Hacking and Penetration Testing with Low Power Devices This page intentionally left blank Hacking and Penetration Testing with Low Power Devices Philip Polstra Technical Editor: Vivek Ramachandran AMSTERDAM (cid:129) BOSTON (cid:129) HEIDELBERG (cid:129) LONDON NEW YORK (cid:129) OXFORD (cid:129) PARIS (cid:129) SAN DIEGO SAN FRANCISCO (cid:129) SYDNEY (cid:129) TOKYO Syngress is an Imprint of Elsevier AcquiringEditor:ChrisKatsaropoulos EditorialProjectManager:BenjaminRearick ProjectManager:PriyaKumaraguruparan Designer:MarkRogers SyngressisanimprintofElsevier 225WymanStreet,Waltham,MA02451,USA Copyright#2015ElsevierInc.Allrightsreserved. Nopartofthispublicationmaybereproducedortransmittedinanyformorbyanymeans,electronicor mechanical,includingphotocopying,recording,oranyinformationstorageandretrievalsystem,without permissioninwritingfromthepublisher.Detailsonhowtoseekpermission,furtherinformationaboutthe Publisher’spermissionspoliciesandourarrangementswithorganizationssuchastheCopyrightClearance CenterandtheCopyrightLicensingAgency,canbefoundatourwebsite:www.elsevier.com/permissions. ThisbookandtheindividualcontributionscontainedinitareprotectedundercopyrightbythePublisher (otherthanasmaybenotedherein). Notices Knowledgeandbestpracticeinthisfieldareconstantlychanging.Asnewresearchandexperiencebroaden ourunderstanding,changesinresearchmethods,professionalpractices,ormedicaltreatmentmaybecome necessary. Practitionersandresearchersmustalwaysrelyontheirownexperienceandknowledgeinevaluatingand usinganyinformation,methods,compounds,orexperimentsdescribedherein.Inusingsuchinformation ormethodstheyshouldbemindfuloftheirownsafetyandthesafetyofothers,includingpartiesforwhom theyhaveaprofessionalresponsibility. Tothefullestextentofthelaw,neitherthePublishernortheauthors,contributors,oreditors,assumeany liabilityforanyinjuryand/ordamagetopersonsorpropertyasamatterofproductsliability,negligenceor otherwise,orfromanyuseoroperationofanymethods,products,instructions,orideascontainedinthe materialherein. LibraryofCongressCataloging-in-PublicationData Polstra,Philip,author. Hackingandpenetrationtestingwithlowpowerdevices/PhilipPolstra,associateprofessor,Bloomsburg University,Bloomsburg,PA;technicaleditor,VivekRamachandran. pagescm ISBN978-0-12-800751-8 1. Penetrationtesting(Computersecurity)–Equipmentandsupplies.2. BeagleBone(Computer) I. Ramachandran,Vivek,editor.II.Title. QA76.9.A25P59652015 005.8–dc23 2014027430 BritishLibraryCataloguing-in-PublicationData AcataloguerecordforthisbookisavailablefromtheBritishLibrary ISBN:978-0-12-800751-8 ForinformationonallSyngresspublications, visitourwebsiteatstore.elsevier.com/syngress ThisbookhasbeenmanufacturedusingPrintOnDemandtechnology.Eachcopyisproducedtoorderand islimitedtoblackink.Theonlineversionofthisbookwillshowcolorfigureswhereappropriate. Dedicated to my favorite wife, my favorite daughter, and my favorite son. This page intentionally left blank Contents Foreword...................................................................................................................xi Author Biography..................................................................................................xiii Acknowledgments...................................................................................................xv CHAPTER 1 Meet the Deck.......................................................1 Introduction.....................................................................................1 Fear Not.....................................................................................1 TheDeck.........................................................................................2 Devices Running TheDeck......................................................2 Penetration TestingTools..........................................................3 Modes ofOperation...................................................................7 Summary.......................................................................................11 CHAPTER 2 Meet the Beagles.................................................13 Introduction...................................................................................13 Texas Instruments Devices...........................................................14 BeagleBoard-xM......................................................................14 BeagleBone..............................................................................18 BeagleBone Black...................................................................21 Summary.......................................................................................26 CHAPTER 3 Installing a Base Operating System.......................27 Introduction...................................................................................27 Non-Linux Options..................................................................27 Linux Options..........................................................................31 Desired Attributes for PenetrationTestingLinux Distribution...42 Ubuntu Options.............................................................................43 UbuntuVariants.......................................................................44 Kernel Choices........................................................................44 Creating a microSDCard.............................................................45 Summary.......................................................................................46 Chapter 3Appendix: Digging Deeper into the Setup Script.......46 CHAPTER 4 Filling the Toolbox...............................................55 Introduction...................................................................................55 Adding a Graphical Environment................................................55 Adding Tools the Easy Way........................................................62 Using Repositories...................................................................62 Using Packages........................................................................65 vii viii Contents Adding Tools the Hard Way........................................................69 Native Compilation..................................................................70 Simple Cross compilation.......................................................70 