Due to the impact of the epidemic, I have spent more time at home, and I finally have time to tinker with the Raspberry Pi 4B (Raspberry Pi) that I bought last year. During a large-scale attack and defense exercise last year, I heard about the amazing operation of using a drone + Raspberry Pi for wireless WiFi attacks, which shocked me, and I have always wanted to try it. Today, I will first install the penetration tool Kali Linux on the Raspberry Pi.
0x01 About Raspberry Pi
The Raspberry Pi is a small computer about the size of a credit card, using an ARM architecture processor produced by Broadcom, with memory ranging from 256MB to 4GB, primarily using an SD card or TF card as storage media, equipped with USB interfaces, HDMI video output (supports sound output), and RCA output, built-in Ethernet/WLAN/Bluetooth network connection methods, and can use various operating systems. Although the Raspberry Pi is small, it is fully functional and can perform most tasks that a regular computer can do. Many tasks that are difficult to accomplish on a regular computer are very suitable for the Raspberry Pi due to its low power consumption, portability, GPIO, and other features, such as the recently popular “local penetration”.
0x02 Installing Raspberry Pi Accessories
When buying a Raspberry Pi, having just the Raspberry Pi board is not enough. To be able to burn the system on the Raspberry Pi and extend its lifespan, beginners generally need the following accessories:
Power supply*1 (the power supply parameters are 5V, 3A) SD card*1 (16-32G) + card reader*1 Heat sink*1 set Case*1 Cooling fan*1 Monitor*1 HDMI cable*1 Keyboard*1We need to install the heat sink, cooling fan, case, and other accessories. First, stick the three heat sinks to the corresponding positions and secure the board and case with a screwdriver and screws. Then, plug the cooling fan’s connection wire into the Raspberry Pi motherboard. It is particularly important to note that the red and black wires of the fan need to be plugged into pins 4 and 6 respectively (as shown in the picture). If plugged incorrectly, the fan will not rotate.
Next, secure the cooling fan to the case with a screwdriver and screws. Be careful not to tighten the screws of the cooling fan too much, otherwise it will affect the fan’s cooling. After installation, it should look like this:
0x03 Burning Kali Linux System
After installing the accessories, the next step is to burn the system for the Raspberry Pi. First, go to the official website (https://www.offensive-security.com/kali-linux-arm-images/) to download the Kali Raspberry Pi system image:
Choose an image to download based on your situation. However, the official speed is very slow, so you can use another download link:
https://linuxtracker.org/index.php?page=downloadcheck&id=4a72f1c79fae44db6a398f932c30de9bf61b8cd6 Then, you need to burn the image into the prepared SD card, which can be done using Win32DiskImager:
In Win32DiskImager, select the Kali image file we downloaded, choose the SD card we are reading, click write, and wait for the progress bar to reach 100%. The Kali Linux system will be successfully written. Next, remove the SD card from the card reader, insert it into the Raspberry Pi, connect the screen with an HDMI cable, plug in the power and keyboard, and if all goes well, Kali will be installed on the Raspberry Pi:
0x04 Auto-start Configuration
After installing the Kali system on the Raspberry Pi, to take advantage of the portability of the Raspberry Pi, we cannot connect to the monitor every time. Therefore, we need to configure two items: automatically connect to WiFi and automatically start SSH, so that we can control the Raspberry Pi via SSH.
1. Automatic WiFi Connection Settings I encountered some pitfalls here, and the method that ultimately worked is as follows: Enter the /etc/wpa_supplicant directory, and then use the system’s built-in wpa_passphrase command to create a configuration file:
# cd /etc/wpa_supplicant/# wpa_passphrase "ssid" "12345678" > wpa_supplicant.confThe first parameter is the SSID network name, and the second is the key, which is written to the wpa_supplicant.conf configuration file. Then, we edit the /etc/network/interfaces file and add the following configuration at the end, which means to start the wlan0 network interface and load the configuration file we just added for connection.
auto wlan0allow-hotplug wlan0iface wlan0 inet manualwpa-roam /etc/wpa_supplicant/wpa_supplicant.confiface default inet dhcp 2. Auto-start SSH Kali SSH has security controls, and by default, the SSH service is not enabled, nor does it allow root users to log in remotely. Therefore, the following configurations are required: (1) Modify the /etc/ssh/sshd_config file, uncomment #PasswordAuthentication no, and change PermitRootLogin no to PermitRootLogin yes(2) Execute update-rc.d ssh enable to set auto-start In this way, after the Raspberry Pi starts, it will automatically connect to the WiFi hotspot we set and open the SSH service. As long as our computer is connected to the same WiFi, we can SSH into the Raspberry Pi for operations, which is very convenient.
0x05 Pitfalls of Emergency Mode
In actual use, it is often found that the Kali system on the Raspberry Pi starts up, but the SSH service does not auto-start. After connecting to the monitor for analysis, it is found that the Kali on the Raspberry Pi enters emergency mode every time it starts, instead of starting normally. Emergency mode does not automatically start SSH. I checked some information online, and it may be due to directly cutting off the power when shutting down the Raspberry Pi, causing file corruption in the SD card. The repair method is as follows: Connect the SD card with Kali to another Linux system via a card reader, assuming the device name is sdb, execute:
sudo umount /dev/sdb1sudo umount /dev/sdb2sudo fsck /dev/sdb1sudo fsck /dev/sdb2This will fix the problem of entering emergency mode every time. Note that when shutting down the Raspberry Pi, do not directly cut off the power; use the poweroff command to shut down. By now, we have installed Kali on the Raspberry Pi, and various penetration tools in Kali can be used just like on a computer. If you want to carry out wireless WiFi attacks, you can use the built-in aircrack-ng tool in Kali.
Therefore, next time during the exercise, you can see if there is a drone hovering outside the office building and whether a Raspberry Pi is mounted on the drone~
