Jump to content

[GUIDE] Manually updating the LAN Turtle


Darren Kitchen

Recommended Posts

I write this guide while at DEF CON realizing that many people are going to want to update to the latest version of LAN Turtle and may not readily have access to an Ethernet connection to provide the LAN Turtle with an Internet connection. So rather than using the "over the air" upgrade method of going to Config -> Check for Updates, please follow these steps:

1. Download the latest UPDATE file from https://downloads.lanturtle.com/

2. Verify that the MD5 checksums match

3. Manually SCP the file to the LAN Turtle in /tmp (ex: scp turtle-2.bin root@172.16.84.1:/tmp/)

4. From the LAN Turtle, exit shell to the bash prompt and issue: sysupgrade -n /tmp/turtle-2.bin

5. Wait about 5 minutes for the LAN Turtle to flash the firmware and reboot

When you SSH back in keep in mind the password resets back to the default "sh3llz" (and is required to be changed)

Link to comment
Share on other sites

  • 4 months later...

Hi Darren,

I was able to ssh into the LAN Turtle but even with an Internet connection, I was getting an error:

-> The LAN Turtle is currently offline. Please check your internet connection.
So I then tried the manual upgrade:

root@turtle:~# sysupgrade -n /tmp/turtle-2.bin

killall: watchdog: no process killed
Sending TERM to remaining processes ... ubusd askfirst logd netifd odhcpd atd hts ptunnel S95done sh dnsmasq
Sending KILL to remaining processes ... S96led
Switching to ramdisk...
Performing system upgrade...
Unlocking firmware ...
Writing from <stdin> to firmware ...
Upgrade completed
Rebooting system...
But now I'm unable to ssh into 172.16.84.1 using root like before.
$ ssh -l root 172.168.84.1
ssh: connect to host 172.168.84.1 port 22: Operation timed out

Any ideas on how to get back into the Turtle interface?

Thanks.

Link to comment
Share on other sites

  • 9 months later...

I just got my lan turtle in the mail and immediately am having the same problem as demarti..  when i ssh-ed into the turtle the first time i immediately went to the config menu and checked for upgrade.. i know its online.. my laptop has internet on the same network and the router that the lan turtle is plugged into sees the turtle as connected.. but i too get the following error:

-> The LAN Turtle is currently offline. Please check your internet connection.

I followed the manual upgrade above, and still same problem. Thinking, maybe it just means i don't need and upgrade and is a bad message.

I went to module manager and i was able to download QuickCreds, but again when i go to QuickCreds configure, i get the damn offline message..

I am so so so sad.. please help Mr Kitchen!  i buy lots of stuff from you..

@Darren Kitchen

oh.. and i am guessing its not offline, as the laptop im using is only connected to the internet via the turtle and im writing this from that connection now.. also, if it was offline why would i have been able to download Quick/cred'

 

Link to comment
Share on other sites

i like an idiot have an xfinity router, had to set the firewall settings to LOW and then i could update.. i guess the offline message is because these scripts use a "ping" to test update and pings were being blocked by my firewall settings

 

Link to comment
Share on other sites

3 minutes ago, Onus said:

i like an idiot have an xfinity router, had to set the firewall settings to LOW and then i could update.. i guess the offline message is because these scripts use a "ping" to test update and pings were being blocked by my firewall settings

 

That would do it :)

Link to comment
Share on other sites

  • 2 weeks later...
  • 5 months later...

"The Lan Turtle is currently offline. Please check your internet connection"

So I followed all the recommendacities, no joy. I enabled and configured ICS for HTTPS and HTTP. I now have connectivity on a shared internet connection with my Winblows7 pc. I made a short slide show that shows both the current state of my network and the the lights on the turtle. I have connectivity. I can ping the LT ONCE and it pukes. I still cannot download modules.

Link to comment
Share on other sites

  • 7 months later...
  • 1 year later...

I've done a factory reset twice (once through the web page (192.168.1.1), and once using the manual method.  Both times the turtle comes back, lets me log in via ssh.  Password reset works fine and when I plug in the network cable it gets assigned an IP. But no Internet connection and while it has a lan IP it can't ping the router.  when I show route table on the Turtle is shows the 172.16.84.x routes but no others and the amber light continually blinks 3x pause then 3x over and over.  ("I've checked the cable using another system and IP is assigned and Internet works).  Any suggestions?

 

Thanks

Link to comment
Share on other sites

1 hour ago, graythang said:

once through the web page (192.168.1.1

When you did a factory reset through the web page, did you flash the factory version of the firmware?

https://downloads.hak5.org/api/devices/lanturtle/firmwares/recovery

Also, its worth checking the "change wan settings" then "show" and use downarrow to see what wan is setup to do. Maybe you selected static when you need DHCP? Or DHCP when you need static. You can also check the /etc/config/network via ssh.

Does the turtle itself have internet? you can check by trying to update or running ping from the terminal.

