MyLittlePwny - Make a self powered pentesting box out of the Raspberry Pi for around $100

MyLittlePwny is a $100 portable wireless pen-testing drop box running PwnPi or Ha-pi (Untested). It is cost efficient, modular, easy to put together and, unlike PDAs and smartphones, the hardware is fully extensible.

AUTHOR EDIT: It was requested that I explain exactly what "Pentesting" is. Pentesting is short for Penetration testing and while it can refer to the process of testing inked writing implements, I am referring to the process of testing a wireless access point, and underlying network, for security flaws.
http://en.wikipedia.org/wiki/Penetration_test
While I am not a network professional, I can tell you that there are MANY tools used for doing this; some open and some proprietary. I also say that this is a Penetration testing platform because it refers to the lawful testing of your own access point against security flaws....Unless you work for a government agency, in which case you are the law and you can use it to steal network traffic from the bad guys. Now, let's get cracking....no pun intended.

Here's what you'll need.

Raspberry Pi Model B.    $35 + shipping (maybe $42 max)
I recommend getting the Model B, because it has an Ethernet port, which is useful if you want to SSH tunnel into it for remote use.

USB to MicroUSB (May come with Battery Pack) Free if you have one or get it in with your battery pack. Otherwise I paid $15 for a Motorola charging cable before I got one with my battery.

Alpha AWUS 036H Wireless Adapter   $40
I recommend the Alpha 036H because it is a very cost effective adapter and works well on the distribution you'll be using.

8GB Class 4 SD card (tested)   $8 on sale
This is the SD card that I have and it works great. The image consists of a 4.1GB partition and 0.78 GB partition, so 8 GB's to be on the safe side.
You're going to image (dd) to this with pwnpi in this instructable: http://sourceforge.net/projects/pwnpi/

Gigaware Modular Powered USB hub With an extra male USB for powering the hub $8
I bought this from Radioshack and it works great, but you can use anyone as long as it take it's power from a USB cord not AC adapter.

5000 mAh power pack with 2 USB power ports. Powers is for about an hour. $14 + $6 shipping to New Jersey
I bought this one because it was cheap and works fine. http://www.amazon.com/gp/product/B004P8E612/ref=olp_product_details?ie=UTF8&me=&seller= . It was literally from China, the return adress was the Hong Shu Paint Building. You can also get them from Newtrent and other phone accessory places if you don't want to wait a week for it.

Mouse and Keyboard Free or cheap (depending on if you already own them)

Some little existing knowledge of Linux commands and working with wireless drivers. Knowledge is FREE!

Now that we have our parts and our thinking caps on, let's get to it!

Remove these ads by Signing Up

Step 1: Imaging your SD card.

First we must prepare our SD card with an image of PwnPi. http://sourceforge.net/projects/pwnpi/files/
Download and unzip it with your program of choice.

Next, we must image our card with a program. I use ImageWriter from the Ubuntu Software Center.
If you're using linux, you can dd it to your card as well.
If you're using windows, you can use https://launchpad.net/win32-image-writer/

At this time, you may want to start charging your battery pack.

tacticalninja says: Sep 20, 2012. 10:43 AM

I did a similar set up (which I still am using). To improve on your battery life, you can ditch the Alfa Network adapter and use a low power one (Airlink 101 has this great RTL8187 based usb adapter, since your design is small enough you don't really need a long range wireless adapter when you can drop it nearer the access point that you're trying to crack). This will greatly reduce the Watts consumed to about 2.80 W (or less since the USB adapter will only be powered from the RPi's USB Port).

Bellerophon2200 (author) in reply to tacticalninjaSep 20, 2012. 4:31 PM

That's awesome! I'll check it out, because you're right, you can leverage the size to save power. Thank you.

Skymeat says: Jul 29, 2012. 11:47 AM

Great Stuff! I've also been waiting for people to start doing cool things with the Pi. I only wish you could power it with PoE!

tacticalninja in reply to SkymeatSep 20, 2012. 10:32 AM

Sure you can, though you need to do some soldering.

XTL says: Jul 29, 2012. 2:43 PM

The WR703N modem is an integrated wifi and linux box for only 25 dollars.
The pen testing distribution and instructons are here.
http://www.minipwner.com/

tacticalninja in reply to XTLSep 20, 2012. 10:28 AM

Yeah I did something similar using that mini-router. Since the router part is built-in on the board and can be an access point on it's own, the only thing left for me to do is host fake websites, wherein people will be redirected to a fake frontpage of a website (facebook twitter myspace etc.) using captive portal and returns a "403 error Page Not Found" when they login with their credentials. Those credentials are then saved on a mySQL database using PHP5.

geneorama says: Aug 2, 2012. 1:48 PM

I'm so glad you defined "pentesting". Very nice intro, background... and pun

wakojako says: Jul 26, 2012. 2:26 PM

Damn it! You had to get here first! I had the exact same idea.
I tip my hat to you still - great 'ible.

Bellerophon2200 (author) in reply to wakojakoJul 27, 2012. 2:55 PM

Thanks man! I'm just glad I could put some thoughts to page. There are still SO many better ways to make it mobile with a more robust power source that lasts longer. Please let me know about your mods, would love to do more with my Pi. :D

wakojako in reply to Bellerophon2200Jul 30, 2012. 3:11 AM

Oh I will.

I was thinking somewhere along the lines of Hak5's "Wi-Fi Pineapple".* My idea (well, one of) was to have airdrop-ng running to force all nearby clients onto my rogue AP (on the Pi) or automate dsniff's Arpspoof to automatically become the man in the middle.

For black hat stuff, you could of course run sslstrip to acquire passwords etc but I was thinking of a more grey hat kind of thing.

E.g. A script could automatically use these password to gain access to the compromised account (E.g. facebook, twitter etc) where it would post a warning message that the account has been compromised and that the user should take better precautions to protect their data - very much like what Idiocy** does. This is only one idea though, I may think up a better one if I get a Pi.

*You'll love Hak5 if your into this kind of thing (link to the episode I referenced)
**Idiocy (It's a safe link, it's only the tool that does the hacking, not the site)

Bellerophon2200 (author) in reply to wakojakoJul 30, 2012. 10:37 AM

Awesome idea man! I've never even heard about Idiocy, that's really cool! Thanks for letting me know about that. I've also thought about installing Karma, but I can't find the time working two jobs haha.

Skymeat in reply to Bellerophon2200Jul 30, 2012. 7:25 PM

How about one of these: http://www.fxitech.com/products/? Whole deal could be powered by any usb power. I know a dozen places that could be hidden in my house with little likelihood of finding it.

wakojako in reply to SkymeatAug 2, 2012. 1:11 AM

For power I was thinking if a sealed lead acid battery from Toolstation - two 4ah 6volt ones are only 18 quid. The problem is (apart from not having a pi) that my current USB wifi card (zyxel nwd-270n) is a bit naff, for karma or long range I'd want a awus036nha from alfa but they're the same price as a pi.

absolutekold says: Jul 30, 2012. 6:10 AM

For some of those who are questioning the concept of pentesting is more of a hacker centric idea. Sadly there is still a rift between hacker logic and mainstream IT engineering although that rift is shrinking.

A device like this is perfect for "red team" exercises. The concept dates back to the cold war wargames where a malicious "red team" would attack and the "blue team" would defend. This concept has been updated and is becoming widely implemented in network security. A company hires either an outside organization or has an internal member simulate going rogue and they attempt to do bad things. There are ground rules written up at the start as what is untouchable but the system security personell are usually left in the dark. This way both human and hardware systems are tested. At the end of the exercise both teams are brought together and the weaknesses are analyzed and are either resolved or at least the network admins are made aware of their existence and can adjust their practices accordingly.

as inexpensive and easy as this device and others like it are to construct it would be a choice tool in a person wishing harm upon any network. or an equally valuable tool to the system administrator who tend to often be hampered by cash and hardware constraints.

absolutekold in reply to absolutekoldJul 30, 2012. 6:11 AM

wikipedia article on red team.. for fun reading

http://en.wikipedia.org/wiki/Red_team

kmpres says: Jul 29, 2012. 4:13 PM

Yes, I too, am involved with network engineering and have never heard of this. For those of us who don't know, could you please explain what pentesting is, and what you can use your pentesting box for? Thanks.

Light_Lab says: Jul 29, 2012. 3:55 PM

Like Billyup I too had to search the internet to find what "Pentesting" meant. As it turns out I am actually involved in network penetration testing but we don't use the term "Pentesting" at the company where I work here in Oz, possibly because of the confusion with with testing writing implements. It would help if you explained at the start exactly what the device is used for and expanded the section on it's use.

billyup says: Jul 29, 2012. 7:57 AM

Some of these things are WAY PAST me even knowing what you talk about! I had to do two searches to even find out what "Pentesting" meant!

David97 says: Jul 27, 2012. 4:11 AM

I have just bought a raspberry pi and thought that it's great to finally see instructables comming out about it. I have intentions of making mine mobile!!!