A pentesting dropbox is used to allow a pentester to remotely access and audit a network. The device is dropped onto a network, and then sets up a connection which allows remote access. As a final project, [Kalen] built the Rogue Pi, a pentesting dropbox based on the Raspberry Pi.
The Rogue Pi has a few features that make it helpful for pentesting. First off, it has a power on test that verifies that the installation onto the target network was successful. Since the install of a dropbox needs to be inconspicuous, this helps with getting the device setup without being detected. A LCD allows the user to see if the installation was successful without an additional computer or external display.
Once powered on, the device creates a reverse SSH tunnel, which provides remote access to the device. Using a reverse tunnel allows the device to get around the network’s firewall. Aircrack-ng has been included on the device to allow for wireless attacks, and a hidden SSID allows for wireless access if the wired network has issues. There is a long list of pentesting tools that have been built to run on the Pi.
Check out a video demonstration of the dropbox after the break.
Its so weird to not see someone interested on this. lol
Doesn’t help that the links are dead.
Nice idea – I’m trying to build one with kali, but i like the simple LCD display and button controls on this one.
You can use the Wayback machine to find a copy of it…
http://web.archive.org/web/20160310030504/http://crushbeercrushcode.org/2013/03/developing-the-rogue-pi/
nice work im tryn to build on to, thanks for the work you have done