<html>
<body>
<h1>HackersArise Is the Best! </h1>
<p> If you want to learn hacking, HackersArise.com </p>
<p> is the best place to learn hacking!</p>
</body>
</html>
Listing 122: Some simple HTML to add to the index.html file
Once you have entered the text exactly as it appears in Listing 122, save this file as /var/www/html/index.html and close your text editor. Your text editor will then prompt you that the file already exists. That’s okay. Just overwrite the existing /var/www/html/index.html file.
Seeing What Happens
Having saved our /var/www/html/index.html file, we can check to see what Apache will serve up. Navigate your browser once again to http://localhost, and you should see something like Figure 122.
Figure 122: New HackersArise website
Apache has served up our web page just as we created it!
access list (a list of users who can use this service), authenticate users with encrypted passwords, and encrypt all communication. This reduces the chance of unwanted users using the remote terminal (due to the added authentication process) or intercepting our communication (due to encryption). Probably the most widely used Linux SSH service is OpenSSH, which is installed on nearly every Linux distribution, including Kali.
System administrators often use SSH to manage remote systems, and hackers often use SSH to connect to compromised remote systems, so we’ll do the same here. In this example, we use SSH to set up a remote Raspberry Pi system for spying, something I call the “Raspberry Spy Pi.” For this, you’ll need a Raspberry Pi and the attendant Raspberry Pi camera module.
Before we do that, though, start OpenSSH on your Kali system with the now familiar command:
kali >servicesshstart
We’ll be using SSH to build and control a remote spying Raspberry Pi. If you’re not already familiar with it, the Raspberry Pi is a tiny but powerful, credit card–sized computer that works great as a remote spying tool. We will employ a Raspberry Pi with a camera module to use as a remote spying device. You can purchase a Raspberry Pi at nearly any electronics retailer, including Amazon, for less than $50, and you can get the camera module for about $15.
Here, we’ll use the Raspberry Spy Pi on the same network as our Kali system, which allows us to use private, internal IP addresses. Of course, when hacking in the real world, you’d probably want to set it up on another remote network, but that would be a touch more difficult and beyond the scope of this book.
Setting Up the Raspberry Pi
Make certain that your Raspberry Pi is running the Raspbian operating system; this is simply another Linux distribution specifically ported for the Raspberry Pi CPU. You can find download and installation instructions for Raspbian at
https://www.raspberrypi.org/downloads/raspbian/. Nearly everything you’ve learned in this book applies to the Raspbian OS on the Raspberry Pi as well as Kali, Ubuntu, and other Linux distributions.
Once you have your Raspbian OS downloaded and installed, you’ll need to connect your Raspberry Pi to a monitor, mouse, and keyboard and then connect it to the internet. If
WOW! eBook
this is all new to you, check out the instructions at
https://www.raspberrypi.org/learning/hardwareguide/. With everything set up, log in with the username pi and the password raspberry.
Building the Raspberry Spy Pi
The first step is to make certain that SSH is running and enabled on the Raspberry Spy Pi. SSH is usually off by default, so to enable it, go to the Preferences menu and launch Raspberry Pi Configuration. Then go to the Interfaces tab and, next to SSH, click Enabled (if it is not already checked) and click OK.
When SSH is enabled, you can start it on your Raspberry Spy Pi by opening a terminal and entering the following:
kali >servicessh start
Next you need to attach your camera module. If you’re using a Raspberry Pi version 3 board, there’s only one place to connect it. Switch the Pi off, attach the module to the camera port, and then switch it on again. Note that the camera is very fragile and must never come into contact with the generalpurpose input/output (GPIO) pins; otherwise, it might short and die.
Now, with the SSH service up and running, place the Raspberry Spy Pi somewhere within your home, school, or some other location you want to spy on. It must, of course, be connected to the local area network, either by Ethernet cable or, ideally, via WiFi.
(The new Raspberry Pi 3 and Raspberry Pi Zero both have builtin WiFi.)
Now, you need to obtain the IP address of your Raspberry Pi. As you learned in Chapter 3, you can get a Linux device’s IP address by using ifconfig:
pi >ifconfig
The IP address of my Pi is 192.168.1.101, but make certain you are using the IP address of your Raspberry Spy Pi wherever my address appears in this chapter. Now, from your Kali system, you should be able to connect directly to and control your Raspberry Spy Pi and use it as a remote spying system. In this simple example, your system will need to be on the same network as the Pi.
To connect to the remote Raspberry Spy Pi via SSH from your Kali system, enter the following, remembering to use your own Pi’s IP address:
WOW! eBook
kali >[email protected] [email protected]'s password:
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, the extent permitted by applicable law
last login: Tues Jan. 1 12:01:01 2018 pi@raspberyypi:: $
The Spy Pi will then prompt you for a password. In this case, the default password is raspberry, unless you’ve changed it.
Configuring the Camera
Next, we need to configure the camera. To do so, start the Raspberry Pi configuration tool by entering the following command:
pi >sudo raspi-config
This should start a graphical menu like the one shown in Figure 123.
Figure 123: The Raspberry Pi configuration tool
WOW! eBook
Scroll down to 6 Enable Camera and press ENTER. Now, scroll to the bottom of this menu and select Finish and press ENTER, as shown in Figure 124.
Figure 124: Finishing the configuration
When the configuration tool asks if you want to reboot, as shown in Figure 125, select Yes and press ENTER again.
Figure 125: Reboot the Pi to enable the changes.
Now your Raspberry Spy Pi camera should be enabled and ready for spying!
Starting to Spy
Once your Raspberry Spy Pi has rebooted and you have logged in to it via SSH from your Kali terminal, you are ready to start using it to spy by taking still pictures.
The Raspbian operating system has an application named raspistill that we will be using to take pictures from our little Raspberry Spy Pi. Enter raspistill into the terminal to see the tool’s help screen and all of its options:
pi@raspberrypi: raspistill raspistill Camera App v1.3.8
Runs camera for specific time, and takes JPG capture at end if requested
WOW! eBook
usage: raspistill [options]
Image parameter commands
snip
Let’s now use the Raspberry Spy Pi to take some remote spying pictures! The raspistill
command has numerous options you should explore, but here we’ll simply use the defaults. To take a picture and save it as a JPEG, enter the following:
pi@raspberrypi: raspistill-v-o firstpicture.jpg raspistill Camera App v1.3.8
width 2592, Height 1944, quality 85, filename firstpicture.jpg Time delay 5000, Raw no
snip
We use the –v option to give us verbose output and the –o option to tell raspistill we’re about to give it a filename to use; then we give the filename. When we do a long listing on the Raspberry Spy Pi, we can see the file firstpicture.jpg, as shown here:
pi@raspberrypi: ls-l total 2452
drwxrxrx 2 pi pi 4096 Mar 18 2019 Desktop drwxrxrx 2 pi pi 4096 Mar 18 2019 Documents drwxrxrx 2 pi pi 4096 Mar 18 2019 Downloads
rwrr 1 pi pi 2472219 Mar 18 2019 firstpicture.jpg drwxrxrx 2 pi pi 4096 Mar 18 2019 Music
drwxrxrx 2 pi pi 4096 Mar 18 2019 Pictures
snip
We've taken our very first spy picture on our remote Raspberry Spy Pi using SSH! Feel free to explore this versatile weapon further.