Recon Pi

ReconPi Github

This weekend I wanted to pick up one of my side projects and in this post I will explain the development process. ReconPi is one of those side projects. The source code is available at https://github.com/x1mdev/ReconPi

Update: The repo has received quite some nice contributions already!

Requirements

  • Raspberry Pi 3 + cables (Power and Ethernet)
  • Keyboard + monitor (optional)
  • SD card, 8 GB minimum (16 GB recommended)
  • Raspbian Stretch Lite
  • Etcher

Starting from the bottom


__________                          __________.__ 
\______   \ ____   ____  ____   ____\______   \__|
 |       _// __ \_/ ___\/  _ \ /    \|     ___/  |
 |    |   \  ___/\  \__(  <_> )   |  \    |   |  |
 |____|_  /\___  >\___  >____/|___|  /____|   |__|
        \/     \/     \/           \/             
                        v0.2.1 - by @x1m_martijn

Initial setup

Download the image from raspberrypi.org or you can grab this direct download link.

After downloading the latest .zip file we need to “flash” this image to the SD card. I would recommend using Etcher to do this, I never had any issue with flashing an image so far and it’s super easy.

Select the downloaded image and insert your SD card or USB storage device. Etcher will automatically detect the card and you can simply continue by clicking on “Flash!”.

etcher app

The easiest way is to use the SD card method because it works straight out of the box. To use the USB mass storage device method check this link.

Attach all the cables to the Raspberry Pi, you can choose to use the SSH method or use a keyboard and monitor. I will be using the SSH method but all of the commands can be used with a monitor and keyboard as well.

SSH is disabled by default on the Raspbian images. To enable this either run sudo raspi-config after attaching the Pi to a screen and keyboard or place a file (without extension) called ssh inside the boot partition of the newly flashed SD card.

Preparing the system

All the physical preparation are done now, time to prepare the system itself!

Find the ip address of the Recon Pi:


# run ifconfig to find your own IP address.

nmap -sP 192.168.2.13/24 | grep reconpigo

I changed the hostname of my Raspberry Pi to ReconPiGO through the raspi-config command, so I can grep it easier (and it looks a bit cooler ;) ). It should be raspberry or something like that by default. Alternatively, you can leave out the piping to grep and manually look for the IP address.

nmap rpi

Login to the RPi with SSH:


ssh [email protected][your.pi.ip.address]

Default username and password for this image: pi:raspberry

To install all the required tools follow the steps below:

Download the install.sh script:


wget https://raw.githubusercontent.com/x1mdev/ReconPi/master/install.sh

Give it the right permission:


chmod +x install.sh

Run the install script:


# Don't forget sudo!
sudo bash install.sh

Grab a cup of coffee, this will take a few minutes.

When the install.sh script is done it will execute a reboot command due to all the changes that have been made.

First run

All tools are now configured and ready to go, you can log back in to run your first scan!


# (if you are not in the ReconPi directory)
cd ReconPi

Run the script:

You can choose to comment out the sudo apt-get upgrade -y command to save time, though I do not recommend this due to the fact that the RPi will be missing security patches/updates.


bash recon.sh example.com

The script will run all the scans and you can just sit back and relax (again :D).

A dashboard will be started when the scan is done and the plan is to send scan results to the dashboard. This way you will be able to monitor your assets from your local network!

This is the initial setup and usage for the ReconPi. Please feel free to send in Pull Requests to contribute on https://github.com/x1mdev/ReconPi

If you like my work you can buy me a coffee :)