Raspberry Pi Portable Hacking Station
Introduction
Looking at devices such as the esp8266_deauther and the P4wnP1 A.L.O.A., I realized that I wanted to create something like this. I am not the best at C, especially not for kernel and WiFi coding. With that being said, I chose the route to bring together resources in order to create a Raspberry Pi which is able to do hacking (the way I wanted it to). Obviously, you can download a Raspberry Pi image of Kali Linux or download the STICKY FINGERS KALI-PI image file and flash it onto the Pi. I think there are limitations to flashing a pre-made image, as you are not able to modify as much as you want. That is the reason I started this project, to customize a hacking tool for practical usage.
End Result
At the end of this project, you will have a Raspberry Pi that has :
SSH (Secure Shell)
VNC (Virtual Network Computing)
Hacking software (same ones used in Parrot and Kali OSes)
A wireless access point
A web server
Materials
Raspberry Pi (3B+ preferred)
Raspberry Pi Power Supply
MicroSD card (anything above 25 GB for all the tools, but 16 GB works too)
MicroSD card adapter
A wifi adapter (I used the Panda Wifi Adapter)
Connection to a Wifi network
A PC or laptop (in order to flash the SD card)
Step #1 - Raspberry Pi Setup
Head to https://www.raspberrypi.org/software/ and download the official Raspberry Pi Imager. I believe that a 32-bit version of Raspbian comes built into the Imager. If it is not available, you can download it from https://www.raspberrypi.org/software/operating-systems/. I would recommend downloading the "Raspberry Pi OS with desktop and recommended software" version. After installing the Imager, you should see a window like:
For the OS (Operating System), we will choose the "Raspberry Pi OS (32-bit)" or where you saved the image downloaded earlier. For the SD card, you choose the plugged in SD Card. After that, click on the "Write" button. After this, we have to plug the SD card back into the PC we are using to flash the SD card. We are going to run this Pi in "headless mode". This means that there are no peripherals (monitor, keyboard, etc.) directly connected to the Raspberry Pi. After connection, we will create 2 files on the SD card: ssh and wpa_supplicant.conf. On macOS, we can run:
The nano command, opens a window, where we can enter text. In the text editor, we will enter:
You will have to edit your ssid (WiFi name) and psk (WiFi password). After this, you can press CNTRL+S (to save) and CNTRL+X (to exit). We can then close the terminal, and eject the SD card.
Next, we will use a software in order to find the IP address of the Raspberry Pi so we can connect to the Pi using SSH. I used Angry IP Scanner, but an Nmap scan can do the trick. In order to make it easier to find our pi, we can change our preferences to scan only for port 22 (the default port for SSH). We can do this by clicking on the cog-type wheel, next to the IP range selection box.
One of the hostnames should be "raspberrypi.local", and this is what we are looking for. We can write the IP address of this down, and then use a software such as PuTTY to connect to the Pi using SSH. We can enter the IP address of the Pi. The username of the raspberry pi is "pi", and the password is "raspberry". The display should look as the following:
Step #1.1 - VNC
VNC is a software that allows a person to look at the desktop of a machine (Raspberry Pi, in our case), without attaching a monitor to the machine. We will use this to connect to the Raspberry Pi. We have to configure the Raspberry Pi in order to be setup for the vnc. To do this we can run "sudo raspi-config", which will allow us to configure the Pi. The first thing we have to change is Display. Under "Display Options", we see "Resolution". In Resolution, we have to change it to something that is NOT the "Default". For me, "DMT Mode 4 640x480 60Hz 4:3" works for me. Next, under "Interfaces", we have to enable VNC. After that, we can select "Finish" at the bottom, and then reboot the system.
In order to connect to the VNC server on the Pi, we have to use a software to connect to it. We can use RealVNC Viewer, in order to connect to the Pi. We can enter the same IP address as we did earlier in the search bar on the top, and it should bring us to a display:
Pressing "OK" should show us the desktop of the Raspberry Pi.
STEP #1.2 - Updating/Upgrading and root config
In the terminal, we will run the following commands:
STEP #2 - Hacking Software (Recommended)
I would highly recomend that you manually download the software you need through the GitHub of the software, or download the software itself. This is because adding a Kali/Parrot OS repository to our Raspbian sources list will then lead to file errors in the long run.
As an example, I will download mdk4, a wireless penetration testing software. In order to do this, I will have to download the software from the GitHub of mdk4. Fortunately, the GitHub tells us the commands we need to run:
I would recommend doing this for all software you want to download.
Hacking Software (Not Recommended)
This is not recommended because this method was not able to work with RaspAP
In order to get hacking software onto our Pi, there are 2 main methods: you can either download the software/code from online OR you can put Kali Linux sources in your /etc/apt/sources.list file. In this tutorial, I will be going with the second option. The documentation to the Kali Linux source file can be found at: https://www.kali.org/docs/general-use/kali-linux-sources-list-repositories/. From this website there are only lines we have to copy to our sources.list file on the Pi (fixed an error using this website):
After this is done, we will run "sudo apt-get update", and this will update the sources. From the Kali source, we will need mdk4, a WiFi exploiting tool. In order to download this we can run:
This downloads the mdk4 tool, and then it adds the command to the terminal commands that way we are able to run the command without any other effort. This is where the WiFi adapter comes into play. A Raspberry Pi (3B+), although capable to WiFi connection on its own, is not able to inject packets and play around with networks as an adapter is. I also downloaded the following software. I would recommend putting them into a bash script and executing the script with sudo privileges.
Errors I encountered
Errors with Meta-packages (Try at your own risk)
We can download a bunch of tools using meta-packages. To use that, we can run: sudo apt-get install kali-linux-large (You can replace large with another meta-package name). If you run the previous command, you will have to run the following commands to make sure it is setup correctly:
You can also use Katoolin, which is script that allows you to install the hacking software/tools.
If you are going to use Katoolin, remove the Kali sources from the /etc/apt/sources.list file
I have ran into a couple errors after running the "kali-linux-large" installation. These are problems that arose after I ran the "kali-linux-large" install. These problems did not occur when I downloaded the software one at a time. The reason for the errors were that, Kali was the main OS, instead of Raspbian.
One of the main errors I got, was that VNC was no longer working on the Pi. I then had to SSH into the pi, and then run "sudo raspi-config" in order to set up the VNC again. However, this VNC looks a bit different that the standard Raspberry Pi VNC:
This is not a problem for me, but still wanted to give a heads up about this, if you are trying this at home.
Another problem of mine was that the Apache web server went down. I did not find a way to get it back up. I tried multiple solutions, but to no avail. I decided to go back and start from scratch and start from STEP #1.
STEP #3 - Web Server
When we have all the Kali (and Parrot) hacking software at our disposal, we can use them from the command line however we want. However, I do believe that having a website that allows you to run commands with a press of a button "Watch Dogs" style has a coolness factor to it. This is what the website is meant to be: a way to efficiently run hacking commands with minimal effort. In this tutorial, we will be using Apache as the web server. To set this up we can run the following command
In order to check if the web server is running is running, we can run the following command:
If your output looks like the following, you should be able to see a webpage on http://localhost/:
Next, we are going to move the port that Apache is working on. Apache currently works on port 80 (HTTP), and we can change that (it is optional). To do this, we can edit a file to change the port:
We will replace the 80, with any port we want (anything under 1024 is good). Here I will do, 8080. After this is done, your file should like mine:
We will restart the Apache web server using "sudo systemctl restart apache2". In order to double check that it is still working, we can run "sudo systemctl status apache2". There should be a website on "http://localhost:8080/" (replace 8080 with your own port number). Here we will be creating our own website, that way the website and the commands work together. In order to do this, we will have to run the following command:
This will install php and its dependencies. We will use php for the website that way we can connect the website to Linux commands. The directory where we where will edit the files for the website are located at /var/www/html/ in the Raspberry Pi folder structure. In order to be able to run commands from the website, we will have the website to the sudoers file. We can run "sudo nano /etc/sudoers" and add the following the file:
My code for the website is the following, but you can change it to look/act how you want to. The following code is NOT COMPLETED. If you were to use it, place this code in "/var/www/html(filename).php".
You should be able to see a web-page, as the following, if everything is done correctly:
If you want to host an Apache webserver AND a RaspAP on different sites, you can do that, but I did not do that. The next command, will overwrite your current Apache site.
Step #4 - RaspAP
After the software is downloaded, I then commented the Kali source in the /etc/apt/sources.list file. This way I can make sure that all the other software I need comes from the direct Raspbian source. You will then have to run "sudo apt-get update" to then refresh the local cache for the sources. I then run the following the following command (either one):
This will download RaspAP on our Pi.
If you now try to go to localhost, you will see the following screen:
This is asking for the RaspAP's password. The username is: admin. The password is: secret. More information about RaspAP can be found here. Make sure to reboot at this point. The reboot will make sure your files are all set up for the AP to be ready. After the reboot is completed, you should see an access point called "raspi-webgui". Connect to it, and after connection, head to localhost:(port number). The most ideal usage for this would be through SSH. In order to do that, you can SSH to (user)@10.3.141.1. If this does not work, you can run "ping raspberry.local", and it will show you the IP address of the RaspAP.
I would highly recommend that you install all the software prior to setting up the RaspAP. This way you have all the tools you need on the Pi. I have unsuccessfully tried to connect the Pi to my local network after the download of RaspAP and have had no luck.
Last updated