Project Title: Hackerman
Project Team: Me, Myself and I
One Sentence: On-premises vulnerability assessment tools.
Video:
[Note: The entire state of Wisconsin, can’t handle the level of cheese in this video]
Final Poster:
Description of what project does and how it works:
The purpose of the hackerman jacket is to reveal security flaws in the infrastructure of a physical location, it accomplishes this with three tools. The first tool is the RFID theif that uses a basic RFID reader in combination with a micro controller to copy the hash map of a 13.56 Mghz tag and paste it onto a blank card. The second tool is the bash bunny that is made up by a raspberry pi zero w with some push buttons and a DIP switch. This raspberry pi was programmed to be recognized as a keyboard, mouse or some other external device by the victim machine and then I could select one of my payloads on the DIP switch which would then execute on the host machine. The third tool is the Pumpkin Pi which was a retrofitted raspberry pi 3b+ with wifi adapters that was programmed to set up a fake access point, once a victim connects to it I can monitor their internet traffic if it is unencrypted. The hope is that when these tools are used in tandem, one could achieve more in a assessment then on their own.
Overall Feelings Project:
Overall I am disappointed with myself in my en devours with this project. I knew that doing such a hardware focused project would be difficult as I did not have experience in it before, but I did not expect such unreliable performance and extreme difficulty. I had to cut back the versatility of these tools to start with due to my inability to obtain the hardware for greater uses, which already limited the scope of my project. However, the most saddening part was that one of my tools was completely bricked right before the showcase and I had to restart my software work on my pumpkin pi at least 12 times due to me crashing the SD card on it. The fact that I couldn’t get two of three tools reliably working was overall a disappointment for the whole project.
How well did the project meet original project description and goals:
Technically speaking I did set accomplish what I set out to do. All of the tools that I originally wanted to make, were made and did work in a limited function. However, like I have been saying before I did not make these tools better then their commercial counter parts, rather I downgraded all of their versatility and increased their sizes, so this aspect of my original intentions were failed to be realized. In addition to this I intended for my tools to be easily taken in or out of the jacket, but this did not happen due to my difficulties with 3-D printing, my tools ended up being permanently attached to my jacket.
Largest hurdles and how they were overcome:
My biggest hurdles were definitely all my hardware challenges. I did not know how to solder, how to put a circuit together, how to 3-D print, all of these things were brand new to me. To overcome these challenges I spent a lot of time experimenting and training myself in the ways of soldering (purchased my own solder gun and ruined many good circuit boards). For this and the 3-D printing my main method for coping with these hurdles was simply trial and error and to my surprise this kinda worked, I did get all my circuits together, on and working (kinda). Even though that some of these tools broke I still consider these challenges overcome.
If I had more time:
If I had more time I would have acquired more versatile hardware and made my tools accomplish the scope that I set out for. In addition to this if I had more time I would have had more chances to get my holders/inserts for my tools the perfect size (and they would have been finally removable and protected!). In addition to this I wish I had more time to come up with a better demonstration for these tools instead of them just (working). Maybe this could have been a well shot video of all of these tools working in tandem in a real life scenario would have been easy to show.
Material List:
| Part | Price | Quantity | Link |
| wireless network adapter | $28.50 | 1 | https://www.amazon.com/gp/product/B0035OCVO6/ref=ppx_od_dt_b_asin_title_s01?ie=UTF8&psc=1 |
