A Raspberry Pi (https://www.raspberrypi.org/) is a low cost, high performance, single board computer that can be used as a covert "dropbox" for penetration testing and because of the risk associated for misuse with this hardware device many organizations may prohibit it.

The following custom script may be used to to identify Raspberry Pi devices on local network subnet.

Steps for use:

  1. Login to Pwn Pulse, select Scripts from the main drop-down menu.
  2. Select Add a script, provide an indicative name, for example Custom - Detect Raspberry Pi and select Bash.
  3. In the scripting window, type the following lines and click the Save button.

    #!/bin/bash
    date
    nmap -sP {{target_range}} | awk '/^Nmap/{ip=$NF}/B8:27:EB/{print ip}'
  4. Next, select Tasks from the main drop-down menu, then select Add a task.
  5. On the New Task page, provide an indicative name for the task, for example Scan for Raspberry Pi, select the newly created script from the Script drop-down menu.
  6. For the Add to parameter, choose to run the task specific to a single sensor selected from the drop-down menu, or to a group of sensors.
  7. Next, specify the local network subnet as the target range, select a Start Time and choose a Frequency how often the task should be run (***).  Afterward, click the Save button.
  8. After the task has completed and assuming the targets were accessible at the time the task was run, the results of the task may be viewed by returning to the Tasks page, then selecting the Results button.