The Raspberry Pi Zero W: A hackable USB

in technology •  13 days ago

I recently purchased a Pi Zero W to add to my collection of Raspberry Pi's. If you're unfamiliar with a Raspberry Pi, it's a small computer no bigger than your credit card. It's not edible and no I didn't mean Raspberry Pie. They're very inexpensive and have started to become a great product to teach kids how to code and learn about computers.

The most popular right now is a Raspberry Pi 3 B+ as it includes:

WiFi
Bluetooth
Ethernet port with added PoE header
4 USB 2.0 ports and a micro USB
Full size HDMI out
MIPI DSI display port to add a camera
40-pin GPIO header to add more accessories

If you're more for visuals, here's a pic from Element14's site:

This board alone only costs $35!!!

So I have that one and use it as a portable Kali machine. I can connect an external WiFi adapter and power bank to take it anywhere. But there are endless projects you can build with these. Weather stations, robots, vintage game consoles like the NES, and anything else you can think of.

But for Christmas I got an Amazon gift card and had read about the Pi Zero W. It's an even smaller Pi with onboard WiFi that supports USB OTG (On The Go) which means it can act as a USB device. Figured there would be some neat use cases for that, so I picked up a kit.

Again from Element14

The Pi Zero W on my wallet

It's amazing how small this is with all the included features

The kit I got with it came with a lot of neat accessories:

Pi Zero W
Power adapter
Heatsink
A case with 3 different lids
Header pins and a module to attach a camera
USB hub
Micro HDMI to Full HDMI cord
16GB Micro SD
All for $35

Now a USB device that has WiFi built in makes for an interesting project. I wonder if something exists for that...

There is!

A project called P4wnP1 to turn your Pi Zero into a USB attack platform

I know the author has stopped working on it and moved to P4wnP1_aloa, but I haven't had a chance to test aloa yet. P4wnP1 heavily modifies your Pi so you can set prebuilt and custom scripts to run, then plug the Pi into any computer, SSH to it from another machine and monitor output.

This great video (and channel) shows you some neat capabilities of P4wnP1

The most fun project so far is the HID backdoor which does what you may guess, installs a backdoor into any Windows system it's plugged into. It's really easy to configure:

Power on the Pi
Connect to P4wnP1 network
SSH into the Pi pi@172.24.0.1
Uncomment the HID_backdoor.txt line in setup.cfg
Plug the pi into a Windows machine
From another computer, connect to the WiFi network again and SSH into the Pi
Run FireStage1

You're now connect to the machine so type shell and you now have a backdoor shell!!

This is just one of many payloads that come installed and of course you can write your own.

I think my money has been well spent as I'll now be learning more about bash, Windows systems, using Responder, and tons of other hacking tools. I'll post some important links below to convince you to buy one of these and have a ton of fun!

Hope you enjoyed this in depth coverage of the Raspberry Pi family and some neat projects that you can use.

Links:
Buy some stuff your your Pi
Unlock a locked Windows machine
Read the docs
P4wnP1_aloa

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

This post was shared in the Curation Collective Discord community for curators, and upvoted and resteemed by the @c-squared community account after manual review.
@c-squared runs a community witness. Please consider using one of your witness votes on us here