Kali Linux is one of the most popular penetration testing platforms used by security professionals, hackers, and researchers around the world for security and vulnerability assessment, attack research, and risk testing. Kali Linux offers a wide variety of popular open source tools that can be used in all aspects of penetration testing. Kali Linux has evolved from BackTrack 5 R3 into a model of a complete desktop OS.
The Raspberry Pi is an extremely low-cost computer that plugs into a monitor using High Definition Multimedia Interface (HDMI) and uses your own USB keyboard and mouse. Many computer experts remember the days when computers would not just turn on and begin to operate; you had to actually do something with them. Raspberry Pi provides an environment to learn computing and programming at an extremely affordable price. People have used the portability and low cost of the device to build learning devices, remote cameras, security systems, earthquake detectors, and many other projects.
In this chapter, we will cover the following topics:
- Purchasing and assembling a Raspberry Pi
- Installing Kali Linux
- Combining Kali Linux and Raspberry Pi
- Cloning the Raspberry Pi SD card
- Avoiding common problems
In this book, we chose the Raspberry Pi Model B+. You won't find any major differences if you are using another model; however, you may need to tune some things to work with your particular configuration.
The following figure shows a Raspberry Pi Model B+ and highlights the differences between Model B and Model B+:
Some key benefits of Model B+ as compared to the previous generations are as follows:
There are some available Raspberry Pi bundles such as the Raspberry Pi Ultimate Kit, which at the time of writing this book was available for $79.99 in US from www.amazon.com. This kit provides a Raspberry Pi Model B+, case, power adapter, and Wi-Fi dongle. You can also find the basic B+ model that does not include the power adapter, SD card, and so on. This means that you can just get the chipboard for around $40 on www.amazon.com. Some tasks, such as wire tapping, may require a second Ethernet port, but the Raspberry Pi by default only offers one Ethernet port.
You can purchase a USB to Ethernet adapter for around $11.00 to meet this purpose. Also, many kits do not include an SD adapter for most computer readers. For example, portable MacBook Pro computers offer an SD port; however, you will need to pick up a microSD adapter for under $10 to be able to format the Raspberry Pi microSD card. For wireless penetration testing, you will need a USB to wireless adapter that can be purchased for around $10. Overall, most Raspberry Pi components are inexpensive, keeping the total project cost for most systems between $50 – $100.
The following image shows an example of an unboxed Raspberry Pi chipboard:
The following image contains an example of a Raspberry Pi bundle that is sold on eBay:
The following image is an example of a USB to Ethernet adapter:
The following image is an example of a microSD to SD adapter:
The following image is an example of a USB to Wi-Fi adapter:
The CanaKit Wi-Fi adapter is good for the Raspberry Pi because of it's size, portability, and compatibility.
In this book, we will explore how to use Raspberry Pi as a remote penetration testing agent, and use its wireless features to connect back to central management systems. It is most likely that you will need the components mentioned previously at some point as you become more familiar and comfortable with the Raspberry Pi using Kali Linux or other penetration testing applications.
Here is a summary list of the cost to build a Raspberry Pi for a penetration test:
- Raspberry Pi B+ Model ranges between $35 and $45
- USB to wireless adapter ranges between $10 and $20
- USB to Ethernet adapter ranges between $10 and $20
- SD to microSD converter with microSD card ranges between $10 and $20
- Power adapter ranges between $5 and $10
- USB power supply for mobile penetration testing ranges between $10 and $20
Starter kit bundles can range from $60 to $90 depending on what is included in them.