 So I have here a raspberry pi 4 4 gig model with a little fan on it because these do run a little hot and It's got Kali Linux on this now. Why did I do this? Well after my video I did about X to go working so well on a raspberry pi 4 I was pretty impressed and said you know I wonder how well it runs Kali Linux with X to go and throw one more piece of the pie in here You know a piece of the pie. Haha, okay Zero tier is also loaded on here as well Now what's the use case for this as I like to say the idea was to have a box that I could easily do remote reconnaissance with so if I wanted to be inside of a network or Loan this to a client or drop this off with someone's permission and do some testing inside of the network But not have to deal with firewall settings or if the IP address changes Internally of either the box itself or their external IP address changes on their WAN side have a system that always connects now I've done an in-depth video. I'll leave a link to a zero tier. It is an amazing Open-source SD WAN solution that solves that problem by essentially adding a static network address To the inside of this as in it adds another adapter then no matter what path it has for the internet Even if it switches networks, you always can get back to the zero tier address on there So while this is booting up because it's off right now and it boots up in about 30 seconds and another 30 seconds or so To connect zero tier. We're gonna take a moment to thank a sponsor of the channel so first as you can see it is showing that my kelly pie is offline my laptop is online and Let's talk about it pro TV while we wait for it to boot it pro TV is binge worthy content For it training now This is a sponsor of the channel that we reached out to because we were already using it pro TV for internal training for other LTS technicians here and Relevant to this if you're wondering what kind of training offer. I realized they had pen testing training They have like nine hours just on this particular course of it So if you're looking to get in a pen testing you're like, hey cool You showed me how to load kelly and Linux, but now what well, this is the now What there's an entire course you have on you know pen testing injection Linux privilege privilege Escalation, I don't say that as well as they say it, but they have all kinds of courses Outlining everything from Contia Microsoft Cisco Linux Apple AWS Agile all kinds of content here It's an amazing selection and with our offer codes you get 30% off And you can even start a free seven-day no risk trial So it is a pretty amazing service with a extensive library of things you can learn All right back over here to the content Where do we get this from? Let's start from the very beginning So this is kelly Linux you download this from offensive security and they have a Specific build for the kelly Linux Raspberry Pi 2 3 and 4 like I said we're using Raspberry Pi 4 the latest greatest fastest one out there and Let's go see it should be online now. Oh And it is did all this in real time here, man It does takes no time at all to boot this thing up So I'd say from the time you hit go till it's booted up and connected and connected to zero tier So you can get back into it if it's in another network and in this instance it is It boots up rather quick So let's talk about this also other thing I want to mention this is solidified So no my public IP address isn't exposed, but yes the network ID is exposed That's why this is called the YouTube testing network if you're already from a zero tier You know the two things you need is one Access to this number right here that's generated for each new network You generate in zero tier and then once you do the join you check the authorize button to authorize that device on here So you have half the information you need I would just have to click authorize and you could then connect to my raspberry Pi running kelly Linux as well. So I I do have this special network I set up for so if you try to join it I'll probably deny you and block you if you try to do too many times just throwing it out there Because this happened before when I did the zero-tier video, which is why I create different networks for my YouTube videos All right now let's go through the settings on this first talk about my laptop So this is the zero-tier address 10 dot 147 1751. This is my laptop address 10 147 17 72 how does that work well once you have zero to install and I added and joined my laptop to the network it is this ten one four seven Seventeen seventy-two. This is my laptop my laptop's actual address that it was given when attached to the Wi-Fi was three dot eighteen So let's go over and we're gonna ssh into the zero-tier box Well the kelly Linux Pi whoops running zero-tier. It'll take a second No, we're out to host takes a second to it booted up. It did not completely route. So it sees it online. So let's go ahead and ping it Give it a second see if it shows up. Oh, okay just in time. We've got this one high ping right here Now if we ssh in hey look it worked Zero-tier takes sometimes a couple minutes depending on how long it takes to establish the connection So about 30 seconds maybe a little bit longer from the time I started the device so it was online And this will occur of zero-tier since as an IP address change it will reestablish connections But there is a little bit of time I would say no more than if it's having trouble establishing up to two minutes But