Overclocking the Pi

By K4Paul 0 Hardware, Kali, Linux , , , , , ,

Today, I wish to speed up my Raspberry Pi, it’s just too slow in opening up applications and jazz. After a google search on common ways to speed up your Pi I accumulated the following list of improvement methods:

  • Ensure you have the right type of SD card for the load, SDHD is good
  • Make sure you are getting the most out of you SD card by maximizing the partition. (I explained how to do this in this post)
  • Kill X applications, or the GUIs such as the desktop (In my case, I want the GUI so that’s not going to happen)
  • Use insserv –r to remove unwanted startup or init scripts
  • Overclock the sucker!

Overclocking

According to Wikipedia, “…overclocking is the process of making a computer or component operate faster than the clock frequency specified by the manufacturer by modifying system parameters.”

WARNING: Before overclocking your Pi be warned that power consumption may increase. You should be using a quality power supply, such as a wall adapter. Also, your Pi may emit quite a bit of heat depending on how high you clock it. It would be wise to consider a fan or something to regulate the temperature of the device.

I followed the tutorial here quite a bit during my experience of dealing with Pi overclocking.

Basically, I used raspy-config, I explained how I installed the configuration tool on Kali here.

Command:

raspi-config

This will open up the Raspbian configuration menu.

Screen Shot 2014-02-11 at 9.08.07 PM

From the menu, select overclocking and choose your desired setting. Take the warning seriously, overclocking your system can shorten its life or even prevent the thing from starting up. Take things slow!

Screen Shot 2014-02-11 at 9.07.54 PM

Voila, reboot and there you have it.

 

PIR Sensor on the Pi

By K4Paul 3 Hardware, Kali, Linux, Python , , , , , , , , , , , ,

Today I soldered a PIR sensor to my Pi! Basically, I want it to detect movement and turn on a LCD screen, then turn the screen off again after a minute of no movement. So when I walk into a room, the screen turns on and when I leave, the screen turns off.

Equipment

Solder

First thing, I looked up the pinout for the Raspberry Pi. The below diagram comes from elinux.org.

We care about one of the 5V, ground and GPIO25 pins.

  • Solder the sensor red cable to either 5V.
  • Solder the black cable to ground.
  • End by soldering the yellow line to GPIO25.

Your results should be similar to my picture below.

back

Next, I used this guy’s pir.py script. The script requires the Python library RPi.GPIO. I installed this by downloading the library from here, the direct link is here. To untag or unzip the file I used the following command:

tar -xvf RPi.GPIO-0.5.4.tar.gz

Before installing it, make sure you have python-dev installed.

apt-get install python-dev

With that necessary package, install RPi.GPIO.

cd RPi.GPIO-0.5.4
python setup.py install

Now you can run the pir.py script. I made some slight changes to his code. I didn’t feel the need to call separate scripts to run a single command so I made the following edits.

import subprocess

to

import os

and

def turn_on(): 
    subprocess.call("sh /home/pi/photoframe/monitor_on.sh", shell=True)
def turn_off(): 
    subprocess.call("sh /home/pi/photoframe/monitor_off.sh", shell=True)

this

def turn_on(): 
    os.system("chvt 2")
def turn_off(): 
    os.system("chvt 2")

Run the script and test it out! The sensor will turn off after a minute of no movement and on again once it detects something. I ended by setting my script to run on startup.

2014-01-30 20.33.51

I need to put a picture in the frame to act as background to the pi…

TightVNC on my Kali Pi

By K4Paul 0 Kali, Linux , ,

To get VNC running, you just need to install the tightvncserver package.

sudo apt-get install tightvncserver

Then to run, use the following command.

tightvncserver

After running the command, the terminal will display the hostname and display VNC is operating on. That’s it! Your pi now has a VNC server running on it. This tutorial goes into detail on how to set it to run on startup.

I use Chicken of the VNC on my MAC as a client to connect to the server.

Soldering an LCD to the Raspberry Pi

By K4Paul 0 Hardware, Kali, Linux , ,

Adafruit sells some really cute LCD screens for the Pi. I recently purchased such screen and decided to solder the screen directly to my Pi after seeing this guy’s cool pi project.

So to catch up on what I’ve done so far on my Pi, check out this post. The following steps discuss my experience soldering the pieces together.

Equipment

  • My Pi
  • Soldering Iron (Aoyue 937+ is about $63 on Amazon)
  • Solder ($8.16 Amazon Prime)
  • Battery Holder ($3.86)
  • 4 AA Batteries
  • Electric Tape
  • Double Sided Tape
  • A frame to hold it all

2014-01-23 19.42.58

Putting the Parts Together

2014-01-23 19.56.18

I first soldered the LCD power lines to the batter pack. The LCD runs on 6-12V. I found this cheap battery holder on Amazon that could hold four AA batteries or 6V total. The power lines are the two that did not come attached to one of the two RCA connectors. Solder the red to the positive (+) battery pack output and the black to the negative (-) output. Think as red surging hot with power and the black as dead or negative of surging power.

