Hacking and Penetration Testing with Low Power Devices shows you how to perform penetration tests using small, low-powered devices that are easily hidden and may be battery-powered. It shows how to use an army of devices, costing less than you might spend on a laptop, from distances of a mile or more.
Hacking and Penetration Testing with Low Power Devices shows how to use devices running a version of The Deck, a full-featured penetration testing and forensics Linux distribution, and can run for days or weeks on batteries due to their low power consumption. Author Philip Polstra shows how to use various configurations, including a device the size of a deck of cards that can easily be attached to the back of a computer.
While each device running The Deck is a full-featured pen-testing platform, connecting systems together via 802.15.3 networking gives you even more power and flexibility. This reference teaches you how to construct and power these devices, install operating systems, and fill out your toolbox of small low-power devices with hundreds of tools and scripts from the book's companion website. Hacking and Pen Testing with Low Power Devices puts all these tools into your hands and will help keep you at the top of your game performing cutting-edge pen tests from anywhere in the world!
- Understand how to plan and execute an effective penetration test using an army of low-power devices
- Learn how to configure and use open-source tools and easy-to-construct low-power devices
- Leverage IEEE 802.15.4 networking to perform penetration tests from up to a mile away, or use 802.15.4 gateways to perform pen tests from anywhere in the world
- Access penetration testing operating systems with hundreds of tools and scripts on the book's companion web site
Hacking and Penetration Testing with Low Power Devices shows you how to perform penetration tests using small, low-powered devices that are easily hidden and may be battery-powered. It shows how to use an army of devices, costing less than you might spend on a laptop, from distances of a mile or more. Hacking and Penetration Testing with Low Power Devices shows how to use devices running a version of The Deck, a full-featured penetration testing and forensics Linux distribution, and can run for days or weeks on batteries due to their low power consumption. Author Philip Polstra shows how to use various configurations, including a device the size of a deck of cards that can easily be attached to the back of a computer. While each device running The Deck is a full-featured pen-testing platform, connecting systems together via 802.15.3 networking gives you even more power and flexibility. This reference teaches you how to construct and power these devices, install operating systems, and fill out your toolbox of small low-power devices with hundreds of tools and scripts from the book's companion website. Hacking and Pen Testing with Low Power Devices puts all these tools into your hands and will help keep you at the top of your game performing cutting-edge pen tests from anywhere in the world! Understand how to plan and execute an effective penetration test using an army of low-power devices Learn how to configure and use open-source tools and easy-to-construct low-power devices Leverage IEEE 802.15.4 networking to perform penetration tests from up to a mile away, or use 802.15.4 gateways to perform pen tests from anywhere in the world Access penetration testing operating systems with hundreds of tools and scripts on the book's companion web site
Front Cover 1
Hacking and Penetration Testing with Low Power Devices 4
Copyright 5
Dedication 6
Contents 8
Foreword 12
Author Biography 14
Acknowledgments 16
Chapter 1: Meet the deck 18
Introduction 18
Fear Not 18
The Deck 19
Devices Running The Deck 19
Penetration Testing Tools 20
Modes of Operation 24
The Deck as a desktop system 24
The Deck as a dropbox 25
The Deck as a hacking drone 26
Summary 28
Chapter 2: Meet the beagles 30
