Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

WarBerry Pi, a Tactical Exploitation device

If you need to test your environment in a short period of time the WarBerry Pi is the right device to gather information on the target network. WarBerry Pi is a device that could be used by pen testers to collect as much information as possible in a short period of time, without being noticed. In order […]

WarBerry Pi, a Tactical Exploitation device

If you need to test your environment in a short period of time the WarBerry Pi is the right device to gather information on the target network.

WarBerry Pi is a device that could be used by pen testers to collect as much information as possible in a short period of time, without being noticed. In order to use it, a security expert just needs to plug it in a network port.

The WarBerry Pi was designed only for academic purposes, but obviously, someone could think to use it to gather authorization from a network, for this reason, the author SecGroundZero bears no responsibility for any abuse.

“The WarBerry was built with one goal in mind; to be used in red teaming engagement where we want to obtain as much information as possible in a short period of time with being as stealth as possible. Just find a network port and plug it in.” states the description of the project published on GitHug. “The scripts have been designed in a way that the approach is targeted to avoid noise in the network that could lead to detection and to be as efficient as possible. The WarBerry script is a collection of scanning tools put together to provide that functionality.”

Warberry Pi device

Source – HelpNet Security

How does it works, once connected the WarBerry Pi to the target network, it has the capability to remain silent and collect information on the internal traffic by collecting IPs, MAC addresses and hostnames.

Such kind of devices is very insidious, they could represent a serious threat to any environment, once deployed they could be used by attackers to remote exfiltrate information. In the past, we have seen how to hide a Raspberry Pi in an ordinary laptop power brick, an object very common in any office and realizing in this way a physical backdoor into the network.

The project WarBerry Pi was published on Github provided instruction on its usage, once installed in the network an attacker can access it through SSH and check the data collected by the device that is stored in a specific folder dubbed “Results”.

The device highlights the importance of the physical security in any environment, the WarBerry Pi was designed to train blue teams to monitor for a possible intrusion in the network and block it.

SecGroundZero plans to release similar projects to train internal team against Wi-Fi and Bluetooth attacks.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – WarBerry Pi, hacking)