Search the Community
Showing results for tags 'penetration test'.
The search index is currently processing. Current results may not be complete.
TLDR; I designed and 3D printed a drone from scratch. Used Phantom 3 STD motors from a crashed phantom, a Mini Pix flight controller, a 4 in 1 ESC, a generic PDB, a FlySky I6S controller and receiver, and a 4S 2000mAh 65C battery, to get the drone in the air, and strapped a WiFi Pineapple to the bottom powering it off the battery with a 5v BEC. I call it the PWN Drone, and hope to use it for pentesting engagements, and to educate the public about the attacks that are out there and how to keep themselves safe. Just sharing my experience, and ideas. Pics to come, when I have time to host them. Website for more info: https://olilenel.wixsite.com/pwndrone Questions, comments, criticisms welcome. A while back I had the idea to create a penetration testing drone. I fired up the google machine and came up with a couple of people who had already delved into this idea. The first one I stumbled on was the danger drone created by bishop fox. I loved the idea, but kept looking. Not long after I found some videos on YouTube by HAK5 and GlytchTec that were more along the lines of what I had in mind. So in August of 2018 I ordered a 3D printer (the Creality CR-10 4S) and began doing some research on how to make a drone like this. I used HAK5 and GlytchTec's drones as inspiration, but wanted a fully custom design, so I got to work with sketchup and began designing a drone that was modeled after the DJI mavic (I liked her curves 😉). A couple of weeks later I had a shell, and discovered that I absolutely love 3D printing, especially for designing drones. Its the perfect combination. No more buying parts online if something breaks, just a quick 14 hour print and you have yourself a shiny new part! And the limitation is your imagination (and weight and size considerations). Not to mention the cost, if you don't factor in the $500 3D printer, is considerably less than buying parts. The frame cost me less than $20 to print! Next step, flight components. I needed a flight controller, ESC's (Electronic Speed Controllers), a PDB (Power Distribution Board), a transmitter and receiver, a battery, a GPS, a payload, and a way to power it, screws, glues, the list goes on. Time for some more research. It was at this point that I realized that I had never flown a drone before, and I might need some experience with an established system before I went off and created my own. Time for some eBay shopping! After a week of scouring eBay for a cheap drone to test my flight skills out, I found a DJI Phantom 3 STD for $200 that came with everything I needed to get started. It even came with prop guards, an extra battery and controller, and I thought a camera drone would be a lot of fun, plus I wouldn't need an expensive FPV setup. So I pulled the trigger and bought it. A week later it showed up at my door, and I had it flying within a matter of a couple of hours (batteries had to charge). If you've never flown a drone before, i just have to say, their a lot of fun! I flew it every day for the next week. Every chance I had I was putting it in the air, and by the end of the week I was getting pretty good at maneuvering it around my back yard, around an obstacle course I set up to get my flight skills up to par. I even began working on getting some good angles and shots with the camera mounted on the Phantom. I live by a large lake with some beautiful sunsets. At the end of the week against my better judgement, I decided to take the drone to the lake to try and get some video of a beautiful peninsula that sticks out into the water, with a beautiful sunset as a backdrop. The scene was ideal, the wind not so much. But it wasn't going to stop me. I took the phantom out for a test flight, and it seemed to deal with the wind just fine. Time to work on some sick drone shots. I launched the phantom from the beach and slowly began moving towards the peninsula, and was super excited, the video looked gorgeous! I was flying the phantom close to the peninsula with the camera slowly panning left and it opened up to the sunset as the drone was flying along the edge of the peninsula. I was in deep concentration at this point, flying it completely from the camera view on my phone (Bad Idea). As I neared the end of the peninsula, the wind picked up and blew my new phantom into the trees at the edge of the peninsula, at which point my phantom decided it had had enough of the flying, and wanted to become a submarine 😢. After recovering my poor phantom from about 10 feet of water, the lights were still blinking, and I knew she was toast. The cool thing about drone motors is that they don't really mind being submerged in fresh water. I lost $200 and a drone, but now I had some motors for my PWN Drone. Ya gotta look on the bright side. This shaped the components I was going to use to make my 3D printed shell. I looked up the specs of the DJI Phantom 3 STD and found out that the motors use 20A ESC's. Not bad. I then found the PIX hawk, a flight controller with some pretty sweet features like: autonomous flight, plug and play design, and a pretty simple setup process. But the PIX hawk was way to big for the frame. I played around with the idea of a DJI NAZA-M but they are pretty pricey. It wasn't long after I found the