« prev :: next »

A proper drop box should be discreet, inexpensive, and capable of running the tools necessary for a penetration test. There are many devices well-suited to the task, but for the purposes of writing this tutorial, I used a Raspberry Pi 3 model B+.

I chose to use Offensive Security’s prebuilt Kali 2019.4 ARM image for Raspberry Pi, flashing the .img file to the MicroSD card according to the official instructions from the Raspberry Pi foundation.

If you intend to do any wireless pentesting, you’ll also want to pick up a good, inexpensive wireless USB device, like this one, which supports packet injection and monitor mode.

Once your Pi is assembled and Kali is installed to the MicroSD card, connect it to a TV, mouse and keyboard, and power it on. After a moment, you’ll be greeted with the login screen. Log in as root with the password toor.

Once the Kali desktop has loaded, open a command prompt with Ctrl+Alt+T, then enter the following command:

systemctl set-default multi-user.target

This command instructs the system to boot to a text-based console instead of a graphical interface by default. Next, we’ll want to enable the SSH daemon on the device:

  1. Remove existing run levels for SSH:
    update-rc.d -f ssh remove
  2. Load default run levels for SSH:
    update-rc.d -f ssh defaults
  3. Backup Kali’s built-in SSH keys:
    mkdir /etc/ssh/kali_default_keys
    mv /etc/ssh/ssh_host_* /etc/ssh/kali_default_keys/
  4. Generate new SSH keys:
    dpkg-reconfigure openssh-server
  5. Restart SSH server:
    sudo service ssh restart
  6. Set SSH to run on boot:
    update-rc.d -f ssh enable 2 3 4 5
  7. If you’d like, update the SSH MOTD banner with the name of this drop box: (Useful if you’re managing more than one.)
    root@kali:~# cat <<EOF > /etc/motd
    > Red-Team Drop Box: BOX-001
    > Property of Pentest Company Incorporated
    > EOF

Once this is complete, plug in an Ethernet cable for internet access, then reboot the Pi. The system should boot into a text console:

Kali GNU/Linux Rolling kali tty1

kali login: root
Last login: Wed Dec  4 19:10:47 UTC 2019 on tty1
Linux kali 4.19.81-Re4son-v7+ #1 SMP Wed Nov 6 10:16:47 AEDT 2019 armv7l

Red-Team Drop Box: BOX-001
Property of Pentest Company Incorporated

As before, log in as root with password toor. We should change that password, shouldn’t we? Use the passwd command to do this:

root@kali:~# passwd
New password: [your new password]
Retype new password: [your new password]
passwd: password updated successfully

Be sure to pick a good password!

Next, we need to update and upgrade the OS:

root@kali:~# apt update && apt upgrade -y
Get:1 http://kali.download/kali kali-rolling InRelease [30.5 kB]
Hit:2 http://http.re4son-kernel.com/re4son kali-pi InRelease
102 packages can be upgraded. Run 'apt list --upgradeable' to see them.
Reading package lists... Done

When prompted for input, I accepted the default values. Installation took a while to complete, so I got some coffee and talked with my cats. (They had plenty to say, but it was incomprehensible.) Once the upgrade was complete, I rebooted the system again, then logged in as root with the new password.

Finally, I used the ip a command to get the device’s IP address, so that I could finish the installation and configuration from my laptop:

root@kali:~# ip a
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether b8:27:eb:e0:e6:ad brd ff:ff:ff:ff:ff:ff
    inet brd scope global dynamic eth0

Wonderful! At this point, we’ve got a fully-capable Kali pentesting system. Now, we need to configure it to work as a drop box.

« prev :: next »