Open Source Detective

Tutorial: Pentesting Device with Raspberry Pi Zero

Cover Image for Tutorial: Pentesting Device with Raspberry Pi Zero
Open Source Detective

Introduction:

Lately I’ve been more and more interested in pentesting and cyber security. To continue my deep dive into the topic I’m going to create a pentesting device out of a Raspberry Pi Zero. A few requirements I want to fulfill. First, I’d like to be able to run many of the commands that you can run in Linux. Second, I’d like it to be battery powered and attach my iPhone to it to run commands. Essentially I’d like to be able to carry the device in my pocket and operate it with my iPhone.

Requirements:

Setup Steps:

  • First I installed a fresh copy of the rasbpian OS compatible with the Raspberry Pi Zero using the Raspberry Pi Imager:
  • Next I put the raspberry pi into hot spot mode. I want to be able to connect to the Pi anywhere and SSH into it from my phone. In order to do this I had to turn it into a hotspot. I followed the tutorial here to get me up and running: https://www.tomshardware.com/how-to/raspberry-pi-access-point
  • Now that the Pi boots into hotspot mode, the wlan0 interface is no longer accessible for wifi monitoring or accessing the internet. In order to get around this you’ll need to attach a USB wifi dongle with monitor mode. Here’s a good list: https://www.stationx.net/best-wifi-adapters-for-kali-linux/
  • The last piece of hardware we will need is a power supply. My goal for this project is to be portable. I want to be able to carry this with me anywhere and SSH to it from my laptop or phone and run pentest commands. I ordered this one from adafruit: https://www.adafruit.com/product/1566

Connecting to an iPhone:

We’ve already configured the Raspberry Pi so that it will be easily accessible from an iPhone. The only additional step is to download an SSH client in the app store. I like RaspController. This app gives you complete control of a Rasperry Pi over SSH. So the steps to connect are:

  • Boot the Raspberry Pi which we configured to automatically start wlan0 interface in hotspot mode.
  • Connect to the hotspot with the SSID and Password that you setup in the Setup Steps.
  • Find the IP address of the Raspberry Pi
  • Setup the SSH connection in the RaspController app

Conclusion:

Now we have a portable Raspberry Pi that we can connect to from our phone. Next I’ll be installing specific pentesting software to try!


More Stories

Cover Image for Local DNS Server with Pi-Hole

Local DNS Server with Pi-Hole

Recently, I’ve been developing some websites to run on my local network and wanted to create my own DNS server. After some research I realized that building my own custom server would be a lot more work than I wanted to undertake. After a little more searching I came across Pi-Hole which offered a much quicker solution.

Open Source Detective
Cover Image for Bambu P1S Review: 3D Printing Made Easy!

Bambu P1S Review: 3D Printing Made Easy!

I don’t typically do reviews of products, I’ve always felt I didn’t want to steer someone towards or away from a product because of my singular experience with it. But for the Bambu P1S printer I’d like to break my rule. Only because I love this thing so much.

Open Source Detective