Link to comment
Share on other sites

Downloaded turtle-5.bin

performed reset using the above (both using the turtle web page at 192.168.1.1 again SCP the file over to turtle)  Also note had to switch my mac's connection over to my other AP to avoid IP conflicts.

Switched back to org AP after updates

On both occasions I was watching the USB 10/100 in settings- both times connection dropped and the restarted and the amber light on turtle did its 3x blink pause, 3x, pause ..... repeatedly

Checking at this point:

Turtle connected to iMac va USB and I ssh to root@172.16.84.1

Turtle DHCP obtained 192.168.1.11 from local lan

Exited to CLI on Turtle (route on turtle only shows entry for 172.16.84. subnet)

       ping to 8.8.8.8 - states packets sent zero received

       ping to 192.168.1.1 - states packet sent zero received 

 

Link to comment
Share on other sites

1 hour ago, graythang said:

Downloaded turtle-5.bin

As its not 100% clear, I will ask again - did you use the link I gave you and download turtle-5-factory.bin? It's a firmware version specifically for uploading to the uboot recovery @ 192.168.1.1 web page. As in following these instructions https://docs.hak5.org/hc/en-us/articles/360010471134-Factory-Reset the other turtle-5.bin file is for upgrade only, if required. As the latest factory firmware is already V5 there currently is no need to upgrade after a factory flash - but may be in the future.

 

 

Link to comment
Share on other sites

First and foremost, thank you for responding 🙂.

a for your question, sorry but I didn't pickup on what you were asking before.

But yes I did use the one from the link you sent and just to be sure I did it again after reading your last post.  Here is the output of a few diags (to try and give you or anyone wishing to help, as much info as possible - I attached the output from "dmesg" on the Turtle as well)

 

Steps: checked Internet connectivity using the lan cable I'm using for the Turtle to verify computer had connectivity.  

Then I did the firmware load using the reset button and 192.168.1.1 web site uploading with same outcome.

I then did an SCP transfer, checked the MD5s (see below), and used the manual "sysupgrade -n /tmp/turtle-5-factory.bin" to re-flash firmware.

In both cases after the reboot Turtle's amber light still shows the "3x blink, pause, 3x blink" sequence over and over and while it receives an IP from the router, it has no connectivity (can't even ping the router). I made no changes to route tabes etc. assuming the Turtle would handle any needed config changes.

OH, and one last... I tried pinging the Turtles 192.168.1.3 IP that it was assigned from another computer on the LAN and got replies to the ping... so really scratching my head.

Is there anything special that is needed when using w/o a 3g sim?  My assumption is that it will work as a non 3g Lanturtle if no Sim is installed.

 

DIAG DATA: (copy pasted from terminal to rule out typos, hence the white on black text)

*******************MD5 COMPARE *********************

myComp:Downloads JustMe$ md5 turtle-5-factory.bin

MD5 (turtle-5-factory.bin) = 0cfaed187f44d91b55bed18b19d0a7ee

Enter "turtle" to return to the Turtle Shell

myComp:Downloads >$ md5 turtle-5-factory.bin

MD5 (turtle-5-factory.bin) = 0cfaed187f44d91b55bed18b19d0a7ee

 

 

 

**************** IfCONFIG on TURTLE***********************

Iroot@turtle:~# ifconfig

eth0      Link encap:Ethernet  HWaddr 00:13:37:A6:91:B8

          inet addr:172.16.84.1  Bcast:172.16.84.255  Mask:255.255.255.0

          inet6 addr: fe80::213:37ff:fea6:91b8/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:164 errors:0 dropped:2 overruns:0 frame:0

          TX packets:95 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:38425 (37.5 KiB)  TX bytes:15737 (15.3 KiB)

          Interrupt:4

 

eth1      Link encap:Ethernet  HWaddr 00:13:37:A6:91:B6

          inet addr:192.168.1.3  Bcast:192.168.1.255  Mask:255.255.255.0

          inet6 addr: fe80::213:37ff:fea6:91b6/64 Scope:Link

          inet6 addr: 2606:a000:6d89:96f0:213:37ff:fea6:91b6/64 Scope:Global

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:194 errors:0 dropped:0 overruns:0 frame:0

          TX packets:35 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:60692 (59.2 KiB)  TX bytes:4304 (4.2 KiB)

          Interrupt:5

 

************************ROUTE TABLE from TURTLE****************************

 

root@turtle:~# route

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

default         172.16.84.84    0.0.0.0         UG    30     0        0 eth0

172.16.84.0     *               255.255.255.0   U     30     0        0 eth0

 

*****************************PINGS *********************************

 

root@turtle:~# ping 8.8.8.8

PING 8.8.8.8 (8.8.8.8): 56 data bytes

^C

--- 8.8.8.8 ping statistics ---

10 packets transmitted, 0 packets received, 100% packet loss

root@turtle:~# ping 192.168.1.1

PING 192.168.1.1 (192.168.1.1): 56 data bytes

^C

--- 192.168.1.1 ping statistics ---

6 packets transmitted, 0 packets received, 100% packet loss

root@turtle:~#

dmesgout.txt

Link to comment
Share on other sites

It's good to double check these things to be sure.

