We’re taking a break from the “Hacker-Tool Hump Day” posts to cover some of the gear being used in the Security Lab. There aren’t too many physical pieces, since a hypervisor for virtual machines is involved, but there are a few.
Today, we’ll take a look at the BeagleBone Black. Many people are familiar with the single board computers (SBC) that have sprung up over the last few years. The Raspberry Pi series had much to do with this, and we will definitely cover it, but I wanted to cover one of the underdogs, first.
The BeagleBone Black is currently at revision “C,” and this is the version I own. The great thing about the BeagleBone Black is that it includes an eMMC chip for on board memory storage, and this is where the built in OS lives. Revision “C” comes with a 4GB eMMC, and is pre-installed with Debian Wheezy. Plugging the board into a USB port on your computer using a USB-mini cable will both power the board and provide a USB ethernet connection to the board. The new virtual interface should get the IP address 192.168.7.1, and the board’s IP should be 192.168.7.2 so that you can log into it. The root account has an empty password by default.
This board includes a power jack for an external power brick so that power hungry accessories won’t draw too much load. It offers a single standard USB port for USB host support, a micro HDMI port for external display. A microSD slot allows for installation of other operating systems without overwriting the eMMC OS, which makes it somewhat versatile. OpenBSD can be installed on this device, which is one of the reasons I wanted to pick this up, but it is still a somewhat new port, so some functionality may be limited. The JTAG port works well to get a serial console into the system, as well. There is also a standard RJ45 jack for a 10/100 ethernet connection.
The processor is a 1GHz, 2000 MIPS Sitara from Texas Instruments. It has more than enough umph for the light workloads we’ll be using in the Lab.
Expansion boards that utilize the GPIO pins are called “capes” in the Beagle Board community. I link to one of these at the bottom of this article. There are other boards offered, and some of them are a lot more powerful and a lot more expensive. The BeagleBoard X15 was just recently released, for example, and costs around $230 to $250, but it has on board gigabit ethernet plus quite a few other peripheral options. I might drop some coin on one for the lab later, especially if OpenBSD brings it into the fold of supported hardware. Until then, the BeagleBone Black is more than sufficient for the kind of testing we’ll be doing.
If you are looking to get into, or try to expand your knowledge of penetration testing techniques, there is also an excellent book on using a handful of these boards specifically for that purpose. Dr. Phil Polstra
Here’s the run down on the bare essentials for this board, and where to get them. Don’t worry, guys. While I definitely would include an affiliate link to help fund this project, Amazon won’t allow Arkansas residents to participate in their A-Store program, so all links are non-affiliate, (even the non-Amazon ones.)
The Board This contains the board, a case, a power supply, and a USB cable for use with the miniUSB client port near the RJ45 jack.
GearMo USB to 3.3v TTL Header like FTDI TTL-232R-3V3 Note that this cable is a 3.3V cable. The Raspberry PI uses a 5V cable. Be careful that you use the correct cable with the correct device if you mix and match like I did.
Samsung EVO 32GB Class 10 Micro SDHC Card These came on sale for ridiculously low prices a few times, so we got them in sets of three or more. Class 10 cards are highly recommended for use with these small Single Board Computing devices. While not necessary with the BeagleBone, it is nice to have options (like OpenBSD) as well as some external storage.
Hacking and Penetration Testing with Low Power Devices The book by Dr Phil Polstra.
Book and Cape bundle I hit up Dr Phil about this a little late, so I’m not sure if this is still valid or not. You might want to contact him on Twitter to verify before pulling the trigger on this, but I included it in case it still works.
EDIT: I got a response from Dr Phil after this post went live.
Sorry, I just got this message. Yes, I do still sell the kits. I have been selling the kits separate from the book mostly because Syngress won’t offer any discounts on my own book unless I buy 50 at a time so people are better off with Amazon etc. Part of the reason I now publish with Pentester Academy.