The hidden machine

Hidden wifi hacking machine experience

CAUTION:

This project can be dangerous. I am not responsible for any damage or injury. This is a prototype project. Doing this is not recommended. Do it on your own risk.

CAUTION

Prologue:

Everyone uses wifi. When you want to get inside a network, wifi is really good way, because you can be outside of the target’s organization physically but still access the organization’s infrastructure. Just sit down on a branch and get inside the network. Or grab some packets for later when you can start your wifi password cracking. Usually you need a laptop for that. Using a wifi adapter to set it in monitor mode and grab every packet. This can be suspicious. They might look back at the footage of the security cameras outside and they can spot you. Or an employee or a worker might see you with a weird gadgets near the office. Now I want to find a way to do this and be invisible. At least harder to find. For this, I will use my phone. Today everyone uses their phone. Someone typing on it will not be a big deal. People type on their phone even when they are driving. Phone wifis usually can’t go into monitor mode. You need special hardware for it. Once again, it is weird and unusual to use a phone with a wifi adapter. So I started thinking on creating a portable single board computer and hide it. Let’s look at what happened.

Let's Start:

Getting a Raspberry Pi or an Orange Pi, setting up Kali and put a portable charger as a PSU is not a big deal. Hiding it well might cause new problems. So here is my basic idea:

-Get a single board computer

-Set up Kali with a wifi adapter

-Put it in a backpack

-SSH in with a Phone

Seems simple, so, let’s do it.

Orange

I chose an Orange Pi –exact model with link– The main reason is, that this is a prototype, and I already have Kali up and running on it. You can use Raspberry Pi as well. I won’t write a step by step on how to install Kali, here are some links if you need it:

KALILINK

Wifi adapters, just find the one that can be used in monitoring/promiscous mode. Totally up to you. I will use the main wifi on Orange Pi to connect to my phone. This way I can ssh in and do everything from my phone. I will use the wifi adapter for hacking.

Thermal

Here we go. The biggest problem. These computers can heat up really quick. If you place it in your backpack then it can go worse. I did a few measurements to check if I can put it in my backpack with a powerbank. First I created a little script that will log the thermal levels every 10 seconds. There are 2 files with the current values. These will be saved to 2 separate files: temp1 and temp2.

#!/bin/bash
while true; do
	cat /sys/devices/virtual/thermal/thermal_zone1/temp >> temp1;
	cat /sys/devices/virtual/thermal/thermal_zone0/temp >> temp2;
	sleep 10;
done

The tests consist of an idle and a password cracking test. I created a hash from a password which is not in rockyou.txt, and run john to crack it. Not the best stress test, but this machine will not do more performance hungry job than this. Creating the hash and running john with logger:

echo -n ASDGqw324qarfhaqzhaewrgf | sha1sum > hash
john hash --wordlist rockyou.txt & logger.sh &

Let’s run logging in Idle on air first. No cooling just left it open in the room. Nothing really interesting happened. The temperature stopped at 53C°. Not too bad. Let’s make it interesting. Running john will bring the temperature up.. but not too much.

Air Temps

This is good maybe fine. But what if you put this in a backpack it burns up. I grabbed my backpack, put the orange pi and let’s run it. Idle was not too interesting. Stopped at 65C°. Let’s run John and see the results.

Backpack Temps

Here is the problem. I had to stop the experiment. 80C° started to get hot. I was afraid that something will catch fire. The backpack is a non-fireproof backpack. Something must be done with this. There are a number of ways to deal with the heat problem. I could cut holes, put in fans. I want something more portable, more crazy. I saw those PCs where they put the whole machine in mineral oil. It works really well because the oil is non conductive, non corrosive. The whole computer becomes a mini submarine. My plan is a little bit different. I got a little food container which can take heat up to 110C°. Mineral oil is not something that is instantly available. So I grabbed some synthetic motor oil. It should be non conductive and non corrosive as well. I don’t know what it can do in the long run, but I was sure that it will work. Let’s make some tests first. I did not want to put the Orange pi directly into the liquid. I made a simple circuit with an arduino nano. All it does is to turn a led light on and off. I soldered them with a resistance and the test could begin.

int led_pin=12;

void setup(){
  pinMode(led_pin,OUTPUT);

}

void loop(){
  digitalWrite(led_pin,HIGH);
  delay(500);
  digitalWrite(led_pin,LOW);
  delay(500);
}

Arduino

After a few hours the led still blinks. It is working so far. I could start the real test.

Liquid

At first the idle results were epic. From current 63C° an instant drop to 42C°, and the best is, it did NOT EXPLODE. I had to cut some holes in the lid of the box for the power cable and the wifi extension cable. Those are sealed up with superglue and hot glue. Just to be sure. I closed the lid and sealed as well. Grab the backpack and can start the measurement. In idle nothing happens. Everything is at 42C°. Let’s crack some password and see the result.

Liquid Temps

Conclusion

Liquid cooling the Orange Pi worked. At least for the few hours I tested it. If you seal it up correctly put it in your backpack, you can have a really well hidden machine on your hand. With 1 wifi adapter connected to your phone you can ssh in and use the other adapter to try to hack the other machines. Noone will suspect someone typing on the phone. On the other hand, I don’t know the long term effect of this oil. It may be damaged the Pi in the long run. Maybe not. It is really hard to clean if you want to take it out. So should you do it? Not really, it can be a mess.. but after all, it was fun.