Plug in the power and Ethernet and this Raspberry Pi board will automatically collect Windows hashes from computers on the network. With a couple of RPi boards on hand [Travis] was searching for more hacks to try with them. This made a great little test to see how the board performs with the well established attack.
To start he booted into the standard Raspbian distribution. From there he loads the Metasploit framework which brings most of the necessary tools into play. It uses the Web Proxy Auto-Discovery Protocol (WPAD) to request hashes from any Windows machines listening on the network. Some version of the OS respond with LM hashes, others don’t. The importance of this and the particulars of using rainbow tables to crack the hashes is explained in this article on the subject.
We wouldn’t mind having a little hardware hack that adds a couple of LEDs to the GPIO header so you know when the RPi is done collecting the data.
15 thoughts on “Raspberry Pi As A Plug-in Hash Harvester”
OMG Hackaday, this is getting ridiculous! Don’t you think we’ve had enough posts for stoners alre-Oh, OH, that kind of hash. Carry on then,,,
Wow. I was just about to type this very same comment. Ninja’d
Except in this case, It’s another basic linuxism they’re posting about. This isnt linuxaday, a new tip a day for basic linux functionality!
Tomorrow on hackaday: The amazing breakthru that you can use grep used on a RPi
Some people are just never happy
I see what hes getting at though…
Personally I do think it was a pretty cool post, I never though to run that on the pi.
But that being said….. The Raspi can run damn near anything that any linux machine can (more or less after its been re-compiled). So……. yeah, its not a new thing its not a breakthru to run Metasploit, or any other software on it…
I mean I could get a gps, pi, lcd screen, battery, and gpredict software and make a cool little satellite tracker.. but is that a hack? Hell no, if I make a homemade case for it and put it in a shiny package? meh… a little closer… idk…
Alright I’m done bitching :)
At least this one is about hacking. :P
ledborg would make the perfect led for this.
Ledborg is ridiculously overpriced considering you can do the same thing with a $0.05 LED and a resistor.
It is a little overpriced but he’s trying to plug his product.
It’s an controllable RGB LED with PWM brightness control, though…
That’s extremely easy to implement in software.
First thing I thought of there was pot, and I’ve never smoked the stuff before.
if you cant tell the difference between harvesting hashes and creating hashish by throwing weed in a tumbler your too stupid to utilize metasploit!
It’s called a joke.
Please be kind and respectful to help make the comments section excellent. (Comment Policy)