New kali linux on raspberry pi 4 hack

Offensive Security makes kali Linux a penetration testing platform on Debian distribution. Even kali Linux on raspberry pi 4 makes it the ultimate tool.

Although it seems like any other Linux distribution for the operating system it is a highly exclusive tool for security experts.

There is no logic to use it like any other operating system until not a concern with digital or cybersecurity.

Need in-depth knowledge of software, operating systems, network systems, and standard protocols like wi-fi and Bluetooth.

In some cases need hardware expertise also. People aware and curious about Kali Linux when tele series Mr. Robot shows various Kali Linux tools in action.

What is Kali Linux

In the early times, digital security tester or computer forensic experts do not have any platform or software support. They write their own programs for their custom needs.

But in the year 2013 Offensive Security developers introduce a platform that was needed for a long time.

For this purpose, they use the Debian distribution of the Linux operating system and provide all the tools together.

Also, make it open source and available code for everyone so that if anyone finds any loophole or bug inside the tool can be rectified.

There is wast support for all software and hardware platforms including virtual box and VMware.

Kali Installer

Standard recommended image of kali with its packages for offline installation on any device.

The download takes time because of its file size included almost all the tools and packages.

Live

Kali Linux image can be generated and can be copied to an external removable device to run from that device without installing it.

But it can not be modify later after creating.

Although the time of creation provides lots of options to select as per requirement or choice.

Kali NetInstaller

Small size setup to initiate the installation and does not contain files of default packages.

It can be choose and download during the installation.

Why to use Kali Linux on raspberry pi 4

Those who are not familiar with raspberry pi computer and accessories can follow the link raspberry pi.

Also described additional software required for install and setup.

A great advantage is a compact size and less power consumption makes it handy to carry everywhere.

This means penetration testing can be done from anywhere on the streets, public places, etc. Also, the advantage of Kali on rpi is on board availability of wi-fi and BlueTooth.

Support for raspberry pi 2/3/4 is available and all the tools work very well.

Kali Linux On RPi 4 installation

If already familiar with Linux and raspberry pi environment then it would be very easy to install.

Firstly need kali Linux ISO or IMG image file to kali Linux download from offensive security official website.

All the setup, documentation, and source code is available on GitHub as open-source and can be download via torrent.

There is 32/64 bit both versions are available for rpi 2/3/4.

With the help of Balena Etcher burn the image to the SD card ( 8 GB or more ) and puts it into the rpi sd card socket.

After verifying all the connections turn on the power supply of raspberry pi and let setup start automatically.

Coming steps more or less are common and applicable for all installation platforms.

Configuration

As soon as booting complete the login screen will appear for entering the user name and password.

In the 2020.1 version, the standard default password and default user name is kali. After entering the following display will appear.

Firstly change the password for the user kali account. Open the terminal window and type the following code.

$sudo passwd kali

Will ask for a password one or two times then type kali after that when asking for a new password select of your choice.

For creating a root account password also the same command will be used only instead of kali need to type root.

$sudo passwd root

After creating root password login as root using switch user then enter root as user and password for root.

At last need to reset ssh password using following commands.

#sudo rm /etc/ssh/ssh_host_*

#sudo dpkg-reconfigure openssh-server

#sudo service ssh restart

Here password and user setting customization is done. Now the time to update all the packages with the latest release of packages.

Open the terminal window again and type the command for getting updates from repositories.

#apt update && apt upgrade

After completion of the update process need to restart the system so that changes can take place.

Desktop Environment

Although in the Kali most of the work done on shell window or terminal would be better to know some desktop functions.

Here not going to discuss all the options and functions because most of the options are similar to other operating systems.

Rest options which are less important or can understand. There are several setting options to customize as displayed in the image below.

Following function name, Kazam is an integral part of Kali operating system.

Very helpful to record the full session or when need to take pictures of any specific event or command.

There is one more important option ‘Do not disturb’ to avoid distraction in between attack.

Also can specify the notification display between the session. Log related functions also done from here.

Kali-Undercover

Command makes me feel like a spy in the movies. With the simple command able to transform the entire desktop into the Windows10 environment.

# kali-undercover

When need to reverse the desktop just type the same command on the terminal and the original desktop will restore.

Tools and Application

Here is the link for latest complete tool list divided into categories.

Also, provide the complete details of the application like the author and how to use it with options.

The main categories are :

1 Information Gathering

2 Vulnerability Analysis

3 Web Application Analysis

4 Database Assessment

5 Password Attacks

6 Wireless Attacks

7 Reverse engineering

8 Exploitation Tool

9 Sniffing and Snoofing

10 Post Exploitation

11 Exploit Database

12 Forensics Tools

13 Stress Testing

In all the categories there are various tools for Kali which are going to explain below with some examples.

Information Gathering

The very first step of any application security test is to gather information as much as possible.

Later it will be useful to find loopholes or weak points in the target application.

The main objective of information gathering is to find out where and how to attack and what will be the strategy for attack.

Some basic steps for information gathering are :

1) Search Engines or public tools

2) Scanner for application fingerprints

3) Find out the version and web server by sending simple requests.

4) Force to leak information like generating an error with some information about the structure.

Nmap Tool

Network mapper (nmap) and its GUI version Zenmap is an opensource utility available for Windows, Linux, and Mac operating systems.

Even it can be use from rpi very well. Mostly use for network inventory, monitor, and manage host upgrade schedules.

# nmap -o ‘IP address of target’

Command detect the operating system of target.

