Tuesday, July 3, 2012

Raspberry Pi with a side of BeEF

A guest post from our friend g13:

The Raspberry Pi(http://www.raspberrypi.org) is a $25 ARM GNU/Linux box that is the size of a credit card. The applications for this little device are seemingly endless. So naturally I picked one up and started working on some penetration testing scripts for this box. One of my goals was to get BeEF running; which I have done.


BeEF comes with a couple installation scripts. I used these as a starting ground to get BeEF running on the Raspberry Pi. The script I started with was the "install-beef" script. After running the script, I noticed that the install failed after trying to install rvm. It appeared that even though rvm installed, it was not available to run. I was able to track this down to a PATH issue. In the install-beef script, the $HOME/.rvm/scripts/rvm file is referenced. That file was never created. I changed the install-beef script to contain a line which created the symbolic link between /usr/local/rvm/scripts/rvm and the one in my local path. After that, everything went off without a hitch!

I also removed some of the code to detect other OSes as the script is intended to only run on the Raspberry Pi. I would also like to note that during the installation, Ruby 1.9.2 is compiled and installed. I highly recommend changing the RAM allocation from 128/128 to 224/32. This will speed up compile time. If you are not familiar with how to do that, here is the command:
As Root: cp /boot/arm224-start.elf /boot/start.elf

BeEF takes about 1 minute to load after the RAM changes are made.  It is not recommended to run X while running BeEF.  Navigating to the UI from another machine is decent, but not as snappy if BeEF was run from more powerful hardware.  I tested hooking a few clients and the performance in the UI did not degrade.

Of course, what would this post be without a screen shot of BeEF running on the Pi:

I have included my modified install script in the PwnBerryPi pentesting suite which is available on github.

No comments:

Post a Comment