add arrow-down arrow-left arrow-right arrow-up authorcheckmark clipboard combo comment delete discord dots drag-handle dropdown-arrow errorfacebook history inbox instagram issuelink lock markup-bbcode markup-html markup-pcpp markup-cyclingbuilder markup-plain-text markup-reddit menu pin radio-button save search settings share star-empty star-full star-half switch successtag twitch twitter user warningwattage weight youtube

Use A Raspberry Pi 3b+ on computer to make a Rogue Access Point?

Dracomaster9

12 months ago

My school is having a Raspberry Pi club start in a week, and we're literally allowed to do anything we want with it when we get it, so i wanna make it so i can plug it into a laptop or desktop via Ethernet, do some form of SSH and use the screen for the Pi, share Wi-Fi and get access to the network. I plan on going into Cyber security as a minor in college, so i want to get a head-start by learning some pen-testing tools. so to clarify my intent, i would like to be able to:

Use Kali Linux on my Pi 3b+

Interface via Ethernet to a laptop/desktop and use it as a Rogue Access Point.

and RAT the Rogue Access Point to gain entry into the system beyond just Wi-Fi Conenction.

If you know how to do this, or if you can link any guides, I would greatly appreciate it. Thank you!

Comments

  • 12 months ago
  • 2 points

What Darth had is a good startup for Kali Linux, I've used it before on one of my Pi3's when I was playing around with Linux. I mainly tried using a wireless connection as a Rouge AP, which I had to buy a wireless adapter for, of course. I am unsure, but after some research I'm not entirely sure if you can use the Ethernet port as a part of your setup, but you can use WiFi as previously mentioned, and setup, and it seems there is a nice tool to setup everything as need be called Pumpkin Pi.

However, if you wish to set everything up yourself (since it's for educational purposes of course), there are plenty of tutorials that explain how to setup your own AP with an RPi. I'm still a complete novice when it comes to security as well, but I believe you could perform a MiTM attack and find a vulnerable system that the victim PC is potentially trying to connect to, steal the credentials that it's using to connect, and login as said user on that system. Of course, you're not really connecting to that PC directly, but you're also compromising possible network credentials (providing there is more than one computer at play here). If you'd like a cheap investment for a WiFi dongle that supports promiscuous mode, I bought this one and it worked well for what I was playing around with. Social engineering tools on Kali are also fun to play around with.

As an aside, I think you would end up learning more about the tools themselves if you setup your own lab via VMs that are all interconnected with each other. The RPi is definitely good for portability, though!

  • 12 months ago
  • 1 point

Thank you for the helpful information! I'm reading up on these as i type this. I do have one more question though, how would i interconnect a bunch of vms?

  • 12 months ago
  • 2 points

No problem! Depends on what VM solution you're using. I've done testing with Virtual Box and had a setup as such:

Kali as my main VM Metasploitable Windows 10/7 Debian linux

There's a tutorial on Lynda (if you have access to it) that guides you how to setup an at-home lab such as that, but the gist for the networking portion is that in VirtualBox, you can create a NAT network in the Virtual Box Preferences, and on each VM you can set your network to be a part of that NAT Network. This network in virtual box can have it's own range of IPs set, and then you can assign it as the default network connector when setting up your virtual machines. Once all are running, you should be able to ping each virtual machine from within the other one! There's some handy videos in how to set it up, and Oracle themselves have a really good blog posst on networking within VirtualBox :)

  • 12 months ago
  • 2 points

Nice! Thank you for your help!

  • 12 months ago
  • 1 point

Have you checked this out already for the Kali install? https://docs.kali.org/kali-on-arm/install-kali-linux-arm-raspberry-pi

I haven't done it myself so I can't really give you any advice, but the doc seems pretty easy to follow.

Sort

add arrow-down arrow-left arrow-right arrow-up authorcheckmark clipboard combo comment delete discord dots drag-handle dropdown-arrow errorfacebook history inbox instagram issuelink lock markup-bbcode markup-html markup-pcpp markup-cyclingbuilder markup-plain-text markup-reddit menu pin radio-button save search settings share star-empty star-full star-half switch successtag twitch twitter user warningwattage weight youtube