Raspberry Pi is a $35 computer the size of a credit card that can be used to conduct network attacks. It discusses how a Raspberry Pi could be used as an inexpensive device to conduct man-in-the-middle attacks, packet sniffing, VLAN hopping, and VoIP sniffing from inside a target network. The document provides examples of using tools like Ettercap, VoIPHopper, and SIPcrack and discusses hiding the device on a network by spoofing MAC addresses and changing locations. It recommends obtaining a Raspberry Pi, configuring it with the PwnPi Linux distribution, learning attack tools, and targeting networks discreetly while being prepared to lose the device.
1. Concise Courses
How Raspberry Pi
Can Change How
People Attack
Networks
DJ Palombo
Raspberry Pi is a trademark of the Raspberry Pi Foundation
2. Who Am I?
•In my junior year in Computer and Digital
Forensics at Champlain College, Burlington VT
•20 Years Old
•Currently studying in Dublin, Ireland
3. What is Raspberry Pi?
• $35 Computer the size of a credit card
• Uses GNU/Linux Operating Systems
• Model B has 512 MB RAM, 2 USB ports,
Ethernet, video out, and HDMI
• Operating System loaded on SD cards
• Storage is based on the SD card size
4.
5. What this is NOT
• Be all, end all network attack
• Proposal of better-than-sliced-bread attacks
What this is
• Another viable threat that should be assessed
• A warning to security professionals
6. What is the theory behind it?
• Cheap, inexpensive computer
– My terminology for it: “Burner Computer”
• Small size allows it to be easily hidden
• Attack from within rather than forcing your
way through
7. What attacks to do?
• Whatever you want!
• Sniff networks for information and passwords
• See all internal network traffic
• Try to shut down the network from within
8. My first concept
• It can be used as a cheap cluster for
computing power
– Useful in some context
– Ability to gain a large amount of power at low cost
• What next?
9. What you can do
• Route all the traffic through the Pi
– MITM attacks
• Packet sniff inside a network
• VLAN Hopping
• VoIP sniff
10. Man In the Middle Attacks
• Ability is built into Ettercap
– DHCP spoofing
– Arp Poisoning
• All traffic will then run through your system
• You can modify traffic as it runs through your
system
11. VLAN Hopping
• You can check to see if there are other parts of
the network, and listen on their traffic too
• VoIP Hopper
– Will act like a VoIP phone and look for other devices
across the network
– Listens for any traffic that signifies other VoIP devices
• SIP crack
– Crack passwords of VoIP device
– Works similar to aircrack
12. VoIP Attacks
• When inside a network, why not listen in on
their calls?
• VoIPong
– Allows user to sniff any calls on the network
– Will record and output to .wav file for listening
later
13. Other options
• Instead of wireless attacks, why not hardwire?
– Surge protector + Raspberry Pi = Network
Observation Device
• Use it for the manufacturer’s intended
purpose?
14. Surge Protector Pi
• For a small cost, you can set your Pi up inside
a surge protector
– Constant source of power
– Inconspicuous
– Hardwired Ethernet connectivity
15. How to defend against this threat
•Physical security
•Monitor network traffic
•Specifically search for traces of
network sniffers
16. How to defend against the
defenders
•Spoof MAC address, and
change it periodically if
you are within a network
•Hide the device well
•Don’t be afraid to lose
the device
17. How to prepare yourself
• Obtain Pi
• Setup the Pi
– I recommend using PwnPi ( pwnpi.net )
• Know your toolkit
• Know your target and your goal
• Figure out how you are going to power it
18. The Drop-off
• Dependent on who you are attacking
• Use common sense, and be sneaky!
• Know your options, and know your opponents