How To Set Up Your Raspberry Pi for Pen-testing

Kali linux running on a Chromebook with desk and mouse

Interested in learning more? Check out additional walkthroughs in our Tutorials and How-to Section

Why a pi?

Developing your hacking skills can be difficult since it is illegal to attack real life systems unless you have explicit permission from the target.  The Raspberry Pi is a cheap and great alternative for you to practice your hacking skills on.  This guide will walk you through how to set up your very own Raspberry Pi for penetration testing. We will be using Re4son’s DV-PI image that is already configured with vulnerable services for you to exploit.  Some basic experience working with computers is helpful but not required as this guide is intended for novice users.

Before We Get Started

Raspberry pi, power supply, ethernet cable, and micro-sd card

In order to complete this guide, you will need:

  • A Raspberry Pi

  • A micro SD card and adapter ( at least 8 Gb)

  • An Ethernet Cable

  • A computer to burn the image and SSH into the Pi

  • A network discovery tool to find the IP address of your Pi

Downloading and burning the Image

Pick your flavor.

Pick your flavor.

1. Download the DV-Pi image here.

Make sure to select to right drive.

Make sure to select to right drive.

2. Format the SD card. You can use any SD card formatting software you like. I recommend the official SD Card Formatter which can be found here.

Pay attention and chose the correct image file and drive to flash.

Pay attention and chose the correct image file and drive to flash.

4.   Burn the DV-Pi Image onto the microSD card. I recommend using Etcher to burn your image file. You can download it here.

  Load the SD card and boot up your Raspberry Pi

The power LED will turn RED while the Raspberry Pi is on.

The power LED will turn RED while the Raspberry Pi is on.

  1. Load your MicroSD card into the pi.

  2. Power up your Pi and connect it to your network via Ethernet.

The IP address will differ on your own network.

The IP address will differ on your own network.

3.     Use any network scanning tool to find the Pi’s IP address. I used the Fing app on my smartphone.

Make sure to use port 22 and select SSH.

Make sure to use port 22 and select SSH.

4.   Open PuTTY on your computer to SSH into the Raspberry Pi.

Log in using PuTTY

Log in using PuTTY

5.  Log into DV-Pi.

  • Username is: pi

  • Password is: raspberry (You will not see your password while you type)

Success!

Success!

6. Type “dv-pi start” to start the vulnerable services .Upon completed the Raspberry Pi 3 will display [ WARNING ] THE SYSTEM IS VULNERABLE!

You are ready to hack!

Your Raspberry Pi is now fully configured and ready for penetration testing! Remember that your Raspberry Pi is now vulnerable which is great for practice, but can still be a security concern running on your own network. Good luck and have fun cracking your Pi!

 

 Additional How-Tos and Tutorial: