Kali Drones, Portable CTF Builds, Raspberry Pi Craziness and More!
The Kali community is a pretty crazy thing. There are folks all over the world doing interesting things with Kali Linux and far too often, these cool projects get overlooked. Part of the problem is that the community is spread out all over the ‘net. We’re continuing to help build the Kali community to help with this problem, but that’s a slightly longer topic. In the meantime, we want to keep you well-informed about cool stuff that’s happening in our world-wide community. We’ll also be reaching out to standout members of our community, highlight their work, and get them involved in building our new community.
In this, the first of many community updates, we want to highlight the work of one of our members, Re4son, who has been a long-time Kali Linux advocate, a volunteer moderator on the Kali Linux forums and a “Dedicated technology enthusiast, obsessed with setting every machine free from the oppression of its maker” who is checking in all the way from Melbourne, Australia.
An Offensive Security alumni holding both an OSCP and an OSCE, Re4son had an idea to create “a small, cheap, autonomous, and low-energy Kali platform with direct hardware access that can do its hacking quietly in the corner or hassle-free on the road”. He turned his attention to the Raspberry Pi line, which offered a strong accessory aftermarket, but he discovered that the hardware support was somewhat limited for his needs.
“In 2015 .. I started porting the drivers myself,” he explains, “and the sticky fingers (touch screen) interface started off as a way to switch between HDMI and TFT screens without needing a keyboard.”
His Project has Come a Long Way
“Sticky Fingers Kali-Pi combines Kali Linux and the Re4son Kernel into a hassle-free package that turns any Raspberry Pi into a powerful Swiss Army knife with finger-friendly touch screen interface that can provide backend support in your own network, or operate autonomously behind enemy lines, posing as a humidity sensor. Out of the box, the Kali-Pi comes preconfigured with all essential services, such as SSH, VNC, FTP, HTTP, and Wi-Fi backdoor, as well as the MANA toolkit, Snort, Kismet, Metasploit, etc. and a finger-friendly touch screen interface to control it all.”
Built on a Raspberry Pi 0/0W/1/2/3, this setup can be quick-installed from a pre-configured image or built from scratch, and has options for a TFT touch screen with a custom-built intuitive touch menu, bluetooth, injection support, and more. He’s even strapped this puppy onto a drone for some high-flying “research”.
At the heart of this cool project is the Re4son-Kernel for Raspberry Pi. Built to work with the Pi 0/0W/1/2/3, the Re4son-Kernel, “allows Kali Linux to get the best out of any Raspberry Pi by supplying support for the onboard wifi and Bluetooth, wifi injection patches, additional hardware support, security enhancements, headers, sources, etc.”
It also provides complete armel support for the Pi 1, Zero, and Zero W and armhf support for the Pi 2 and 3 and all versions are 100% compatible with the stock Kali Linux Kernel.
In addition, Re4son has released images and instructions for a “Damn Vulnerable” version of the Sticky Fingers Kali Pi, the “Sticky Fingers DV-PI” which runs on Raspberry Pi 0/0W/1/2/3 (with or without touchscreen) and is pre-configured with “easy(ish)” and “medium difficulty” vulnerabilities for penetration and privilege escalation. This portable, low cost “vulnerability playground” is perfect for home research, skills sharpening, training, or even small CTF-style contests wherever you happen to be.
“Offensive Security training courses supply the know-how to achieve world domination”, Re4son tells us, “and Sticky Fingers Kali-Pi provides the tools. Hacking has never been more fun.”
We whole-heartedly agree. We’re pretty excited about Re4son’s Kali-Pi, Re4son-Kernel, and Sticky Fingers DV-PI projects and are thankful for his unwavering support of users in the Kali Linux forum.
Thanks, Re4son, for your hard work, for being a shining member of the Kali community, and for keeping things fun.