| Ethernet cable | $3 | 1 | https://www.amazon.com/AmazonBasics-RJ45-Cat-6-Ethernet-Patch-Cable-5-Feet-1-5-Meters/dp/B00N2VILDM/?tag=whtnb-20 |
| Raspberry Pi 3 or 3 B+ | $38.10 | 1 | https://www.amazon.com/ELEMENT-Element14-Raspberry-Pi-Motherboard/dp/B07BDR5PDW/?tag=whtnb-20 |
| microSD card | $6.85 | 1 | https://www.amazon.com/SanDisk-microSDHC-Standard-Packaging-SDSQUNC-032G-GN6MA/dp/B010Q57T02/?tag=whtnb-20 |
| power source (Enokay Power Supply for Raspberry Pi 5V 2.5A Micro USB Charger Adapter with On Off Switch) | $8.59 | 1 | https://www.amazon.com/Enokay-Supply-Raspberry-Charger-Adapter/dp/B01MZX466R/?tag=whtnb-20 |
| USB keyboard/mouse interface (Rii Mini Wireless 2.4GHz Keyboard with Mouse Touchpad Remote Control, Black (mini X1)) | $16.99 | 1 | https://www.amazon.com/gp/product/B00I5SW8MC/?tag=whtnb-20 |
| SD card adapter | $7.99 | 1 | https://www.amazon.com/Vanja-standard-Connector-Notebooks-Smartphones/dp/B00W02VHM6/?tag=whtnb-20 |
| Raspberry Pi Zero Wifi | $10.00 | 1 | https://www.adafruit.com/category/933?src=raspberrypi |
| Pi Zero USB Stem | $5.00 | 1 | https://shop.pimoroni.com/products/zero-stem-usb-otg-connector |
| 2 x Tactile Push Button Switch With LED lights | $3.00 | 1 | https://www.aliexpress.com/item/5PCS-1-set-12X12X7-3-Tactile-Push-Button-Switch-Momentary-Tact-LED-5-Color-12X12X7-3mm/32873551440.html?spm=2114.search0104.3.2.3b0241a0ILdgzL&ws_ab_test=searchweb0_0,searchweb201602_5_10065_10130_10068_10890_10547_319_10546_317_10548_10545_10696_453_10084_454_10083_10618_10307_537_536_10902_10059_10884_10887_321_322_10103,searchweb201603_58,ppcSwitch_0&algo_expid=0747bf75-f245-43c5-a0c1-4966ea4078a8-0&algo_pvid=0747bf75-f245-43c5-a0c1-4966ea4078a8&transAbTest=ae803_5 |
| DIP switch with 4 switches | $3.00 | 1 | https://www.aliexpress.com/item/10pcs-lot-Slide-Type-SMT-SMD-Dip-Switch-2-54mm-Pitch-2-Row-4-Pin-2/32956815576.html?spm=2114.search0104.3.3.4c971641sXqPaV&ws_ab_test=searchweb0_0,searchweb201602_5_10065_10130_10068_10890_10547_319_10546_317_10548_10545_10696_453_10084_454_10083_10618_10307_537_536_10902_10059_10884_10887_321_322_10103,searchweb201603_58,ppcSwitch_0&algo_expid=60dfe6ec-dd9e-4db7-93f0-5f94aec30ef4-0&algo_pvid=60dfe6ec-dd9e-4db7-93f0-5f94aec30ef4&transAbTest=ae803_5 |
| 2 x 330R resistors | HAVE | 1 | |
| MFRC522 RFID reader module | $5.49 | 1 | https://www.amazon.com/gp/product/B01CSTW0IA/ref=ppx_od_dt_b_asin_title_s01?ie=UTF8&psc=1 |
| MIFARE 1K RFID card (with changeable UID, 13.56Mhz) | Included | 1 | |
| some RFID card to copy (only 13.56Mhz cards can be read/written by this particular card reader module) | Included | 1 | |
| Tactile Touch Push Button Switch Tact Switches 6 X 6 X 5mm | Included | 1 | |
| LEDs (red, yellow, green) + resistors (1k ohm) | $7.00 | 1 | https://www.amazon.com/gp/product/B01ER728F6/ref=ppx_od_dt_b_asin_title_s02?ie=UTF8&psc=1 |
| 3 AA batteries (1.5V each) | HAVE | 1 | |
| 2 zener diodes (3.7V) or (3.6V) | $8.00 | 1 | https://www.amazon.com/gp/product/B07BTKVRG8/ref=ppx_od_dt_b_asin_title_s01?ie=UTF8&psc=1 |
| switch (3 Terminals ON/ON 2 Positions SPDT Electronic Push Button Sliding Switches) | $5.00 | 1 | https://www.amazon.com/gp/product/B0799R529Z/ref=ppx_od_dt_b_asin_title_s02?ie=UTF8&psc=1 |
| cables, hot glue, tape (30AWG Insulated Silver Plated Single Core Copper PCB 0.25mm Kynar Wrapping Wire) | $5.00 | 1 | https://www.amazon.com/gp/product/B07M7BHKRV/ref=ppx_od_dt_b_asin_title_s01?ie=UTF8&psc=1 |
| Arduino Pro Micro 5V | $20.89 | 1 | https://www.amazon.com/gp/product/B01MTU9GOB/ref=ppx_yo_dt_b_asin_title_o04_s00?ie=UTF8&psc=1 |
| PCB Prototyping Board | $10.00 | 1 | https://www.amazon.com/gp/product/B072Z7Y19F/ref=ppx_od_dt_b_asin_title_s02?ie=UTF8&psc=1 |
| Solder Gun | $67.98 | 1 | https://www.amazon.com/gp/product/B01MDTO6X7/ref=ppx_yo_dt_b_asin_title_o06_s00?ie=UTF8&psc=1 |
| Desoldering Gun and Desoldering Wick | $7.69 | 1 | https://www.amazon.com/gp/product/B07BB8DGMP/ref=ppx_yo_dt_b_asin_title_o07_s00?ie=UTF8&psc=1 |
| Battery Pack For Raspberry Pi 3 B+ | $25.25 | 1 | https://www.amazon.com/gp/product/B07BSG7V3J/ref=ppx_yo_dt_b_asin_title_o02_s00?ie=UTF8&psc=1 |