Cross compiling Using Eclipse...............................................71 AutomatingSource Builds......................................................79 Installing Python Tools...........................................................85 Installing Ruby........................................................................86 Starter Set of Tools.......................................................................86 Wireless Cracking....................................................................86 Password Cracking..................................................................88 Scanners...................................................................................89 Python Tools............................................................................90 Metasploit................................................................................90 Summary.......................................................................................92 CHAPTER 5 Powering The Deck..............................................93 Introduction...................................................................................93 Power Requirements.....................................................................94 Power Sources..............................................................................96 Wall Power..............................................................................97 USB Power..............................................................................97 Battery Power..........................................................................98 Solar Power............................................................................102 ReducingPowerConsumption...................................................103 Penetration Testing With a Single Beagle.................................105 Getting on the Wireless.........................................................106 Finding What IsOut There...................................................109 Lookingfor Vulnerabilities...................................................112 ExploitingVulnerabilities.....................................................114 AttackingPasswords..............................................................117 Detecting Other Security Issues............................................120 Summary.....................................................................................121 CHAPTER 6 Input and Output Devices....................................123 Introduction.................................................................................123 Display Options..........................................................................123 TraditionalMonitors..............................................................123 Directly Attached Devices.....................................................124 Keyboards andMice...................................................................126 IEEE 802.11 Wireless................................................................126 IEEE 802.15.4 Wireless.............................................................128 Contents ix Network Hubs andSwitches......................................................129 BeagleBoneCapes......................................................................129 XBee Mini-cape.....................................................................131 XBee Cape.............................................................................135 PenetrationTestingWith aSingleRemote Drone....................141 Gettingon the Wireless.........................................................142 FindingWhat is OutThere....................................................148 Looking for Vulnerabilities...................................................150 Exploiting Vulnerabilities.....................................................153 Attacking Passwords andDetecting Other Security Issues.......................................................................153 Summary.....................................................................................153 CHAPTER 7 Building an Army of Devices...............................155 Introduction.................................................................................155 Using IEEE 802.15.4 Networking..............................................156 Point-to-Multipoint Networking............................................156 Mesh Networking..................................................................158 Configuring IEEE 802.15.4 Modems.........................................159 Series1 Modem Configuration.............................................161 Series2 Modem Configuration.............................................163 Remote Controlthe Easy Way...................................................166 Remote Controlvia Python........................................................168 Saving Power..............................................................................184 Adding Security..........................................................................186 Expanding Your Reach..............................................................188 IEEE802.15.4Routers..........................................................188 IEEE802.15.4Gateways.......................................................189 PenetrationTestingWith Multiple Drones................................190 Meet Phil’sFun andEdutainment.........................................190 Planningthe Attack...............................................................191 Configuring Devices..............................................................192 Executing the Attack.............................................................193 Summary.....................................................................................203 CHAPTER 8 Keeping Your Army Secret..................................205 Introduction.................................................................................205 Hiding Devices...........................................................................206 HidingDevicesinNatural Objects.......................................206 HidingDevicesinand Around Structures............................207 Using Toys and Trinkets toHide Devices............................214