baby brother of the PIX hawk, the aptly named Mini Pix. It had all of the same features of the PIX hawk but was much smaller. Perfect. It also cost considerably less than the DJI NAZA-M. I found the cheapest place to get these was good old BangGood.com. This is what decided a lot of the other missing components. The Mini Pix came with a PDB, I found a 4 in 1 20A ESC that was the same form factor as the Mini Pix, and decided on the FlySky I6S controller transmitter bundle, added two 4S 2000 mAh 65C batteries with a cheap charger, and found a compatible radiolink GPS designed for the Mini Pix. This was essentially all that I needed to get the drone in the air. BangGood is great for pricing but most of the components ship from china and take around 2 weeks. So I had 2 weeks of waiting to do, and decided this would be a good time to figure out my payload design. My original plan was to use the cheap $10 raspberry pi zero and load kali on it to launch some wireless attacks from the drone. With my new found 3D printing skills I put together a payload case, and a carrier so that it could be switched out for another Pi Zero W, so that i could hot swap payloads. I had a Pi Zero W laying around with a male USB hat, and found a sweet kali distro created by mame82 called P4wnP1 that did exactly what I was looking for out of the payload. At this point the parts began to arrive from china, and I put aside the payload, and began work on the flight components. I soon realized that even with the smaller components that I ordered ,all of the parts, especially the battery, were not going to fit in the frame I designed. My solution.... print it 15% bigger. This was a process as I had to scale all of the parts. Sounds easy but I already had the screws and didn't want to order more, so I had to go into every file and reduce all of the screw holes by 15%, then scale the parts up 15%, then test print every one. This took me a couple of days between school work, but the finished design came out better than I expected. All of the parts fit nicely and the project was coming along. For a while I had been following HAK5 on YouTube, and had quickly fallen in love with the WiFi Pineapple Nano. I finally had a good paying job and was making enough money that I was ready to commit and buy one. Even after all of the work I had put into the raspberry pi payload, I even gave it a name (PiLoad) and had a couple of versions, I think I was up to PiLoad v3.0, I wanted to strap the Pineapple to this drone. I found operating the Pineapple to be much easier than setting up the P4wnP1, and it was all around more capable. I could do scans of the wifi landscape, de-auth targets from networks, so that they would connect to mine, not to mention I could use the web interface to do this all in real time as I was flying the drone in auto level mode. One problem I had not yet gotten to was powering the payload. With the 15% increase in size and the larger payload I already knew I didn't want to add another battery, and the PDB didn't offer a 5v output, so I ordered some 5v BEC's powered them off of the PDB, wired them to a female USB cable and voila, 5v regulated power for any payload! At this point the drone was close to being complete. I used the 9" props from the phantom as they would have enough lift to pick up this monster that was nearing the size of the phantom. At last time to see if this thing flies! I paired the controller and receiver, set up the Mini Pix with the mission planner software, and took it out for a test flight. As a software developer I can wholeheartedly say that I have never had anything work on its first try, but the demo gods were looking out for me that day, and miraculously the thing flew! I still have to calibrate the flight controller, because there is some noticeable drift with the Pineapple strapped to the bottom, but I cant ask for much more. I soon plan on adding a Pi cam with a Pi Zero to get FPV footage streamed to my laptop, and take this thing out to do some mock engagements. I hope this drone can be used in pentests in the future, but I also hope to use it to educate the public of the dangers of MITM, and Karma attacks. Whenever explain the capabilities of the Pineapple to everyday people, they always tell me how scary that is, and ask how to prevent being PWN'd. I think this could be a great educational tool to inform the public of the attacks out there and how to keep their devices safe. Im sure I missed something, and am happy to fill in the blanks. I just wanted to share my experience, and some of my ideas, and welcome any questions, comments, or criticisms. I have many pictures of the process, but none of them are hosted as of today. I do however have a wix page up with some more details, and plan on getting my pictures hosted when I get the time. If you want to check out the website the URL is https://olilenel.wixsite.com/pwndrone
I am currently working on a research project and was told about a study that had two penetration tests on the same network and found that their individual findings only overlapped by roughly 25%--AKA they only find 25% of the same vulnerabilities. I was told that this was a study done by Microsoft but have searched high and low and been unable to find it. I was hoping someone else may have some information or know where to find this report or any reports with similar findings.