Tuesday, July 3, 2012

Raspberry Pi with a side of BeEF

A guest post from our friend g13:

The Raspberry Pi(http://www.raspberrypi.org) is a $25 ARM GNU/Linux box that is the size of a credit card. The applications for this little device are seemingly endless. So naturally I picked one up and started working on some penetration testing scripts for this box. One of my goals was to get BeEF running; which I have done.


BeEF comes with a couple installation scripts. I used these as a starting ground to get BeEF running on the Raspberry Pi. The script I started with was the "install-beef" script. After running the script, I noticed that the install failed after trying to install rvm. It appeared that even though rvm installed, it was not available to run. I was able to track this down to a PATH issue. In the install-beef script, the $HOME/.rvm/scripts/rvm file is referenced. That file was never created. I changed the install-beef script to contain a line which created the symbolic link between /usr/local/rvm/scripts/rvm and the one in my local path. After that, everything went off without a hitch!

I also removed some of the code to detect other OSes as the script is intended to only run on the Raspberry Pi. I would also like to note that during the installation, Ruby 1.9.2 is compiled and installed. I highly recommend changing the RAM allocation from 128/128 to 224/32. This will speed up compile time. If you are not familiar with how to do that, here is the command:
As Root: cp /boot/arm224-start.elf /boot/start.elf

BeEF takes about 1 minute to load after the RAM changes are made.  It is not recommended to run X while running BeEF.  Navigating to the UI from another machine is decent, but not as snappy if BeEF was run from more powerful hardware.  I tested hooking a few clients and the performance in the UI did not degrade.

Of course, what would this post be without a screen shot of BeEF running on the Pi:

I have included my modified install script in the PwnBerryPi pentesting suite which is available on github.

23 comments:

  1. It is my first visit to this webpage; I am going by this site and read your post, for example, important and supportive blog entry .

    ReplyDelete
  2. an interesting and well-written post, and if you need help writing, then the https://ordercheappaper.com/thesis-papers/ service will help you in this so that you have more time for yourself

    ReplyDelete
  3. Take a look at this great list of homework apps, that are designed to help students.

    ReplyDelete
  4. This posts lists some options windows 10 help support & resources on how to get help in Windows 10. Some built-in, some via Help Desk or Support or Community forums and websites.

    ReplyDelete
  5. It is my first visit to this webpage; I am going by this site and read your post, for example, important and supportive blog entry .

    https://popcorntimeapk.org/

    ReplyDelete
  6. Your blog website provided us with useful information to execute with. Each & every recommendations of your website are awesome. Thanks a lot for talking about. Satta Matka

    ReplyDelete
  7. A Raspberry Pi has to run a full operating system which includes things like processor threading, user handling, and file services so it can struggle to push bits out at the speeds required. BK Experience

    ReplyDelete
  8. This is indeed a great and enriching experience, a part from work it enables you to explore new things and learn some amazing skills pikview

    ReplyDelete
  9. Good Post! Thank you so much for sharing this pretty post, it was so good to read and useful to improve my knowledge as updated one, keep blogging.

    Selenium with python Training in Electronic City

    ReplyDelete
  10. Sickbits is a library of unlimited hacks for android, ios smartphones. Get unlimited amount of hacks and modes for mac & pc. https://sickbits.net/

    ReplyDelete