generally speaking within one minute. It's connected Now let's look at this this is on here's e-zero. So that's what we have plugged in on here And it is at this over a little bit 172 69 1669 14 and the zero-tier address was 10.147.51 and this is how my laptop is communicating with it via that address So when we looked at where I'm logged in from you can see that my laptop came in from the zero-tier address So we're not establishing a connection through the network and not to mention my laptop is on a separate network And if we were to try to ping my 192 and 683 dot 18 on my laptop, you notice they are blocked I have firewall rules set to segregate these two devices away from each other But they're able to get to each other because of zero-tier and like I said, that's the deployment use case now Everything we did whoops To do this is pretty straightforward. So first we'll start with What we loaded on here. So move this over a little more and App to get install bash completion So from the other than doing the updates apt-get update and upgrade to make sure I had the latest everything on here After I downloaded the install files and imaged it then I installed bash completion I did add that I wanted to mention that because that's something I was surprised Kelly The next it doesn't come with out of the box But bash completion is so when we type things like apt-get install We can type and it'll auto complete options like wire shark wire guard tools, etc We using tab completion next thing apt-get install X to go server And actually tab a couple times. There's a few different options here client server desktop But we install the server on here Just to get it so we have the base that we need so we can connect to it and have a graphical interface Then we use TSK SCL And what this does is makes it really easy so you don't have to grab all the functions But it opens up this so you can choose X FCE now I pointed out before this will work with the LXDE LXQT or Mate desktop perfectly fine And it works horribly with KDE Plasma is just not fast enough for that But this allows you to really quickly go through well as quick as a reservoir I can handle it and as quick as you can download it get that environment set up and running So that was done and I will mention that I did use my dot files I do like my customized command prompt that I've been using for a while. I'll leave a link to that below It's over on my github so that was installed in here And of course we did install to make sure that works. We do have get installed Once you're done. Whoops actually, I did not want that clear type of today Then we have to get zero tier loaded and one thing about zero tier that it does not have an install script That will automatically download and install on Kali Linux So what we had to do was go to download dot zero here dot com Debbie and Buster pool main Z zero tier one zero tier one Okay, I'm not gonna make you remember that I will put a link to that Below where you can get the specific build for the arm raspberry pi Last piece of that is making sure it's enabled on startup So if you do update dash rcd zero tier one enable like I said, I'll leave these in a Notes file down in the description below But this will allow you to Have it run on startup because that's an important thing in case you ever deploy this like you get it all configured in your Office network or your home network in your lab and it works, but then you take it somewhere else Really hold on it's not connecting. What am I doing? It doesn't when you undo the insult It doesn't have it set in startup by default Once you do that you go to zero tier CLI Join and we join the network name Which is right here. Whoops Just do a quick copy You know, of course, I've did this already on my laptop and on this You would zero to join and this is the network that you want to join once you do that It shows up in the list over here down below It's already in here and then you just check this little box that turns it green and authorized and it puts it online So you've added the zero-tier device then you may want to say where did you deploy this at and we'll say LTS office and this is how you could have like a whole bunch of these pies Scattered around at different places and it's probably a great idea to label them So you know which offices are at now. What can we do from here? Well, we have the full power of Kali Linux Right at our fingertips here. So do actually don't need to do because we're running is route up to it install Let's see. I think wave Mon works for Raspberry Pi's. Let's find out. I haven't tested this part yet And we want to scan the Wi-Fi now This is plugged in via hard line and we have this in someone else's network So we want to do something like look at some of the Wi-Fi and why wave Mon's kind of a neat way to do that And you can see it works reasonably fast when it's downloading and installing things So that was done wave Mon And let's do a scan And it there we go We can see the different Wi-Fi networks on here So we can start doing different Wi-Fi testing understanding what networks are on here. What conflicts or maybe And it's nice to have this on the inside of a network That you maybe have at a client's because you're trying to troubleshoot something like let's look at it from a External perspective now the real Benefit and one of the things that we really like with the Raspberry Pi is being able In Kelly Linux is going to be enumerating a