Google Ads

How to prevent Raspberry Pi SD card cloning

A simple script to prevent Raspberry Pi micro SD card cloning. It uses the CPU serial number as the unique ID for authentication. Use this script during boot up to check if the Raspberry Pi CPU serial number matches with the number hardcoded in the script. If the number does not match, then it will shut down Raspberry Pi.



----------------------script start-------------------
#!/bin/bash

cpuserial=`cat /proc/cpuinfo | grep Serial | cut -d ' ' -f 2`
match=0
listofcpuserial=("000000004d754df1" "000000004d754df2" "000000004d754df3")

for i in "${listofcpuserial[@]}"
do
  if [ $i = $cpuserial ]
  then
    match=1
  fi
done

if [ $match = 1 ]
then
  echo "Sound Card State Restored"
else
  echo "Sound Card State Not Restored"
  sudo halt -p
fi
-----------------script end----------------------

This script is just one part of the whole SD card cloning prevention. Next, you will need to compile this script into binary. By compiling this script into a binary program file, the file cannot be read by just using a text editor. To compile it into a binary program file;

shc -f ./script.sh

Note: you need to install shc first into your Raspberry Pi. Run this command:
sudo apt-get install shc

After compiling the script, name the binary program file into something less suspecting.

After renaming, move the program to /lib/bin or /bin or any other locations that usually programs are located. The idea is to hide it there and blend it with the other programs.

The final step is to start the program during startup. There are many ways to start the program during startup. Refer to this link to choose your poison:
https://www.dexterindustries.com/howto/run-a-program-on-your-raspberry-pi-at-startup

My recommendation is to hide your startup command within any existing startup script that the Raspberry Pi would have. This way it makes it hard to find it.

Don't forget to delete any script left in the system. You don't want the source to be discovered.


Comments

  1. is not running. im getting syntax error: invalid syntax on line 3
    cpuserial=`cat /proc/cpuinfo | grep Serial | cut -d ' ' -f 2`
    ^
    i changed the serial with my procesor serial

    ReplyDelete
  2. Hi thanks. please clarify the below,

    1. In 3rd line, listofcpuserial=("000000004d754df1" "000000004d754df2" "000000004d754df3")

    Should i use the same number or my rpi serial number. When i use cat /proc/cpuinfo |grep Serial|cut -d' ' -f2, I receive only one serial number.

    2. once compiled, the folder has extra 2 files. sript.sh.x and script.sh.x.c. In sudo nano /etc/rc.local file, what to add before exit 0. Please clarify.


    ReplyDelete
  3. Hi thanks. please clarify the below,

    1. In 3rd line, listofcpuserial=("000000004d754df1" "000000004d754df2" "000000004d754df3")

    Should i use the same number or my rpi serial number. When i use cat /proc/cpuinfo |grep Serial|cut -d' ' -f2, I receive only one serial number.

    2. once compiled, the folder has extra 2 files. sript.sh.x and script.sh.x.c. In sudo nano /etc/rc.local file, what to add before exit 0. Please clarify.


    ReplyDelete
  4. 1. Should I modify the below serial number
    listofcpuserial=("000000004d754df1" "000000004d754df2" "000000004d754df3"). on checking the cpuserial=`cat /proc/cpuinfo | grep Serial | cut -d ' ' -f 2`, only one serial number is listing.

    2. During compiling the file, it generates 2 extra files. In sudo nano /etc/rc.local, before exit 0, what should I add?

    ReplyDelete

Post a Comment

Thank you for visiting Almost a Technocrat. Due to many spam comments, your comment will be moderated.

Popular posts from this blog

A Better SKMEI 1358 Instructions Manual

A Better SKMEI 1418 / 1427 Instructions Manual

How to force stop or cancel Android download manager downloading process

SKMEI 1358 Review