# nmap -p -65535 -T4 ‘IP address of target’

Tells about open TCP/UDP port of target.

DNSENUM

Using domain name can find out all the information related to the domain like IP address, C Name, subdomain, and more.

# dnsenum domain-name.com

Vulnerability Analysis

For penetration testing, the meaning of vulnerability is a weakness or weak point of server, network, or application.

Vulnerability is the next step after gathering information and utilize gathered data.

Nikto

An open-source server scanner performs various tests on it. It performs quick tests but not in stealth mode.

# nikto -h ‘ip address’

Lynis

Security auditing tool for linux based servers and run on host itself.

# lynis -c –auditor ‘name’

Openvas and hydra are more advanced GUI based tools that execute more than one task simultaneously.

Wireless Attack

Wireless networks are very easy targets for attack because their range or limit can not be control within premises.

It can be accessed from the street or roadside with network access credentials.

Command to list all interfaces

# ifconfig

Command to monitor mode kill

# airmon-ng check kill

Start wireless monitoring

# airmon-ng -start Interface

Fern Wi-Fi Craker

GUI based program built for wireless attack and security auditing able to crack and recover wep2, WPA, wps passwords.

Main Features are

Password cracking of WPA 2 or WPA based on dictionary or WPS.

On success of cracking password automatically save in database.

Automated Access point attack mechanism.

Bruitforce attack on HTTP, HTTPS, Telnet, Ftp.

Hijack Cookies and sessions

Kismet

Designed for IEEE 802.11 networks but can expand to other networks. Able to detect and sniff networks.

Can be attached to both client and access point with geographic locations if GPS is available.

Ghost Phisher

A server security program with fake DHCP, DNS, and HTTP server. It can log and capture HTTP automatically.

Specially used in honeypot and phishing attacks. All can be done using such small gadgets.

Web Application Analysis

Those programs stay on either server or client-side and run on browsers known as web applications like web stores, Email accounts, etc.

At the same time, more than one person can use the application regardless of the geographic location or their operating system running on a computer.

HTTRACK

Open source website cloning application to store the entire website on system hard drive offline.

Also able to save website user credentials like Email, address, and password, etc. from website data.

# httrack webaddress -O ‘directory path for store’

W3AF (Web Application Attack and Audit Framework)

An application can be used as a command line or GUI interface for testing security or loop holes.

# w3af_console

# target

# set targer “IP add”

# plugin

# help

# audit

# audit all

# back

# start

WPSCAN

Dedicated to testing the security of WordPress websites and their plugins remotely with Kali Linux on raspberry pi 4.

# wpscan –url ‘domain address’

Password Attacks

In the world of digital revolution password security is a big concern. Nowadays passwords are not saved as user type or choose.

Because these passwords are stored on servers and for attackers, it would be like a treat.

All the passwords are encrypted with a special hash key of fixed length then stored.

Even sensitive information like credit card transactions is encrypted from source and later on destination decrypt with the same hash key.

Hash Function

Such a function which arbitrary length of data maps into a fixed length of data. Hash returns the value in the form of hash values, hash codes, or digests.

Some common hash examples are MD5, SHA-1, etc. Before cracking hash need to identify.

Hash Identifier

A program is used to identify the hash type of data or password for the given string.

John the Ripper

Once find out the information about hash type then the next step is to get a real password out of it using the following command.

# john -format=’hash type’ ‘file path’

Crunch

Application to generate a list of words with standard character sets or user define characters for the attempt as possible passwords.

# crunch min-length max-length

# crunch min-length max-length character-set

# crunch min-length max-length -p pattern

Reverse Engineering

Method to break any finished product into it’s building block to understand or improvise it’s architecture and working.

Here reverse engineering in terms of application or program breaks into code to make a better application from competitors or find weak points of application.

Some applications are as follows.

Apktool

As clear from the application name rebuild the android based apk extension application almost near to its original version.

# apktool -d application.apk

Edb Debugger

Based on Olydbg but GUI based designed for x86 to x86-64 bit multiple operating systems.

Easily recognize api , registers, loops and other coding components.

Capable of DLL debugging.

Plugin support for 3rd party allow several other DLL debuggers.

# chmod 755 application.exe

Sniffing and Spoofing

Both are different and used for different purposes. Both lots of tools are available.

Sniffing is to hear or record the information without coming to the notice of anyone. For example credit card information, financial statement, account numbers, etc.

On the other hand, Spoofing is to introduce with other or fake identity and attack or gather information. Like mobile number spoofing, IP address spoofing etc.

Common tools or applications are Ettercap-GUI, Driftnet, Bettercap, etc.

Social Engineering Tool

Social engineering is the way or strategy to manipulate or directed targeted person sentiments so that give up confidential information.

It’s a long process and required planning and social engineering tools.

Stress Test

Firstly use for DoS (Denial of Service ) with the clear intention to slow down the server resources like CPU and RAM (what is computer).

The above things are done by loading or providing so much data to process at the server.

Like Inviteflood attack on SIP devices by sending multiple invite requests.

Application slowhttptest is one of the examples of stress test software.

Now at the end (Conclusion)

This is not all but still, lots of things are there if really interested then this article is starting.

Main intention to make familiar with the security and privacy issue on the network.

Hope after reading all above will have a better understanding and better position to protect our-self or at least be cautious.

Of course if learn well then can use to recover account again. It is good and less expensive to start learning about security systems.

Fully tested and known fact rpi 4 perform like other laptop but still very small in size.