What does Raspwn do? Raspwn emulates a vulnerable Linux web server. To use it just boot Raspwn then connect to RasPwn OS via WiFi.from your favorite pen-testing set-up. (We like Kali, ParrotS, BlackArch and Pentoo)

Install

You Will Need:

• A Raspberry Pi 3b (or a Pi 2b with hostapd compatible Wifi adapter)
• A 4GB or larger Micro-SD card (Class 10 recommended)
• A 5V Micro-USB power supply for the Raspberry Pi
• A computer to flash the SD card (and to pen-test from)

First you must download the latest RasPwn image and extract it. (7z or zip file available)

• Download as ZIP Archive
• Download as 7Z Archive

The SHA1 hash of the Raspwn 0.12g image is – c430f184747b915af1954666a17cfcab1de8b29d

Install is the same as any other image for the Raspberry Pi but the image is only compatible with the Pi 2b and 3b.

• Windows – Use Win32DiskImager to flash the SD card.
• MacOS – Use Apple Pi Baker to flash with.
• Linux – Use dd to flash the SD card.

On first boot the image will automatically expand to fill the available space on the SD card and reboot.* (ignore any SQL socket error during resize) Once the resize is complete the RasPwn OS image is ready to pentest!

Once RasPwn is installed you can start pentesting it.

Pentesting

SSID - RasPwn OS
Password - In53cur3!

Once you have connected you can explore the 192.168.99.0/24 subnet and the *.playground.raspwn.org domain. The Raspwn Web Playground can be found at http://playground.raspwn.org (192.168.99.13)

Network services running in Raspwn OS include –

• Bind – DNS Server
• Postfix – Mail Transfer Agent
• Dovecot – Mail Client Server
• Samba – Windows File Sharing Server
• Apache2 – Web Server
• Nginx – Web Server
• MySQL Server – Database Server
• OpenSSH – SSH server

Playground Web Applications

Intentionally Vulnerable Web Applications-

• OWASP Bricks – https://www.owasp.org/index.php/OWASP_Bricks
• Damn Vulnerable Web Application (DVWA) – http://www.dvwa.co.uk/
• OWASP Hackademic – https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project
• OWASP Mutillidae II – https://sourceforge.net/projects/mutillidae/
• Peruggia – https://sourceforge.net/projects/peruggia/
• WackoPicko – https://github.com/adamdoupe/WackoPicko
• WebGoat – https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project

Out-Of-Date Web Applications

• Concrete 5.6.3.4 – https://www.concrete5.org/
• Drupal 6.34 – https://www.drupal.org/
• Drupal 7.34 – https://www.drupal.org/
• Joomla 2.5.28 – https://www.joomla.org/
• Joomla 3.4.0 – https://www.joomla.org/
• osCommerce 2.3 – https://www.oscommerce.com/
• phpBB 3.0.13 – https://www.phpbb.com/
• WordPress 3.8.1 – https://wordpress.com
• WordPress 4.1 – https://wordpress.com
• Zen-Cart 1.5.4 – https://www.zen-cart.com/
• PhpMyAdmin 3.4.11 – https://www.phpmyadmin.net/
• Samba SWAT 3.6.6 – https://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/SWAT.html
• Roundcube 0.7.2 – https://roundcube.net/

The admin account for web applications is –

user - admin <admin@playground.raspwn.org>
password - Pa55w0rd!

The Web applications exist in their own little Universe. Each gets it’s DNS from Raspwn and all mail outgoing to the *@playground.raspwn.org is delivered to the local mail server at mail.playground.raspwn.org and can be retrieved via IMAP or viewed from a browser via Roundcube in the Playground. Everything from DNS to MTA to MySQL to Apache2 is already set up.

Two email accounts have been set up with the credentials –

IMAP/SMTP Server - <mail.playground.raspwn.org>

user 1 - <admin@playground.raspwn.org>
password - Pa55w0rd!

user 2 - <mrbill@playground.raspwn.org>
password - OhNoMrBill!

If you wish to customize RasPwn or play Red vs. Blue, you can logon locally or via SSH. The default credentials are:

user - pi
password - pwnme!

RasPwn images are put together from snapshots of Debian Linux. By Default the system is headless. However, xorg can be installed via apt-get (in fact any package from the Debian snapshot repo can be installed.) Just connect eth0 to the internet (from behind a firewall of course) and do sudo apt-get installdesired-package .

NOTE – It is possible to connect eth0 to the internet and use RasPwn as a (possibly the world’s most insecure) wireless router however – IF YOU DO SO PLEASE DO SO FROM BEHIND NAT AND A FIREWALL! DO NOT EXPOSE ANY RASPWN INTERFACES DIRECTLY TO THE INTERNET OR FORWARD INTERNET TRAFFIC TO RASPWN IN ANY WAY!!!