Another Pi Zero W Hacking Gadget for Physical Penetration Testing
Requirements
This project requires a Raspberry Pi Zero W, a USB-A Addon Board, and a Micro SD Card. You’ll also need a computer to configure the SD Card and Pi. This is not an expensive project, total cost is around $35 depending on where you acquire your parts.
The article is informational only. Do not break the law.Why Would You Want To Do This?
The idea of pulling credentials from a locked computer isn’t new. There are commercial products that can do this like the USB Armory and the LAN Turtle. They do, however, cost quite a bit more than a Pi Zero and a USB board. There are trade offs; commercial devices may cost more but definitely look less suspicious, for example.
How Does This Work?
We will be configuring the Pi as an USB Ethernet adapter. Because USB is plug and play, even if the system is locked, the device gets installed. And because it is an Ethernet adapter, it will be allowed to pass/capture traffic, giving us access to sensitive data and credentials.
Getting Started
Flash the SD Card with Rasbian Lite and add a ssh file to the boot partition. Circuit…
