Connect rpi0 to switch using microUSB-Ethernet adapter. Login to switch and chechk the IP address, then you can ssh to it pi@192.168.1.xx
Saturday, September 21, 2019
Wednesday, September 18, 2019
Setting up a Damn Vulnerable Raspberry Pi Server
https://null-byte.wonderhowto.com/how-to/set-up-practice-computer-kill-raspberry-pi-0177320/
https://www.youtube.com/watch?v=fKOX4InkaGc
https://www.youtube.com/watch?v=B0MQqyBe1_g
Dowload from here:
https://whitedome.com.au/re4son/download/sticky-fingers-dv-pi-3/
and unzip the img file using 7-zip
Use win disk imager to copy to microsd card. I am using 16GB sd card.
Create a new file called ssh in /boot
Create this file in /boot :
[wpa_supplicant.conf]
network={
ssid="NETWORK_NAME"
psk="NETWORK_PASSWORD"
key_mgmt=WPA-PSK
}
Eject and insert into rpi0 and boot.
Scan your network for ip address with zenmap.
Either look for port 22 open, or, dv-p3 name.
Then ssh to it with putty, ssh pi@192.168.1.48, passwd: raspberry
If you are using rndis (direct usb connection with bonjour), then :
ssh dv-pi3.local using putty
Then:
dv-pi status # Show status of vulnerable applications
dv-pi start # Start vulnerable applications
dv-pi stop # Stop vulnerable applications
Hacking rpi0:
`````````````````
https://www.youtube.com/watch?v=p5QwtYYeZZY [ basic msfconsole and msfvenom ]
https://shaneoneill.io/2018/11/17/hacking-your-own-raspberry-pi-part-2-wordpress-exploits/
https://www.youtube.com/watch?v=fKOX4InkaGc
https://www.youtube.com/watch?v=B0MQqyBe1_g
Dowload from here:
https://whitedome.com.au/re4son/download/sticky-fingers-dv-pi-3/
and unzip the img file using 7-zip
Use win disk imager to copy to microsd card. I am using 16GB sd card.
Create a new file called ssh in /boot
Create this file in /boot :
[wpa_supplicant.conf]
network={
ssid="NETWORK_NAME"
psk="NETWORK_PASSWORD"
key_mgmt=WPA-PSK
}
Eject and insert into rpi0 and boot.
Scan your network for ip address with zenmap.
Either look for port 22 open, or, dv-p3 name.
Then ssh to it with putty, ssh pi@192.168.1.48, passwd: raspberry
If you are using rndis (direct usb connection with bonjour), then :
ssh dv-pi3.local using putty
Then:
dv-pi status # Show status of vulnerable applications
dv-pi start # Start vulnerable applications
dv-pi stop # Stop vulnerable applications
Hacking rpi0:
`````````````````
https://www.youtube.com/watch?v=p5QwtYYeZZY [ basic msfconsole and msfvenom ]
https://shaneoneill.io/2018/11/17/hacking-your-own-raspberry-pi-part-2-wordpress-exploits/
Friday, September 13, 2019
P4wnP1
https://www.youtube.com/watch?v=Pft7voW5ui8 [ July 27 2017 ]
https://www.youtube.com/watch?v=KDJKE10LCjM [ Sept 1 2017 ]
https://www.youtube.com/watch?v=I_BjCdJlCo4 [ May 18 2019 ] use this for P4nP1 install
https://www.youtube.com/watch?v=-QrfCNUxKgE&t=15s [ June 2 2019 ] tried this too see comments below
Steps to build P4wnP1 ALOA:
1. Download the release:
https://github.com/mame82/P4wnP1_aloa/releases
2. Use 7-zip to xtract the xz file to get the img file
3. Flash 8GB microsd card using Win 32 Disk Imager
4. Insert microsd into RPi0
5. Connect to Access Point: P4wnP1 with password: MaMe82-P4wnP1
6. You can also ssh to it: root with password: toor
Problems with USB Mass storage is solved by disable those USB Gadgets (from Web Interface/USB Settings) which you don't use, eg CDC ECM, RNDIS
https://github.com/mame82/P4wnP1_aloa/issues/131
https://github.com/mame82/P4wnP1_aloa/issues/138
Using seytonic's file exfiltration script :
https://pastebin.com/k4xjwPxg
will copy files from user's home directory:
C:\Users\paul
Tried backdoor shell, very slow terminal. Zaid's python reverse_backdoor is much faster.
https://www.youtube.com/watch?v=KDJKE10LCjM [ Sept 1 2017 ]
https://www.youtube.com/watch?v=I_BjCdJlCo4 [ May 18 2019 ] use this for P4nP1 install
https://www.youtube.com/watch?v=-QrfCNUxKgE&t=15s [ June 2 2019 ] tried this too see comments below
Steps to build P4wnP1 ALOA:
1. Download the release:
https://github.com/mame82/P4wnP1_aloa/releases
2. Use 7-zip to xtract the xz file to get the img file
3. Flash 8GB microsd card using Win 32 Disk Imager
4. Insert microsd into RPi0
5. Connect to Access Point: P4wnP1 with password: MaMe82-P4wnP1
6. You can also ssh to it: root with password: toor
Problems with USB Mass storage is solved by disable those USB Gadgets (from Web Interface/USB Settings) which you don't use, eg CDC ECM, RNDIS
https://github.com/mame82/P4wnP1_aloa/issues/131
https://github.com/mame82/P4wnP1_aloa/issues/138
Using seytonic's file exfiltration script :
https://pastebin.com/k4xjwPxg
will copy files from user's home directory:
C:\Users\paul
Tried backdoor shell, very slow terminal. Zaid's python reverse_backdoor is much faster.
Monday, September 9, 2019
Setting up Raspberry Pi's wifi
To connect to Raspberry Pi wirelessly over Wifi:
ssh to it with USB, then create the file called: wpa_supplicant.conf in /boot with this contents:
network={
ssid="NETWORK_NAME"
psk="NETWORK_PASSWORD"
key_mgmt=WPA-PSK
}
Then reboot. You can then use putty to ssh to its ip address, or, use Windows' Remote Desktop to connect to the IP. My Raspberry Pi's IP was 192.168.1.10
Once you boot up, it will move the wpa_supplicant.conf to /etc/wpa_supplicant/
if you use rndis (usb ethernet) then you connect to :
ssh pi@raspberrypi.local
or
ssh pi@dv-p3
but if you use wireless, then use zenmap to scan port 22 services and connect to pi based on ip:
ssh pi@192.168.1.60
ssh to it with USB, then create the file called: wpa_supplicant.conf in /boot with this contents:
network={
ssid="NETWORK_NAME"
psk="NETWORK_PASSWORD"
key_mgmt=WPA-PSK
}
Then reboot. You can then use putty to ssh to its ip address, or, use Windows' Remote Desktop to connect to the IP. My Raspberry Pi's IP was 192.168.1.10
Once you boot up, it will move the wpa_supplicant.conf to /etc/wpa_supplicant/
if you use rndis (usb ethernet) then you connect to :
ssh pi@raspberrypi.local
or
ssh pi@dv-p3
but if you use wireless, then use zenmap to scan port 22 services and connect to pi based on ip:
ssh pi@192.168.1.60
Sunday, September 1, 2019
Subscribe to:
Posts (Atom)