8 minutes ago, graythang said:

sysupgrade -n /tmp/turtle-5-factory.bin" to re-flash firmware

Also, that factory version is not an upgrade file. Only use the factory file for factory reset/uboot recovery. And the standard file for sysupgrades.

What is the other end of the turtle LAN cable connected to? your home router? or another router? could it be the router is expecting a certain MAC address? use a proxy? It seems to be getting an IP OK. Have you tried the same setup on another network (Just to rule it out?).

Link to comment
Share on other sites

3 minutes ago, Just_a_User said:

It's good to double check these things to be sure.

Also, that factory version is not an upgrade file. Only use the factory file for factory reset/uboot recovery. And the standard file for sysupgrades.

What is the other end of the turtle LAN cable connected to? your home router? or another router? could it be the router is expecting a certain MAC address? use a proxy? It seems to be getting an IP OK. Have you tried the same setup on another network (Just to rule it out?).

 

Standard cisco branded linksys, no mac filtering etc.

But to leave no stone unturned, I connected directly to the cable modem and had same results..

going to go back and refresh the firmware using a different computer (and I'll stick to the turtle reset button method based on your advise not to use the cli route).

 

 

 

Ah, sorry I didn't pickup on what your asking.

Yes I did use the one from the link you sent and just to be sure I did it again after reading your last post.  Here is the output of a few things to try and give you (or anyone wishing to help), as much info as possible

I did the firmware load using the 192.168.1.1 web site uploading with same outcome.

I then did an SCP transfer and used the manual 

the file obtained using the link you kindly sent. MD5 on the Mac was
MD5 (turtle-5-factory.bin) = 0cfaed187f44d91b55bed1907ee

MD5Sum on turtle was 0cfaed187f44d91b55bed18b19d0a7ee

 

myComp:Downloads JustMe$ md5 turtle-5-factory.bin

MD5 (turtle-5-factory.bin) = 0cfaed187f44d91b55bed18b19d0a7ee

MD5

 

Enter "turtle" to return to the Turtle Shell

 

root@turtle:~# ifconfig

eth0      Link encap:Ethernet  HWaddr 00:13:37:A6:91:B8

          inet addr:172.16.84.1  Bcast:172.16.84.255  Mask:255.255.255.0

          inet6 addr: fe80::213:37ff:fea6:91b8/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:164 errors:0 dropped:2 overruns:0 frame:0

          TX packets:95 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:38425 (37.5 KiB)  TX bytes:15737 (15.3 KiB)

          Interrupt:4

 

eth1      Link encap:Ethernet  HWaddr 00:13:37:A6:91:B6

          inet addr:192.168.1.3  Bcast:192.168.1.255  Mask:255.255.255.0

          inet6 addr: fe80::213:37ff:fea6:91b6/64 Scope:Link

          inet6 addr: 2606:a000:6d89:96f0:213:37ff:fea6:91b6/64 Scope:Global

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:194 errors:0 dropped:0 overruns:0 frame:0

          TX packets:35 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:60692 (59.2 KiB)  TX bytes:4304 (4.2 KiB)

          Interrupt:5

Link to comment
Share on other sites

Pulled out another turtle (ssd model), using same lan cable etc it connected no prob and could ping. Looked at the settings and noted the route table has entries for the 192.168.0.1 net (still hooked directly to the cable modem hub).  Shouldn't the turtle update its routing tables automatically?  I ask as the per my previous post, the 3g model I'm having issues with doesn't have any 192.168.x.x entries in its route table.   While I could manually add the routes, that wouldn't do much good in a deployment (I think they might notice If I pull out a laptop and start configuring in on location lol).

 

Link to comment
Share on other sites

2 hours ago, graythang said:

Is there anything special that is needed when using w/o a 3g sim?  My assumption is that it will work as a non 3g Lanturtle if no Sim is installed.

Ah good to know its a 3g model... 😉

if you don't have a sim in it you will probably have to enable LAN fallover so if the WWAN fails the turtle will use LAN...

Link to comment
Share on other sites

1 minute ago, Just_a_User said:

Ah good to know its a 3g model... 😉

if you don't have a sim in it you will probably have to enable LAN fallover so if the WWAN fails the turtle will use LAN...

 

Any docs on the process?

 

 

Link to comment
Share on other sites

1 minute ago, graythang said:

Any docs on the process?

I don't see anything explicitly, fair point.

But if you take a look in the sim config part of the turtle menu you should see it. It's good to have a poke round and explore the menu options.

Hope that solves your issue.

Link to comment
Share on other sites

  • 4 months later...
14 hours ago, nok said:

I have the same problem "The LAN Turtle is currentls offline. Please check your internet connection."

Are you still having this issue. What OS are you using? You will need to download the update manually and still it that way.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...