Beagle Board - beagleboard.org

BeagleBone Black project spotlight:
The Deck

By Tara Stratton

Phil Polstra had a problem. He had a vision for a portable penetration testing (pentesting) and forensics device, but he didn’t have the technology he would need to do it. One fateful day at Maker Faire Detroit, Polstra found himself right next to Jason Kridner, who was showing off the (then) new BeagleBoard-xM. “This was my first introduction to the Beagles. I was very impressed with the xM and thought I might use them in some future project,” said Polstra.

That day, “The Deck” started taking shape.

Polstra began creating a USB forensic device based on BeagleBoard-xM. As he got into his project, he realized that the hardware was very powerful and could handle more than the one simple task he had running on it. He decided to work on creating a full penetrating testing device with the forensic capabilities included. Polstra said, “I became so immersed in developing a penetration testing Linux distribution that I almost forgot to implement the forensics piece!”

The original version of the Deck ran on a BeagleBoard-xM attached to a monitor, keyboard and mouse, or to a touchscreen. Polstra installed a portable version in a Buzz Lightyear lunch box with a wireless presenter keyboard/mouse, USB hub, network switch and wireless adaptor.

1 2

The Deck can be used to replace a desktop or laptop system used by an information security professional conducting a penetration test. The Deck can also be used as a drop box system. Thanks to its small size and low power requirements, a device running The Deck is easily planted and can run for days off battery power. Unlike many other drop box options, The Deck provides every tool a penetration tester could possible want.

The true power of The Deck comes when multiple devices are used in coordination. An army of drones running The Deck can perform coordinated attacks with a command console that is up to a mile away. The drones may also be separated from each other with distances up to a mile. Penetration tests can now be performed poolside at the hotel down the street instead of in the back of a suspicious van in the parking lot.

There is even an aerial drone running The Deck available. The drone can be used as a single attack device, as a router for drones, or as a combination. The aircraft can be flown as an airplane and flown around a target for initial reconnaissance. It is also capable of vertical flight, takeoffs and landings. This capability allows the drone to fly in, land on the roof of a target, hack the target and then fly away.

You may have already heard of “The Deck.” This device has already made the news at 44CON, Black Hat Europe, DEFCON, and GrrCON, where many editors (and even wishful employers!) have taken notice of the project. The Deck has truly taken the industry by storm, inspiring lots of picture-taking, tweeting and texting. Polstra attributes this to the fact that The Deck is flexible as well as a small fraction of the cost of commercial drop boxes. Someone can get started with The Deck running on multiple devices for less than $200, making it attractive to a wide audience of infosec professionals. “Another way to look at it is that I can build an army with more than a dozen devices and an aerial drone for less than the cost of a MacBrook Pro.”

Polstra also says that The Deck is one of the first projects where small computer boards are being pushed to do something more than just blink a couple of LEDs as well as one of the first involving multiple devices coordinated via wireless. “The standard model seems to be one penetration tester sitting at a laptop attacking a network. The ability to deploy multiple devices and remove yourself a comfortable distance from the target really opens up the possibilities of doing penetration tests.”.

The Deck runs on BeagleBoard-xM, BeagleBone, and now, BeagleBone Black, all based on TI Sitara ARM processors. The portable unit uses the 7” touchscreen from BeagleBoardToys.com. For a keyboard and mouse, he uses the Favi wireless presenter keyboard/mouse/laser pointer units, which can be found online for about $25. For wireless pentesting, he uses the Alfa AWUS036H adapters because they are cheap, reliable and compatible. Drone communication is via the 802.15.4 Xbee/Zigbee modules from Digi .

“When BeagleBone Black came out, I was elated. Now I had an even more powerful board with HDMI output at half the price of the original BeagleBone. The total cost for a complete device based on the BBB was actually less than what it would cost to attempt to obtain nearly the same results on similar low-cost boards. The HDMI output was also a big plus as I now had a device that could be used as a drone or a desktop replacement. Getting the same performance from a $45 BeagleBone Black as what I was used to seeing from the $149 BeagleBoard-xM was also pretty sweet,” said Polstra. He also credits the BeagleBoard.org community for offering him support while he was creating his own Linux distribution.

Polstra isn’t done with The Deck yet. At the moment, he is working on a cape for connecting the Xbee radios as well as a pwnage cape that would do Xbee and have a USB hub and network switch. Also on the list of future innovations is a cape for operating the aerial drone. He also would like to use a BeagleBone Black computer to replace the autopilot board in the Quadshot aircraft he is using to build his aerial drone. In a perfect world, he says he would develop more of a true unmanned aerial vehicle. “I would like to use a GPS and set of sensors to allow the drone to automatically fly itself to the target and/or circle it. I would also like to install some sensors that would allow the drone to fly away when someone approaches it.”

No doubt, Phil Polstra will be one maker we will continue to follow. You can check out his blog at Polstra.org for more information or updates about The Deck. You can also follow him (@ppolstra) on Twitter. And, stay tuned for his book called Hacking and Pentesting with Low-Power Devices that is due out next summer!


Last updated by jkridner.wordpress.com on Tue Nov 05 2013 15:48:02 GMT-0000 (UTC).
540