[VIDEO] 101 - First Boot and Software Update

[Darren Kitchen]

https://youtu.be/YXPuw3HVJ78

[3mrgnc3]

Great Work Darren and the Team!

Just ordered one of these bad boys in the Hakshop, can wait to get it.

Just hope shipping is speedier now I'm in the UK rather than Germany like I was the last time, when I ordered my MKV and my Ducky.

Had been hoping to make it to Defcon this year to finally say hello to you guys in the flesh. But alas my boss didn't come through with funding the trip...

Well, there's always next year (If I manage to save up myself maybe)

Cheers,

[lester]

Wonderful project. Important question:

Assuming a PC/server already has an IP address assigned to it via DHCP on a cable, isn't there going to be a conflict when the lan turtle is inserted into, for example, the back of a pc's/server's usb port -- does the pc/server still ask for an address even though it is already connected to a network with an established connection?

I believe this conundrum needs to be clarified a bit.

Thank you.

[wardave]

Whats the throughput on the usb and ethernet cable side? I also just ordered one.

[cooper]

Your PC asks for an IP from the Turtle, your Turtle asks for an IP from the network. You can keep your machine on the network and insert the Turtle to play with it, but then you end up with effectively 2 network adapters in your PC that are both connected and with an IP. Only one can be the default route for outgoing traffic which is something you'll have to keep an eye on and adjust if needed, and there's the small chance of your network assigning IPs via DHCP that are within the same block as the Turtle which would further complicate the routing on your machine.

Basically, it can be done it it's just a heck of a lot easier to pull the cable from your network adapter, plug it into the Turtle and then plug your Turtle into your machine.

[cooper]

Whats the throughput on the usb and ethernet cable side? I also just ordered one.

See the bottom of the main Wiki page.

It's 10/100 Ethernet which is good because it's a USB2.0 device meaning 480MB/s throughput on that end so if it was gigabit ethernet you'd be bottlenecked there.

[3mrgnc3]

Wonderful project. Important question:

Assuming a PC/server already has an IP address assigned to it via DHCP on a cable, isn't there going to be a conflict when the lan turtle is inserted into, for example, the back of a pc's/server's usb port -- does the pc/server still ask for an address even though it is already connected to a network with an established connection?

I believe this conundrum needs to be clarified a bit.

Thank you.

This can get complicated in a sophisticated corporate environment where switches/routers have various configuration differences. like certain rj45 sockets being locked to only accept a specific client MAC Address.

However, for your question I have assumed a regular SOHO router environment...

----- Scenario 1 -----

The target network's real dhcp server will issue the Turtle's outward facing ethernet another address from its pool of addresses not currently leased out to a device.

The Turtle's inward facing interface (ie. the usb plug) will issue the PC an ip address via its own dhcp server(one in the 172.16.x.x range by default).

Even if you left the origional ethernet cable connected, and pluged in a second cable from the real network into the Turtle, it will still work fine.

The PC will effectively have two functional independant network interfaces.

---- Scenario 2 ----

Same as above except you use the cat5 (or cat6) ethernet cable already in the pc...

A new ip will be issued to the Turtle's outward facing ethernet interface because it has a differen MAC Address.

---- Scenario 3 ----

If in the last case you knew the target PC's MAC and IP Address, you could spoof/statically assign these to the Turtle prior to deployment and it would also work fine as as the pc will automatically update its route to the internet and use the current connected interface (ie. the Turtle's USB end)

Hope this help answer your question.

Cheers,

3mrgnc3

Edited July 28, 2015 by 3mrgnc3

[Rkiver]

Just hope shipping is speedier now I'm in the UK rather than Germany like I was the last time, when I ordered my MKV and my Ducky.

You do know there's a European based reseller now, right?

[whitenoise]

Isn't it possible to just 'clone' the IP that is provided by the router over to the DHCP of the USB ethernet interface? Physically there are two connectors apart from each other .. let's say eth0 and eth1. Also some auto-mac-spoofing would be nice just to make it less suspicious. At least in a setup where the Turtle is a hidden object. If it is clear to any user that the Turtle is laying around there and is in fact an ethernet adapter it might be suspicious for experienced users to see 'oh wait, the adapter is from the same company as my router?' :D, anyway, by spoofing the MAC adress of the laptop one could trick mac filtering in the router ;)

I like the idea of the project. Just for all the python programmers out there, you can do a lot of stuff here with NFQUEUE. A tool like URLSnarf is just a few lines of code in python/scapy. Even tools like Driftnet should run easily. A bit more complicated to program would be a script that actually replaces content of websites. In this case you have to collect all packets from a webserver after a GET request first, (maybe decompress the packets with zlib), merge all the code, replace what you want to replace, then create a temporary webserver (i.e. with simple HTTP server from python) and DNS spoof the original request to that page, there you go.

Just some thoughts ;)

[barry99705]

This can get complicated in a sophisticated corporate environment where switches/routers have various configuration differences. like certain rj45 sockets being locked to only accept a specific client MAC Address.

So far the only time I've come across this is when some asshat read it in a book once, set it up, then gets fired sometime later, without documenting the damn switch password. Usually this happened years ago and they can't get ahold of the dude and we have to start all over resetting up vlans and whatnot.

[raz0r]

Just placed an order cant wait

[tsa]

Great project. I like where this is headed. Speaking about the future, the biggest issue that would actually prevent me from using this in the field would be the lack of "out of band" management. Any thoughts about adding a 4G radio?

[3mrgnc3]

You do know there's a European based reseller now, right?

Aww, man.

I completely forgot...

ah well.

... p.s.

just had a look and you're out of stock until August anyhow...

I will remember for next time though.

Cheers.

Edited July 28, 2015 by 3mrgnc3

[Akumuryu]

Nice vid but i have an issue regarding the update, I keep getting LAN Turtle is currently offline. I do though have network connection and can go out to the internet. I also have tried the Manual way using Kali, using scp it seems like the .bin file transfers but i am not able to see the bin file once in the turtle ? i've tried to copy it to different directories without any success.

regards,