How Raspberry Pi Can Change How People Attack Networks

DJ Palombo

Raspberry Pi is a trademark of the Raspberry Pi Foundation

Concise Courses

Who Am I?•In my junior year in Computer and Digital Forensics at Champlain College, Burlington VT

•20 Years Old

•Currently studying in Dublin, Ireland

What is Raspberry Pi?

• $35 Computer the size of a credit card

• Uses GNU/Linux Operating Systems

• Model B has 512 MB RAM, 2 USB ports, Ethernet, video out, and HDMI

• Operating System loaded on SD cards

• Storage is based on the SD card size

What this is NOT

• Be all, end all network attack

• Proposal of better-than-sliced-bread attacks

What this is

• Another viable threat that should be assessed

• A warning to security professionals

What is the theory behind it?

• Cheap, inexpensive computer– My terminology for it: “Burner Computer”

• Small size allows it to be easily hidden• Attack from within rather than forcing your

way through

What attacks to do?

• Whatever you want!

• Sniff networks for information and passwords

• See all internal network traffic

• Try to shut down the network from within

My first concept

• It can be used as a cheap cluster for computing power– Useful in some context– Ability to gain a large amount of power at low cost

• What next?

What you can do

• Route all the traffic through the Pi– MITM attacks

• Packet sniff inside a network

• VLAN Hopping

• VoIP sniff

Man In the Middle Attacks

• Ability is built into Ettercap– DHCP spoofing– Arp Poisoning

• All traffic will then run through your system• You can modify traffic as it runs through your

system

VLAN Hopping

• You can check to see if there are other parts of the network, and listen on their traffic too

• VoIP Hopper– Will act like a VoIP phone and look for other devices

across the network– Listens for any traffic that signifies other VoIP devices

• SIP crack– Crack passwords of VoIP device– Works similar to aircrack

VoIP Attacks

• When inside a network, why not listen in on their calls?

• VoIPong– Allows user to sniff any calls on the network– Will record and output to .wav file for listening

later

Other options

• Instead of wireless attacks, why not hardwire?

– Surge protector + Raspberry Pi = Network Observation Device

• Use it for the manufacturer’s intended purpose?

Surge Protector Pi

• For a small cost, you can set your Pi up inside a surge protector– Constant source of power– Inconspicuous– Hardwired Ethernet connectivity

How to defend against this threat

•Physical security

•Monitor network traffic

•Specifically search for traces of network sniffers

How to defend against the defenders

•Spoof MAC address, and change it periodically if you are within a network

•Hide the device well

•Don’t be afraid to lose the device

How to prepare yourself• Obtain Pi• Setup the Pi – I recommend using PwnPi ( pwnpi.net )

• Know your toolkit• Know your target and your goal• Figure out how you are going to power it

The Drop-off

• Dependent on who you are attacking

• Use common sense, and be sneaky!

• Know your options, and know your opponents

Contact DJ

• Palombo.dj@gmail.com

• @DJPalombo– #ProjectRasPi

• http://bit.ly/DJsLinkedIn

Any Questions?