Introduction 30
Texas Instruments Devices 31
BeagleBoard-xM 31
BeagleBone 35
BeagleBone Black 38
Summary 43
Chapter 3: Installing a base operating system 44
Introduction 44
Non-Linux Options 44
Windows CE 44
QNX 45
FreeBSD 45
StarterWare 46
Android 46
Linux Options 48
Ångström 49
Arch Linux 51
Gentoo 52
Sabayon 54
Buildroot 54
Nerves Project with Erlang/OTP 54
Fedora 55
Debian 56
Ubuntu 58
Desired Attributes for Penetration Testing Linux Distribution 59
Ubuntu Options 60
Ubuntu Variants 61
Kernel Choices 61
Device trees 62
Creating a microSD Card 62
Summary 63
Chapter 3 Appendix: Digging Deeper into the Setup Script 63
Chapter 4: Filling the toolbox 72
Introduction 72
Adding a Graphical Environment 72
Adding Tools the Easy Way 79
Using Repositories 79
Using Packages 82
Adding Tools the Hard Way 86
Native Compilation 87
Simple Cross compilation 87
Cross compiling Using Eclipse 88
Using existing make files 88
Creating new projects 91
Adding remote debugging 92
Automating Source Builds 96
Installing Python Tools 102
Installing Ruby 103
Starter Set of Tools 103
Wireless Cracking 103
Password Cracking 105
Scanners 106
Python Tools 107
Metasploit 107
Summary 109
Chapter 5: Powering The Deck 110
Introduction 110
Power Requirements 111
Power Sources 113
Wall Power 114
USB Power 114
Battery Power 115
Solar Power 119
Reducing Power Consumption 120
Penetration Testing With a Single Beagle 122
Getting on the Wireless 123
Finding What Is Out There 126
Looking for Vulnerabilities 129
Exploiting Vulnerabilities 131
Attacking Passwords 134
Detecting Other Security Issues 137
Summary 138
Chapter 6: Input and output devices 140
Introduction 140
Display Options 140
Traditional Monitors 140
Directly Attached Devices 141
Keyboards and Mice 143
IEEE 802.11 Wireless 143
IEEE 802.15.4 Wireless 145
Network Hubs and Switches 146
BeagleBone Capes 146
XBee Mini-Cape 148
XBee Cape 152
Single-sided XBee cape 156
Penetration Testing With a Single Remote Drone 158
Getting on the Wireless 159
Finding What is Out There 165
Looking for Vulnerabilities 167
Exploiting Vulnerabilities 170
Attacking Passwords and Detecting Other Security Issues 170
Summary 170
Chapter 7: Building an army of devices 172
Introduction 172
Using IEEE 802.15.4 Networking 173
Point-to-Multipoint Networking 173
Mesh Networking 175
Configuring IEEE 802.15.4 Modems 176
Series 1 Modem Configuration 178
Series 2 Modem Configuration 180
Remote Control the Easy Way 183
Remote Control via Python 185
Saving Power 201
Adding Security 203
Expanding Your Reach 205
IEEE 802.15.4 Routers 205
IEEE 802.15.4 Gateways 206
Penetration Testing With Multiple Drones 207
Meet Phil's Fun and Edutainment 207
Planning the Attack 208
Configuring Devices 209
Executing the Attack 210
Summary 220
Chapter 8: Keeping your army secret 222
Introduction 222
Hiding Devices 223
Hiding Devices in Natural Objects 223
Hiding Devices in and Around Structures 224
Using Toys and Trinkets to Hide Devices 231
Installing Devices 233
Initial Hiding 237
Maintaining Devices 239
Removing Devices 239
Summary 239
Chapter 9: Adding air support 240
Introduction 240
Building the AirDeck 240
Selecting a Platform 240
The Router-only Option 243
A Fully-functional Drone and Router 244
Using Your Aerial Drone 246
Router-only Operation 246
Using the AirDeck 247
Conserving Power 247
Alternative Aircraft 250
Quadcopter 250
An Improved Flying Wing 250
Summary 251
Chapter 10: Future directions 252
Introduction 252
Current Happenings with The Deck 252
Cape Contemplations 253
Ports of The Deck 253
Ultralow Power with Microcontrollers 254
Closing Thoughts 254
Index 256
Meet the deck
Abstract
This chapter introduces The Deck, a Linux distribution based on Ubuntu 13.04 that runs on the BeagleBoard and BeagleBone family of ARM-based computer boards. The Deck includes many powerful tools used by penetration testers and forensics experts. Unlike desktop Linux systems that have been ported to ARM-based boards, The Deck is optimized for this platform.
