After all, the configuration is here. There are other software that can also be installed. You have to dig it yourself. You want to download a VNC for graphic connection.

One might ask why not burn Kali's raspberry pie?

After all, the official system is stable and the most important time for raspberry school to bring its own system is snake eating!!! If you play with snakes, you will become addicted.