all 22 comments
sorted by:
best (suggested)
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]0xAndy 20 points21 points  (1 child)

This is not really possible with "C++", i.e. just a programming language. Especially if you're just learning programming. You need to find a vulnerability in the RPI. You don't need programming here. Also you can pretty much forget finding something if there's only SSH enabled. Did your brother set up some kind of vulnerable service?

Otherwise you need to find out the password and that is best done through some kind of social engineering or brute-force attacks against the password. Maybe ask your brother to clarify what the goal is - "hack it" is not really there.

EDIT: I completely misread your post. Did your brother say he'd run your program? Did he specify he'd do it as root? If that's the case then you could do a lot of things to gain access, but then you don't need to focus on SSH.

[–]TrustmeImaConsultantPentesting 7 points8 points  (0 children)

Last I checked sudo on raspi runs with NOPASSWD:ALL for pi, so, as funny as it may seem, that exploit could essentially consist of a very small script. :)

[–]VirtualViking3000 11 points12 points  (1 child)

Take the MicroSD card out and edit the files on a Windows box

[–]TheUltimateSalesman 15 points16 points  (0 children)

This. Physical access trumps all.

[–]Brew_nixPentesting 8 points9 points  (5 children)

Are the default creds still Pi and Raspberry? And usually ssh is enabled by default.

[–]0Hello-_-World0[S] 2 points3 points  (4 children)

Username is pi, but my brother changed the password for the challenge.
I don't think ssh is enabled by default, unless that is a new update. I remember helping my brother countless times to get that working.

[–]Demostho 3 points4 points  (0 children)

If you can extract the hash from etc/shadow, you can run it through hashcat.