|Preview Hacking with Raspberry Pi 4.pdf|
In the last days of summer we want to give you something special - an edition dedicated to Raspberry Pi, and other hardwares.
We start with the main article, Hacking with Raspberry Pi 4. Recently a new version of Raspberry Pi was released, Raspberry Pi 4, some of you maybe already had a chance to play with it, but maybe you are wondering what more can it do? We have a detailed tutorial for you written by our expert, Daniel W. Dieterle. What will you learn from this article? First, you will read about the capabilities of RPi 4, is it better than the last version? Or maybe not? In the next article Dan focused on installing Kali Linux on a Raspberry Pi. Going further, he ran several Kali tools on this platform. Want to know the outcome? You must definitely read the article!
You will read about the usage of Raspberry Pi with ICS and how effective such integration can be. How can Raspberry Pi be used to secure cloud data center? All this, and more, can be found in this edition.
If you are not a fan of Raspberry Pi, we also have articles dedicated to Arduino and ESP8266. You will read how to create a laser system to secure your home. Furthermore, we will show you how the Arduino can be used as a teaching platform.
We also recommend to check article dedicated to key-logging. Our author presents how to explore the body key-logging approach, and to do it he designed and built a body key-logger and have used it on a commercially available safe. Want to know the outcome? Read the article!
Special thanks to all of the contributors, reviewers, and proofreaders involved in the process of creation of this issue.
Enjoy the reading,
Hakin9 Editorial Team
Table of Contents
Hacking with Raspberry Pi 4
Daniel W. Dieterle
The Raspberry Pi 4 is here and better than ever! This major upgrade makes the Raspberry Pi a more viable desktop solution, which also means it is a better platform for ethical hackers and pentesters. In this article, we will quickly brush through the new features of the Pi 4 and then get right into using it as a tool for ethical hacking. We will specifically look at installing and using the PenTesters Framework (PTF) on Raspbian Buster.
Evaluation of 6LoWPAN over Bluetooth Low Energy
Varat Chawathaworncharoen, Vasaka Visoottiviset, Ryousei Takano
This article demonstrates the feasibility of 6LoWPAN through conducting a preliminary performance evaluation of a commodity hardware environment, including Bluetooth Low Energy (BLE) network, Raspberry Pi, and a laptop PC. Our experimental results show that the power consumption of 6LoWPAN over BLE is one-tenth lower than that of IP over WiFi; the performance significantly depends on the distance between devices and the message size; and the communication completely stops when bursty traffic transfers. This observation provides our optimistic conclusions on the feasibility of 6LoWPAN although the maturity of implementations is a remaining issue.
Kali Linux Raspberry Pi
Daniel W. Dieterle
This article uses the test lab, which is a private LAN that includes Metasploitable2 & Metasploitable3 test Virtual Machines as targets. The Metasploitable systems are purposefully vulnerable, so do not use them in a production or “live” environment. This information is for educational use only. Never attempt to access systems or use these techniques against systems that you do not own, this is illegal and you could go to jail. Also, check your area laws on using scanning tools, as these may also be illegal in some locations. Use a static free environment when using Raspberry Pis and, due to their small size, Pis can be a bit fragile, so proceed at your own risk.
IoT: NodeMCU 12e X Arduino Uno
Dr Antonio Carlos Bento
This study presents the results obtained in experimental and comparative research involving the devices Nodemcu 12e and Arduino UNO, carried out in 2017, focusing mainly on the positive and negative points presented by the different devices when using a WiFi network. The data collection was an experimental research with the devices, applying the heuristic classification of William J. Clancey, considering personal experience when using these types of equipment. After obtaining the data, proceeded to consolidate, categorize, and analyze the quantitative and qualitative results. Incounterpoint, the Arduino Uno device was demonstrated with little capacity, and needed to add new devices for communication via WiFi. This way, Nodemcu 12e has almost the same market value, but already has the WiFi feature internally, in addition to having greater capacity and ease of use.
In this paper, I suggest a new type of key-logging device that detects keystrokes by analyzing the interaction between the user’s body and the device. Time-of-Flight sensors can be used to track body movements and by crossing this information with the rigid layout of the keypad, it is possible to reveal which key was pressed at any time. If the device generates audio feedback, the sound can be tracked by a microphone. This can improve successful code detection. To explore the body key-logging approach, I’ve designed and built a body key-logger and have used it on a commercially available safe. A field test of the device yielded a success rate of 92% for key press detection. In this paper, I introduce the device, its tracking techniques and the algorithms used for keystroke detection. I review the device’s performance, discuss countermeasures for blocking this kind of attack and suggest future research.
A Low-Cost Raspberry-Pi based Testbed for SDN in Cloud Data Centers
Adel Nadjaran Toosi, Jungmin Son, Rajkumar Buyya
Software Defined Networking (SDN) is rapidly transforming the networking ecosystem of cloud computing data centers. However, replicating SDN-enabled cloud infrastructures to conduct practical research in this domain requires a great deal of effort and capital expenditure. In this article, we present the platform, a testbed for conducting research on SDN-enabled cloud computing. Open vSwitch (OVS) is integrated with Raspberry-Pi’s, low-cost embedded computers to build a network of OpenFlow switches. We provide two use cases and perform validation and performance evaluation for our testbed. We also discuss benefits and limitations of platform specifically and SDN in general.
An Intelligent Tutoring System for Training on ARDUINO
Islam Albatish, Msbah J. Mosa, Samy S. Abu-Naser
This article aims at helping trainees to overcome the difficulties they face when dealing with Arduino platform by describing the design of a desktop-based intelligent tutoring system. The main idea of this system is a systematic introduction to the concept of the Arduino platform. The system shows the circuit boards of Arduino that can be purchased at low cost or assembled from freely-available plans, and an open-source development environment and library for writing code to control the broad topic of Arduino platform.
Laser Based Security System Using Arduino UNO
Parmita Mondal, Madhusree Mondal
Our article examines the design and implementation of a novel laser security system for detecting intruders. The superior advantage of using a laser is secrecy: the intruder isn’t aware a security system is installed in entry points like doors and windows, as lasers can travel long distances and are almost invisible. When somebody crosses it, the circuit senses the discontinuity and trips the buzzer, which doesn’t stop until someone turns it off manually. It is among the most affordable indoor/outdoor security systems, with plenty of features. For example, it can send a photo of an intruder to a registered email address with the help of LDR and ESP WIFI modules. And best, its efficient and requires very little power.
Raspberry PI Based Cyber-Defensive Industrial Control System With Redundancy And Intrusion Detection
Navneet Meachery, Rijul Nair
Protecting the information access and data integrity are the basic security characteristics of computer security. In this system, we have propounded a system which is capable of detecting fire, any gas leakages or if any unauthorized entries have been made and provide the location of the affected region. Raspberry Pi 3 has been used to control this process by integrated with a couple of sensors and cameras. When the fire or smoke sensors detects something they signal the camera and then activates the alarm and the sprinkler motor. The cameras provide a confirmation of the fire and take photographs in order to avoid any false alarm accusations or for insurance purposes. The system will immediately send a message along with the image of the affected spot and device location to the registered email ids which may include the nearby fire brigade. In the case of an intruder or unauthorized entry, the PIR sensor detects it and the camera captures the image and then activate the alarm. An admin can confirm or deny the impeachment by observing the photographs the system send to the registered email ids.
Android-Based Smart Power Outlet Switching Device Using ESP8266 Enabled WiFi Module
Dennis A. Martillano, Rondolf G. Reyes, Ian Robert Miranda, Kevin Lester C. Diaz
The merging of the physical and digital worlds is the result of technological advancement and a new chapter in the story of today’s networked world governed by internet. Having the advantage of merging allows changes to be adopted regarding organization, manipulation, and control of nearly anything via networked technology. This leads to the Internet of Things (IoT), which can be defined as the interconnection of uniquely identifiable embedded computing devices within the existing internet infrastructure. IoT is an emerging technology that allows interconnection of everything beyond what is expected. This study aims to engage in research, modeling and implementation of an integrated technology that will blend WiFi development board modules built on ESP8266 based modules, microcontrollers, and elements of IoT to form an intelligent environment. The primary focus is to allow smart power outlet sources of devices to be controlled and monitored via the internet and/or local wireless area network by infusing standardized elements of IoT, communication protocols, mobile, and web applications.