Not sure this is the best soldering technique but I normally tint the soldering iron tip with a bit of solder first then I set that tip against the connection point. Last, I’ll stick the wire into the hot solder on the iron touching the connection point before carefully removing the iron from the solder.

2014-01-23 20.31.13

I had batteries in the holder during this process so I could see the LCD powered on and ensure the wires were soldered correctly in place. Just be careful, don’t shock yourself.

Next, I cut off one of the RCA connectors. Basically one connector is a backup for the other, if there isn’t a signal coming in on one, the other is checked or used. It does not matter which one you choose to hook up to the screen. Make sure not to cut off too much wire during this process.

Following, I striped some of the insulator back off the wire then soldered it to the board. The picture below shows where I soldered everything on the under side of the Pi. Your colored cables might not be the same as mine. Test everything before you actually solder it onto the board. It’s easy just power on the Pi and test the wires to see what actually outputs video to the Pi.

2014-01-23 20.21.54

Tah dah! Now everything is hooked up! I then taped it all to a frame to make it pretty.

2014-01-23 22.02.11
Back
2014-01-23 22.01.52
Front

From here, you may be interested in having the Pi auto login (not advisable but I did it) and boot startx (the desktop GUI). This was the most helpful tutorial for accomplishing the auto boot stuff.

I’m pretty proud.

My Ultimate Network Monitor/Enumeration Tool – Putting It All Together

By K4Paul 0 Enumeration, Exploit, Fingerprinting, Kali, Linux, Networking, Penetration Testing, Python, Vulnerability Scanner , , , , , , ,

Finally, all the parts come together. Look at my previous posts for all the pieces to building the LilDevil network monitor and enumeration tool.

The LilDevil

So this tool I created sits on a Raspberry Pi. Its purpose is to monitor and enumerate all devices currently connected to a network. In this case, it sits on my Guest network. Tomato Shibby is running on my router and I used its web interface to setup the network, along with limiting access. For all guests jointing this network, they are warned by the router’s splash page that tools such as this will be running. Its a free network and they really can’t expect anything different going on. In this case, its not malicious, but it is good practice to be wary of guest networks.

To be less suspicious, the hostname of the Raspberry Pi is RainbowDash 😉 This amuses me so much, the perfect disguise! If I saw a device named LilDevil running on a guest network I would be totally alarmed. I also themed the Pi accordingly, see the below screenshot. The coloring isn’t perfect, I blame VNC.

RainbowDash

The Pi runs a Django Restful server that stores mmap scan information about detected machines on the network. The Python 2.7 scripts for this are here. I had to make a few versions in order for things to work on Django 1.6.

In views.py, change

encoded = json.loads(request.raw_post_data)

to

encoded = json.loads(request.body)

Also, I had to make some changes in dirtBag.py, in order to get the ping sweep to work appropriate.

Change MIN and MAX to an integer instead of a string.

MIN="0"
MAX="12"

to

MIN=0
MAX=12

Here is a copy of the new main function.

def main():
    global results
    while 1:
        new = ""
        for x in range(MIN,MAX):
            new = new + commands.getoutput("ping -c 1 -t 1 "+PREFIX+"."+str(x) + " | grep 'from'") #Ping sweep the network to find connected devices
        tmp = re.findall(PREFIX+".(d+)", str(new)) #Pull out IP addresses from the ping results
        if tmp != results:
            for ip in tmp:
                if ip not in results:
                    gotcha = commands.getoutput('nmap -v -A -Pn '+PREFIX+'.'+ip)
                    sendDevice(gotcha)
            for r in results:
                if r not in tmp:
                    removeDevice(PREFIX+'.'+r)
            results = tmp

The information is up to date on all devices currently connected. It may be nice in the future to include a log of all scans but for now, I’m really only interested in connected machines.

Data is then displayed in a visible GUI. The below screenshot shows the tool windows along with the GUI. Currently, no devices were connected to the network.

Screen Shot 2014-01-17 at 9.27.49 PM

 

Ahhh it detected a device… in this case, itself.

Screen Shot 2014-01-19 at 7.58.55 PM

There you have it! A portable network enumeration tool. There are so many versions of this everywhere, but this is just something I coded up for fun. I plan to add to the Pi later for kicks.

Playing with the Pi: Portable Server

By K4Paul 0 Kali, Linux, Python , ,

I want to use my Kali Raspberry Pi as a RESTful proxy server. Nice thing is, the little pi is portable!

My favorite web framework… still Django! While searching the web, I found a lot of extra crap people reported as necessary for the install. It really is an easy process… at least Kali.

Install Django on the Pi
This was actually very easy. Make sure everything is updated on the device.

sudo apt-get update

Following, install pip. This python package manager will be used to download Django.

sudo apt-get install -y python-pip

Follow up with Django.

sudo pip install django

Easy sauce, not a hard install at all. This installed Django 1.6. Here is a great tutorial on how to build your first app.

Pi Time!

By K4Paul 0 Kali, Linux , , ,

Just bought my own Raspberry Pi (Model B), endearingly named the Lil Devil. I’ve worked with Pi’s at school but now I have my own, sweetness.

