We have covered quite a bit of ground in this book. Work on The Deck and hacking with the Beagles is ongoing, however. Several extensions and new capes are in the works. A number of ports of The Deck to other platforms are in progress. Even lower-power devices based on microcontrollers can be utilized in penetration tests in addition to using the Beagles. This book might be finished, but hopefully, your adventure into a new way of penetration testing is just beginning.
As new hacking tools emerge, they are being added to The Deck where appropriate. More powerful and efficient versions of standard hacking tools have also been known to come out from time to time. As a result, The Deck is constantly being updated.
While we have discussed ways of using the Beagles in this book, we have not come close to exploiting all the functionality of these incredible devices. In particular, the ability to use the BeagleBone as a USB device has not been addressed. The BeagleBone can be used to emulate a number of USB devices such as a human interface device (HID) and/or mass storage device.
By emulating a USB HID, the BeagleBone can become a pocket-sized hacker that can type even faster than in the movies. Other researchers have done work on USB HIDs based on the Teensy Arduino-compatible microcontroller boards. The BeagleBone is considerably more powerful than the Teensy (which has an 8-bit processor operating at a pedestrian 16 MHz).
If the BeagleBone presents itself as a USB mass storage device, it can be used to extract data from a target machine. In cases where only certain devices may be mounted, the BeagleBone can emulate an authorized device. This is similar to what I have done with the USB impersonator, which was presented at DEFCON 20 (https://defcon.org/html/links/dc-archives/dc-20-archive.html or https://www.youtube.com/watch?v=qBCelkEs8bc). Unlike what I presented at DEFCON, a BeagleBone-based device is capable of being operated at high speed and can use a microSD card as a storage medium.
The BeagleBone can also be used to hack various hardware devices. The BeagleBone talks all the industry standard protocols such as Inter-Integrated Circuit (I2C) and Serial Peripheral Interface (SPI). It also has general-purpose input/output (GPIO) lines that can be used to automatically push buttons and throw switches at a rapid rate. What you can do with all this power is only limited by your imagination.
A few capes for attaching XBee radios and controlling aerial drones have been discussed in this book. Many other useful capes could also be developed. If you find yourself planting a lot of wired dropboxes, adding a network switch and USB hub or power circuit to the XBee cape might make sense. A wireless hacking cape would replace the network switch with an appropriate wireless adapter. Rechargeable batteries are another cape option.
Because it is based on Ubuntu, The Deck can be ported somewhat easily to other platforms. This is especially true when it comes to other ARM-based platforms. The Deck was successfully ported to run on the pcDuino 2. The pcDuino uses the same Cortex A8 found on the Beagles. It also features built-in wireless. Unfortunately, the wireless adapter on the pcDuino does not support packet injection and other things that would make it useful for attacking wireless.
Lars Cohenour, a student at Oklahoma State University Institute of Technology, has done some work on running The Deck on multiple BeagleBone Blacks in an OWASP Hive. More information on the OWASP Hive project can be found at https://www.owasp.org/index.php/OWASP_Hive_Project.
Mohesh Mohan has done some work on porting The Deck to small ARM-based computers intended to be used as television top boxes. The widely available MK808 is one such device. Some of his biggest challenges in porting The Deck to this platform are related to the old Linux kernels provided by the device manufacturers. The MK808 might be a good choice for something such as a command console back at the hotel as it is easily hooked up to a television. More details on Mohesh's efforts can be found at http://h4hacks.com.
I have been contacted by several people wishing to port The Deck to other platforms. This includes several people who seem intent on porting to the Raspberry Pi. For reasons mentioned early in this book, I do not recommend the Pi for penetration tests. Spending more for a less powerful, less compatible, and less reliable device seems like a bad idea to me. The techniques presented in this book could be used if you insist on jumping on the Pi bandwagon.
As was previously mentioned, my initial venture into developing penetration testing hardware and operating systems for the Beagles was an extension of some USB forensics work to devices that support high-speed USB. While the BeagleBone Black is an extremely efficient and powerful computer that can be run from batteries, it is extremely power hungry when compared to a microcontroller-based board.
The ATMega328P microcontroller found in some versions of the Arduino is a commonly used chip. The ATMega328P requires only 0.2 mA of current at 1.8 V (0.36 W) when operating at 1 MHz. In power save mode, this chip consumes only 0.75 μA (0.00075 mA) of current. By sleeping between tasks, a microcontroller-based device can operate for months or even years on a set of batteries.
The BeagleBone is overkill for what many people are doing with it. If you need to push data, flip switches, push buttons, read sensors, run motors, or interface with other hardware, but don't need to do any serious computations, a microcontroller can be a great solution. A set of microcontroller-based devices could easily be used in a penetration test to feed information to Beagles for further processing.
FTDI (http://ftdichip.com) is a well-known manufacturer of USB-related chips. In recent years, FTDI has begun to make microcontrollers that are capable of being used as USB hosts and slaves. I have developed several devices based on their Vinculum II microcontroller including a USB mass storage device forensic duplicator (https://www.youtube.com/watch?v=CIVGzG0W-DM), USB write blocker (https://www.blackhat.com/html/bh-eu-12/bh-eu-12-archives.html), and USB impersonator (https://defcon.org/html/links/dc-archives/dc-20-archive.html#Polstra). One limitation of the Vinculum II is that it does not support high-speed USB. As of this writing, FTDI has just announced a new microcontroller, the FT900, that supports high-speed USB (http://www.ftdichip.com/Corporate/Press/FT900%20Press%20Release.pdf). Be on the lookout for a possible sequel to this book on incorporating microcontrollers into your penetration tests.
This book represents several years of research and experimentation. It has introduced you to a new way of performing penetration tests. My hope is that it has also stimulated your imagination and will encourage you to do your own experimentation with new techniques and devices of your own design.