The Deck is meant to operate in one of three modes: a traditional desktop, a dropbox to be planted, or a drone, which will use IEEE 802.15.4 networking to be controlled from distances of up to a mile away.
Keywords
Penetration testing
The Deck
IEEE 802.15.4
BeagleBone Black
BeagleBoard-xM
ARM
Information in This Chapter
• The Deck—a custom Linux distribution
• Small computer boards running Linux
• Standard penetration testing tools
• Penetration testing desktops
• Dropboxes—attacking from within
• Drones—attacking from a distance with multiple devices
Introduction
We live in an increasingly digital world. The number of interconnected devices in our world is constantly on the rise. Businesses worldwide rely on computers, tablets, smartphones, and other digital devices in order to compete in a global economy. Many businesses are necessarily connected to the Internet. Newly connected systems can come under attack by malicious persons and/or organizations in a matter of minutes. Because of this, the demand for information security (infosec) professionals is strong. Penetration testers (pentesters) are some of the most sought after infosec people.
Chances are that if you are reading this book, you already know what penetration testing entails. Penetration testing (pentesting) is authorized hacking performed at the request of a client in order to ascertain how easily their digital security may be penetrated and steps that should be taken to improve their security posture. The need for penetration testing has led to the creation of a number of specialized Linux distributions. Up until now, these custom Linux distributions have been created almost exclusively to be run by a single penetration tester using an Intel-based (or AMD-based) desktop or laptop computer.
Fear Not
Before getting started with the main topic of this chapter, I wanted to provide you with some assurances up front. This book is written under the assumption that you have an understanding of general penetration testing concepts and basic Linux usage. Everything else you need to know will be provided in this book. You need not be an elite hacker (but if you are, then good for you!) or advanced Linux user/administrator to get something out of this book. Most importantly, absolutely no hardware knowledge is assumed. While information will be provided for those wishing to create their own custom circuit boards and such, most of what is described in this book is also commercially available.
If you are new to the idea of hardware hacking, you can choose the level to which you want to push yourself. You can simply play it safe and buy commercially available BeagleBone capes (expansion boards that plug into the BeagleBone directly; see http://beagleboard.org/cape for more information). If you want to get your feet wet, you might solder four wires to a commercially available XBee adapter (such as this Adafruit adapter (http://www.adafruit.com/products/126)) to create a mini-cape as described later in this book. Information is provided for advanced users who want to etch their own custom circuit boards. You can do as little or as much hardware hacking as you wish without affecting your ability to perform powerful penetration tests as described in this book.
The Deck
The Deck, the custom Linux distribution described in this book, breaks the traditional model by providing penetration testers with an operating system that runs on low-power ARM-based systems developed by the nonprofit BeagleBoard.org Foundation (these will be described more fully in the next chapter, but see http://beagleboard.org/Getting%20Started if you just cannot wait till then). This permits devices running The Deck to be easily hidden and opens up the possibility of running off of battery power. At the time of this writing, The Deck contained over 1600 packages, making it extremely useful for penetration testing. The Deck is extremely flexible and is equally adept at being used as a traditional desktop, dropbox, or remote hacking drone.
What's in a Name?
The Deck
If you are a reader of science fiction, you may already have a suspicion where the name The Deck comes from. The Deck can refer to the custom Linux distribution described in this book or to a device running The Deck operating system. In the 1984 science fiction classic Neuromancer by William Gibson, cyber-cowboys using computer terminals attached to the Internet are said to “punch deck.” Gibson described a future where advanced devices (decks) are used to access the Internet. In my mind, the Beagles and similar small, low-power, inexpensive devices represent the future of penetration testing. Naming the system The Deck is a tribute to Gibson. Additionally, the BeagleBone is roughly the size of a deck of cards.
