recently purchased a Samsung ChromeBook. Not for ChromeOS, but for the fact that Kali Linux – the network pen-test successor to BackTrack – announced a ChromeBook build. I figured I couldn’t go wrong with $250 for a Linux wireless ultra-portable dedicated to network testing. Turns out perhaps I could go wrong.Getting Kali to side-load on the ChromeBook was pretty easy. You need to copy the distro to an SD card (or USB), and put the ChromeBook into developer mode to access the bootloader. The disk image that was developed by Offensive Security is for both SD & USB, so you merely have to activate the partition that is appropriate for your media. Because it runs from the SD/USB – at least until you replace the ChromeOS image – using the Ctrl-U (vs Ctrl-D) key sequence allows you to dual-boot and keep the ChromeOS on the SSD intact.

Best of both worlds? Sort of. ChromeOS has a decided advantage over Kali in that it is designed to easily use the built-in wireless. Kali does not make using the WiFi functions easy at all. The WiFi interface does not appear in ‘ifconfig’, although it is listed in ‘iwconfig’ as ‘mlan0′. It is possible to activate the interface for basic wireless even if not immediately working out-of-box:

The 1st line sets up the WPA supplicant database with the desired WiFi network. The 2nd line uses the wext driver to hook into the mlan0 interface; this supplicant process runs in the background, since it will keep scanning and expiring stale SSIDs. The 3rd line starts the DHCP client to get an IP.

The above is just the basics. If you wanted to do more with wireless – such as connect to WEP networks or maintain an ongoing database of all network SSIDs rather than starting from scratch each time, you would use the “wpa_passphrase” command to append to the conf file, and edit each entry appropriately:

See the WPA supplicant documentation for more info.

If you opt to run the KDE graphical environment, the other thing you’ll discover is that the “Debian Sensible Browser”, which is set as the default, is not installed in this release. To get around this, you’ll need to add the Debian FireFox clone:

But Is It A Keeper?

Having to wext the interface is not all that problematic once you get used to it. The real bad news is that the Murata SS2907002 chipset does not support promiscuous mode, monitoring, or injection. Little benefit for wireless hacking. Without monitor or promiscuous, the ChromeBook has less value as a test tool. I would still need to add an outboard wireless USB device that is supported, and the self-contained advantage just drops a peg. Of course, if sniffing of the hardline eth0 were needed, you’d have to add a USB device anyway. But I don’t like the fact that the WiFi is crippled.

Anyone want to buy** a barely-used ChromeBook?

** BestBuy changed their Returns policy to 15 days in March 2013. Unbeknownst to me at the time. At the 22 day mark, they refused to even give me store credit. Too bad. I guess the $2500 that I was going to spend on large-screen LCD and Sonos PlayBar will have to go to someone else, all in the name of refusing to budge on a $250 laptop…