Wi-Fi packet sniffing / monitoring on Windows using Raspberry Pi - inspired by Wimonitor

Wimonitor is a wonderful product from Hacker Arsenal that saves pentesters the hassle of having to configure VMs, carry compatible wireless cards that support monitor mode etc. and comes with a web interface to do the configurations. It gives you the flexibility to plug in the device into the Ethernet port and start Wi-Fi monitoring on any OS. Basically it is a tp-link TL-MR3020 router with a custom firmware that does all the monitoring part and sends the packets to the host laptop (or Mac !) where you can start Wireshark and concentrate on the packet analysis.

I haven’t got one yet, but have been hearing good reviews about the product since launch. The shipping cost to EU is a bummer :(. Hopefully they will start shipping from EU soon.

Meanwhile - why not try this on a Raspberry Pi ?

Connecting USB devices to VirtualBox using USB 3.0 ports

This took me quite a bit of time to figure out, hopefully someone finds the steps useful. Many of the wireless cards that support monitor mode are all USB 2.0 devices - e.g. Alfa AWUS036NHA, TP-LINK TL-WN722N and run into problems while connecting to newer laptops that come with only USB 3.0 ports. If you try to connect the wireless card to the USB 3.0 port and then try to attach it to VirtualBox VMs like Kali, it will not work straightaway.

Twitter notifications for MotionEyeOS video surveillance system on Raspberry Pi

MotionEyeOS is a wonderful project by Calin Crisan that converts your single board computer into a video surveillance system in a matter of minutes. It is supported on a number of devices and is well maintained with good community support.

Now that the latest Raspberry Pi Zero version (W) comes with onboard Wi-Fi, it makes an ideal candidate to deploy MotionEyeOS across your perimeter and run a cheap video surveillance system with lesser clutter of having to attach a Wi-Fi dongle as in the previous versions of Pi Zero.

Social network based backdoor for pentests

Once you gain access to a system during pentest, you might want to retain access by means of a backdoor. The most trivial method is to use metsvc which ‘unfortunately’ is very well fingerprinted by anti-virus software.

In this post, let us look at how to use a backdoor that uses social network for communications. The method used by the backdoor is identical to what was mentioned in my previous post.