Devices Running The Deck
All of the devices shown in Figure 1.1 are running The Deck. At the time of this writing, The Deck runs on three devices in the Beagle family: the BeagleBoard-xM, BeagleBone, and BeagleBone Black edition. These boards will be described more fully in the next chapter. You can also find out more about them at the BeagleBoard Web site (http://beagleboard.org). For now, we will describe them as low-power boards based on ARM Cortex-A8 processors running at up to 1 GHz. Despite providing desktop-like performance, these devices require a fraction of the power of an Intel-based or AMD-based system. Even when driving a 7 in. touchscreen (such as this one: http://elinux.org/Beagleboard:BeagleBone_LCD7) and external wireless adapter, a 10 W (2 A at 5 V) power adapter is more than sufficient. Compare this with triple- and quadruple-digit wattages found in laptop and desktop systems.
Penetration Testing Tools
The Deck contains a large number of penetration testing tools. The intention is to have every tool you would likely need available without the trouble of downloading additional packages. Installing new packages to a hacking drone during a penetration test ranges from difficult to impossible. Some desktop-oriented penetration testing Linux distributions suffer from having many old packages that are no longer in common use. Each package included in The Deck was evaluated before inclusion. Anything deemed redundant to a new package was left out. Some of the more frequently used tools are introduced here.
Wireless networking has become extremely prevalent. As a result, many penetration tests start with the need to crack a wireless network. The aircrack-ng suite is included in The Deck for this purpose. The airodump-ng utility is used for basic packet captures and analysis. Captured packets can then be fed to aircrack-ng in order to crack network encryption. Screenshots of airodump-ng and aircrack-ng are provided in Figures 1.2 and 1.3, respectively. More details on using the aircrack-ng suite will be provided in future chapters.
Even in cases where a client is not using wireless networking, the aircrack-ng suite can be useful for detecting and possibly cracking any rogue access points on the client's network. A very easy to use point-and-click wireless cracking tool known as Fern WiFi Cracker is also included with The Deck. A screenshot showing a successful crack with Fern is shown in Figure 1.4. Those newer to penetration testing might find Fern easier to use. Due to their interactive nature, neither aircrack-ng nor Fern is suitable for use in a hacking drone. For this reason, the Scapy Python tool (http://www.secdev.org/projects/scapy/) is included in The Deck.
Regardless of whether they are from wired or wireless networks, network packets are potentially interesting to the penetration tester. The Deck includes Wireshark (http://www.wireshark.org/) for capturing and analyzing captured packets. Nmap (http://nmap.org/), a standard network mapping tool, is also provided for identifying services and hosts on a target network. A collection of vulnerability scanners and a powerful exploitation framework known as Metasploit (http://www.metasploit.com/) are also bundled in the standard version of The Deck. Some of these tools are presented in Figure 1.5.
Metasploit is a very popular tool maintained by Rapid 7 (http://www.rapid7.com/). Numerous books, training classes, and videos covering Metasploit...
| Erscheint lt. Verlag | 10.9.2014 |
|---|---|
| Sprache | englisch |
| Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
| Technik ► Elektrotechnik / Energietechnik | |
| ISBN-10 | 0-12-800824-5 / 0128008245 |
| ISBN-13 | 978-0-12-800824-9 / 9780128008249 |
| Haben Sie eine Frage zum Produkt? |
PDF (Adobe DRM)Größe: 43,4 MB
Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM
Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine
Geräteliste und zusätzliche Hinweise
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
EPUB (Adobe DRM)Größe: 13,5 MB
Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM
Dateiformat: EPUB (Electronic Publication)
EPUB ist ein offener Standard für eBooks und eignet sich besonders zur Darstellung von Belletristik und Sachbüchern. Der Fließtext wird dynamisch an die Display- und Schriftgröße angepasst. Auch für mobile Lesegeräte ist EPUB daher gut geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine
Geräteliste und zusätzliche Hinweise
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich
