Note: The information contained in this instructable has not been updated to reflect current development of The Deck and penetration testing with multiple networked devices based on the BeagleBone Black. Details on this and more can be found in the book Hacking and Penetration Testing with Low Power Devices by Philip Polstra available from publisher, Amazon, or your local book retailer.

The Deck is a full featured penetration testing and forensics system based on the BeagleBoard-xM. It will also run on the BeagleBone. The Deck is an Ubuntu-based Linux distribution. It contains everyone you would ever need and more in a small package. Because the system is low power it can be run for days or weeks from battery power. It should be possible to run The Deck indefinitely from solar power. Having a full set of tools that run on the BeagleBoard-xM and also the BeagleBone allows a lot of flexibility. The Deck is equally suited as a portable penetration testing platform and as a drop box.

More information on The Deck can be found here http://ppolstra.blogspot.com/2012/09/introducing-... Please note that this website will not allow uploading the 3GB install file for The Deck. The appropriate images can be downloaded from my website listed on the blog or preloaded microSD cards are available from a vendor also listed on my blog (I don't get any money from the vendor, so don't feel like you have to use them, it is up to you to decide if you want to save the hassle).

The Deck works equally well on systems with a 7" ULCD7 touchscreen or with an external monitor/TV via the BeagleBoard-xM HDMI or S-video port. My personal setup consists of a BB-xM with the ULCD7 mounted in a Buzz Lightyear lunchbox, a second BB-xM without a display, and a BeagleBone. I connect them together with a USB-powered network hub. I also have 2 Alfa wifi adapters and a directional antenna for wifi hacking.

The Deck debuted at 44Con 2012 in London in September 2012. The slides from my 44Con presentation are available at http://www.slideshare.net/ppolstra1/polstra-44con... You may find these useful if you want to build one of these devices. You might check the website http://www.slideshare.net/ppolstra1/polstra-44con... as the audio and video from this presentation may appear there. It was also presented two weeks later at GrrCON in Grand Rapids, Michigan so you might want to check http://www.slideshare.net/ppolstra1/polstra-44con... for that video as well.

You can find out more about this an other projects on my blog http://ppolstra.blogspot.com or by following me on Twitter @ppolstra.

Step 1: Gather Materials

You will need the following to create your own version of The Deck:
1. A BeagleBoard-xM. True it will run on the BeagleBone, but I recommend the BB-xM for the main system and the BBone for drop boxes and such.
2. A microSD card of at least 8GB. The Deck needs about 6GB (yes, there are lots of goodies in there). Personally, I recommend a 16GB or larger card.
3. A linux computer with the ability to write to a microSD card (perhaps with an adapter).
4. You will need to download the install archive (see next step) or alternatively you can buy preloaded cards at https://specialcomp.com/beagleboard/thedeck.htm (Disclaimer: Special Computing offers these products as a convenience and I am not involved with this company).
5. Optional: If you want to have a small self-contained system you might pick up the ULCD7 7" touchscreen. These run about $139 and you can plug the BB-xM right into them. Alternatively, you can hook your BB-xM up to any TV or monitor that supports HDMI or S-Video.
6. A presenter keyboard/mouse combo. I like the Favi unit which you can get for about $25 from Amazon or other retailers.
7. Optional: If you want a small power supply you can make one with the following: 2 9V battery clips, a 7805 voltage regulator, a small capacitor (100 uF is probably good), a 2.1 by 5.5 mm barrel plug, and a few pennies to use as a heat sink. Note that this can be used to power the device without a touchscreen. The touchscreen sucks a lot of power and I'm not responsible for any fires you start trying to run it off this power supply. You can also use any combination of batteries that are above 6V, including rechargeables.
8. Optional: If you aren't getting the display you might want to get a case for your BB-xM. The same source that sells the preloaded microSD cards also sells acrylic cases. They might even sell you a laser engraved one that those in the picture if you ask. There are other sources of cases for the BB-xM as well or you can custom make your own.

<p>http://www.udcis.org/TheDeck doesnt seem to be alive for downloads</p>
Sorry. Moved to new university. Try sf.net or facstaff.bloomu.edu/ppolstra for current downloads.
<p>I was led to this article after viewing DefCon21 presentation that you put together. I visited your blog, but haven't seen any updates for this (<a href="http://ppolstra.blogspot.com/2012/09/introducing-deck-complete-pentesting.html" rel="nofollow">http://ppolstra.blogspot.com/2012/09/introducing-d...</a>).</p><p>Are you still giving this project any attention? I've got two beagle bone blacks that I'd like to use for this and wanted to make sure I was using updated distros.</p>
Oh, yes. This is very much an ongoing project. In fact, I have written a book Hacking and Penetration Testing with Low Power Devices to be released shortly by Syngress. There will be a brand new 2.0 release to correspond with the book launch. Watch sourceforge or philpolstra.com for the latest. The Deck 2.0 may be released before the book, shortly after I return home from DEFCON 22.
this looks like a really interesting project! but I'm a little confused about what penetration testing is? what is the purpose of the device? is there a reason you want it to be solar powered? do you take it outside?
Penetration testing is something often done by computer security professionals. Essentially what we do is to try and break in (or hack) a company's computer systems in order to make sure that the bad guys can't easily do so. <br><br>The biggest thing The Deck has going for it is that it is extremely portable and low-powered. This allows you to bring it anywhere and run it off of battery power. You can also run the same software on the smaller BeagleBone which is even easier to plant as a network sniffing device. Such a planted device is normally called a drop box. Because of its low power, when run as a drop box on the BeagleBone you can run stuff for days on batteries then pick it up later. You could also put something outside a company's office in which case solar power could be used for extremely long-term deployments.<br><br>Hope this helps.

About This Instructable




Bio: Born at an early age and causing trouble ever since.
More by ppolstra:The Deck - Portable Penetration Testing and Forensics System Cheap and Effective USB Write Blocker Fun Hackable Speaker Timer 
Add instructable to: