How to Build a Really Small Hacking Box
For some reason, when somebody want to use a small computer for security purposes, everybody comes up with a Raspberry Pi solution. It is, indeed, a pretty neat solution, but it is not the only one, and it may not always be the best choice.
I'm myself a big fan of BeagleBoneBlack. Kali Linux has been ported to Both, BBB and RPi. Most of the Hardkernel 0droid boards can also run Kali. Each board has its pros and cons and, at the end, the one you use is a matter of personal taste.
In this post, I'm going to talk about yet another board. It is not as well-known as the ones mentioned above, but it's pretty awesome and I really love it: Arietta G25.
This one has some pretty interesting features.
- It is small. Really small. Chances are that, whatever battery you use to power it up will be a lot bigger than the device (check my setup below).
- Power consumption is pretty low. Below 200mA most of the time, so it well suited to run on batteries.
- It has a special connector to add a small Wifi adapter, providing a quite compact device (you have to solder the pins yourself though).
On the other hand, the computational power for this board is quite low. The CPU is an ARM9 @ 400MHz and you can have a maximum of 256Mb of RAM. Yep, do not try to crack passwords with this little thingy. However it is powerful enough for a bunch of other applications.
Booting up the Arietta is quite straightforward. You have to flash an SD-Card and then power up the device. The board features a USB OTG that allows us to do quite some nifty tricks, as for instance, converting the USB interface into a network interface (BadUSB-like attacks) or simulate HID or massive storage devices.
You can use any USB Wifi dongle, but you will need to do some soldering to attach a USB connector to the expansion header. Otherwise, you can use one of the small dongles that fit in this 5 pin connector in the middle of the board... In case you are wondering?. Yes, they do support monitor mode. Chipset is RaLink RT5370N chip, and this is what iw says:
However note that the whole set is power limited, and that includes the wifi. There is version with external antenna that should perform better, but then we are losing a bit of the small form factor.
Setting up the board will depend on the operating system you decide to install. Two main options are possible and documented by the official page, but you are free to try something else... That's one of the Open Source wonders.
- Option 1 is to install a standard ARM Debian Distro. This is a full fledged Debian distribution with a lot of stuff to try. You can install any software you want from the repository via apt-get or recompile from sources directly on the board. Re-compiling on the board is possible but it takes a while. You've been warned.
- Option 2 is Buildroot. This is a lot lighter and the device will boot up in a few seconds. In principle, there is no package support (this is not fully true, but for the time being we can assume that), so if you want to install new software you will have to build it yourself using the builroot environment... It is a lot simpler that you may think, but it requires a bit of reading.
Now you can setup whatever tool you want to use on the box, as you would do on any GNU/Linux box. In worst case you may have to cross-compile the package. In best case, you can just get it from an on-line repository.
Now, if you want to just dump this small thingy somewhere to do some monitoring (for instance), you need to power the device. If you are lucky enough to have a power source to plug your device in, good... you are done. Otherwise you will need a battery.
There are many different options to power the device from a battery:
- You can just use one of those USB emergency batteries for mobile phones. This is the easiest and the safest.
- You can use the same USB emergency battery but connecting it to the pins in the expansion header instead of using the USB power. The only difference with the previous option is that you have more chances to build a more compact device, and in principle your USB interface is available
- You can use any stabilized 5V power source... For instance from a USB Hub
- It is also possible to boot the device using a single cell LiPo battery (3.7V) directly on the 5V rail. In this case, some USB devices (those that need 5V) may not work. In principle, the small Wifi adapter provided by the same manufacturer should be find, as it works at 3.3V.
- You can use a step-up adapter on a 3.7V battery to rise the voltage to 5V. Then you can use normal USB devices. This scenario, specially when using additional USB devices will have an impact on the battery duration.
- Finally, you can power the board with a 3.3V source using the pins in the expansion header. In this case, the microUSB connector cannot be used. It is possible to use the USB connector for data (not power), but you need to remove a small resistor on the board.
So, these are the options. Chose whatever better suits your needs. I'm using a small external battery on the standard USB connector... The safest/simplest solution. My external battery is way bigger than the Arietta so there is no real space save on using the expansion header.
Be careful when the board is powered up. Unless you put some casing on, it is easy to do a short-cut and damage the board just touching it.
FYI I haven't tried the others options yet, so I cannot provide further feedback on them. I can only say that the external USB battery solution works fine.
Whenever you fiddle with electronics there is a chance to fry your device. The best way to avoid the destruction of your electronics is to know what you are doing. If you do not know what you are doing, go for the standard USB battery... and do not touch the board when switched on (yes, I said it again). You may produce a short-cut.
Anyway, I'm not responsible of any damage to your hardware as a result of trying what is described in this tutorial. Do it at your own risk :).
Now you have your little GNU/Linux box up and running, you can try many different things.
You can install any tool you like. Just for fun, I recompile aircrack-ng on the Arietta. There is nothing special about this, just follow the instructions (installing the dependencies) and compile. As said before, compiling on the board will take a while.
You can do the Mr Robot thingy as described in the great post from occupytheweb The Hacks of Mr. Robot: How to Build a Hacking Raspberry Pi.
To access the device using NetKitty. You have to run this command on the Arietta
$ nk -shell -s T,5000
And then, from any other machine, you can either use netcat or NetKitty again:
$ nk -c T,IPADRESS,5000_
Note that NetKitty, just dups the standard input/output/err when the -shell option is used. It is not a real terminal emulator. That basically mean that some applications may not work. That's normal.
So, this is it for my first howto. Hope it was a bit interesting.