Lil Devil

“The Raspberry Pi is a credit-card sized computer that plugs into your TV and a keyboard. It is a capable little computer which can be used in electronics projects, and for many of the things that your desktop PC does, like spreadsheets, word-processing and games. It also plays high-definition video” (raspberrypi.org).

My environment:

So now that I have one, I’m going to put Kali back on it along with OpenVAS, see previous post.

Imaging the SD

This time to image my SD card I used dd on my Mac. When I imaged the SD on my PC, I used Win32 Disk Imager. For dd:

With the SD card inserted into your computer, check where it is mounted with either fdisk (Linux) or diskutil (Mac).

fdisk - l

or

diskutil list

Locate your SD. Mine was located at /dev/disk2 (seen in screenshot below).

Screen Shot 2014-01-10 at 7.50.24 PM

Unmount the SD.

unmount <SD LOCATION eg /dev/...>

or

diskutil unmountdisk <SD LOCATION /dev/...>

Screen Shot 2014-01-10 at 7.51.22 PM

Lastly, use dd to image the SD card, the command is the same on both platforms. You can either use a custom Kali Pi image or a normal Kali image.

sudo dd if=<IMG LOCATION> of=<SD LOCATION /dev/...>

WARNING: Make sure to select the write SD location, you do not want to wipe your computers HD!

This may take some time depending on the size of your SD.

Starting it Up

Plug all the pieces together (HDMI cable, mouse, keyboard, WiFi adapter, USB to power supply, and SD).

The default credentials for Kali is root:toor.

This was super annoying but dd did not image my entire SD card, it made a small 4GB image (The size of the image I had, most pi images are 2GB from what I hear.) I ended up installing raspy-config in order to expand my image partition on the card. I followed these instructions.

Once I had my PI going, I checked that the WiFi was working correctly. I followed this tutorial to get it working. Following, I was able to SSH immediately (I found the IP address on my router’s web interface), some of you might have to configure OpenSSL. This way you can SSH into the device without the need of a dedicated monitor, HDMI cable, keyboard or mouse.

rm /etc/ssh/ssh_host_*
dpkg-reconfigure openssh-server
service ssh restart

Always good to update your libraries and upgrade your system.

sudo apt-get update
sudo apt-get upgrade

Cool, the environment is now ready for whatever you want to do. If you are worried about security, bastion.sh is a really cool tool designed to tighten security on any Linux device. Worth trying.

More Pi fun to come!

OpenVas for Kali Linux on the Raspberry Pi

By K4Paul 7 Kali, Vulnerability Scanner , , , ,

I’m working on creating a semi-portable security platform. I decided to experiment with installing and using the armel version of Kali Linux (the new backtrack OS) on the raspberry pi. Initially, I faced a lot of problems getting OpenVAS to work on the device. This is one of the very few if only open source armel vulnerability scanners I could find. The following steps cover my successful attempt to setting up OpenVAS for anyone else interested in working with this tool in Kali on a Pi. Be prepared to spend a good amount of time waiting for the plugins to install and the database to update.

  1. Downloaded and installed a fresh armel image of Kali (http://www.kali.org/downloads/). I used this image (Username: root, password: toor).
  2. Use a disk imager to image a SD card with the Kali image to run on the Pi. I used Win32 Disk Imager.
  3. Insert the SD card into the pi and power it up.
  4. You may want to expand the partition created by the disk imager, a tutorial on how to expand an active partition can be found here.
  5. Set the correct date if needed: 
    date <month><day><hour><minute><year>.<second>
  6. Create the openVAS certificate: 
    openvas-mkcert
  7. Create the openVAS client certificate: 
    openvas-mkcert-client -n om -i
  8. Download the openVAS NVT’s (This takes a few minutes): 
    openvas-nvt-sync
  9. Start the openVAS scanner (This takes 30+ minutes.): 
    openvassd
  10. Build the openVAS database (This can take an hour or more.): 
    openvasmd --rebuild
  11. Create an admin account: 
    openvasad -c 'add_user' -n openvasadmin -r Admin
  12. Update the  openVAS database with the latest definition (This can take an hour or more.): 
    openvasmd --update
  13. Migrate the database (This can take an hour or more.): 
    openvasmd --migrate
  14. Rebuild one last time to be safe (This can take an hour or more.): 
    openvasmd --rebuild
  15. Start the openVAS manager on port 9390: 
    openvasmd -p 9390 -a 127.0.0.1
  16. Start the openVAS admin: 
    openvasad -a 127.0.0.1 -p 9393
  17. Start GSAD, this is the client tool for openVAS: 
    gsad --http-only -p 9392
  18.  Use the web client to interact with the tool, it can be accessed on http://<IP OF PI>:9392. You can log in with the admin account created earlier.

Capture

That’s it! Now you can use this amazing tool to scan machines in a network!

After a reboot or shutdown, openVAS can be started with the commands:

  1. Start the openVAS scanner (This takes a few minutes this time.): openvassd
  2. Start the openVAS manager on port 9390: openvasmd -p 9390 -a 127.0.0.1
  3. Start the openVAS admin: openvasad -a 127.0.0.1 -p 9393
  4. Start GSAD on port 9392, this is the client tool for openVAS: gsad –http-only -p 9392