network, especially at a new client So if you're prospecting you have to do some testing to figure out what's on their network You may want to scan it that takes a long time now a couple tools Of course Zen map is one of my favorites, which is end map with a UI interface. Well, that's why I threw on X to go with this set up So this is attaching and we're gonna go ahead and just start a new session I have a couple sessions that I already had running on here So it will it will it sees them running there actually some big sessions expired from my rebooted We'll go ahead and Go here and we'll pull up because I already have this installed I just did app get install Zen map which and map is already installed So we'll go over here and it's under internet. It's on map. This is Right here. We're gonna go ahead and kick off an intense scam. We want to just start finding everything It's gonna be a while. So what we're gonna do here is Let it do its thing and you can just close this and then resume it later when you want to see the results Like I said, this is with a big advantage of having like a nice UI on this where we can just go back in here Close it and then go back to it later And even if the IP address changes doesn't matter We're always attaching to the zero tier address so we're gonna go back in here now It should be session 55 because that's the one we that's the top one on there go back into it Reestablish the connections and away we go So it's finding all the devices I have on this 172 network scanning them and then from there I have all the other tools you have vulnerability analysis tools only has n map loaders not a lot loaded by default on this and You know takes a second for the screen refresh in case you're wondering what was happening there Cuz I just changed the resolution, but it's going through and gathering information. We can also do some DNS analysis There's the port scanner It has the harvester already loaded But like I said, this is Cali Linux and there's a whole lot of different tools depending on what your use case is What do you want to start doing application testing versus just what we're doing here is network enumeration to start scan the network? But this is a really handy tool to be able to do this because I didn't require Me to afford any ports or set up any special things on the particular network that this is on and it gets you pivoted right inside there So with no more than a USB C power cord and a network interface that you could attach it to on their network you're in as they like to say and you can start doing all this different testing and Reconnaissance or even just a numerator network like I'm pleased don't plug this to your network You don't have permission to but this is a real handy device that without having a whole lot Put it in a wiring closet stick it in there stick it in the top shell set it on top of their switch even you know I mean you're not talking about a Whole lot of room it'll fit right in the back at the rack to be able to go I'm gonna leave this here come yet come back get it in a couple days But you're inside the network where you can start doing the network enumeration start doing evaluations For what's on their network and then even have a little bit more power to run things Graphically like wire shark to start looking at if you did some p-cap files and gathered some more data Be able to really do some analysis all right there on a box That's in their network that you have access to very easily and not have to worry about like I said any of that tricky setup Of do I have to forward a port what if they're they don't have static IPs assigned and it changes What if the IP address of this change is even no problem zero-tier is soon as they establish this connection to the internet The zero-tier connection read gets us reestablished and you're back in and you can monitor it that way So hopefully it was enlightening is there pretty cool tools out there I have a whole in-depth video on X to go if you want to learn more about that I have a more in-depth video that I'll also leave link to for zero tier Which is a tool that I've used quite a few times to you know solve a solution For clients when you need something to be dynamic and being able to access it or even in my case on my laptop No matter where I take my laptop with a chair at my office or I take it to some coffee shop or McDonald's as long as I can get Wi-Fi I can connect right to zero-tier with no other changes and connect to all the Raspberry Pi's that I may have deployed under that particular account alright and thanks and Thank you for making it to the end of the video if you like this video Please give it a thumbs up if you'd like to see more content from the channel hit the subscribe button and hit the Bell icon if you like YouTube to notify you when new videos come out If you'd like to hire us head over to Lawrence systems calm fill out our contact page And let us know what we can help you with and what projects you'd like us to work together on If you want to carry on the discussion head over to forums that Lawrence systems calm where we can carry on the discussion about this video Other videos or other tech topics in general even suggestions for new videos They're accepted right there on our forums which are free Also if you like to help the channel in other ways head over to our affiliate page We have a lot of great tech offers for you and once again, thanks for watching and see you next time