nmaas87
-
Posts
78 -
Joined
-
Last visited
Posts posted by nmaas87
-
-
aw shit.
if you really did that and the redboot flash you might have f*cked it.
as this was only for the old fons and not done for the new fon+.. so... thats why it was called draft...
build yourself the serial cable, everything else wont help! sorry!
-
hey thats my log with my paths ;-).
i want to have YOURS.
well if it goes on like this i can't find your fon.
are you sure your lan cable is ok and you connect directly your pc to the fonera?
(so like NO OTHER connection, as internet or so on the pc, only pc bound to fonera - lan like,
and after klicking on flash and the first "no packets found" you power up the fonera?
-
I tried it again with an updated version of pcap, but nothing.. the programs stucks there, where is says Ip:192.168.1.0 (I have also tried to manually set the ip of the pc.. but the result is the same...) I dont know what else to do... ( Ich spreche auch deutsch :))
Ok, so lets put it straight and go through the process:
a) Plug your Fon+ Wan Port into your PC Nic.
B) Start FonFlash, leave Type "OpenWRT / Gargoyle", select your NIC.
Rootfs File is openwrt-atheros-root.squashfs
Kernel File is openwrt-atheros-vmlinux.lzma
Press Flash Router now
c) There should be an Output like this:
Reading image file J:\Fon Plus\Jasager 1.0\openwrt-atheros-root.squashfs with 2359296 bytes, rounded to 0x00240000
Reading image file J:\Fon Plus\Jasager 1.0\openwrt-atheros-vmlinux.lzma with 720896 bytes, rounded to 0x000b0000
No packet.
No packet.
No packet.
Non arp received. Make sure, the device is connected directly!
Non arp received. Make sure, the device is connected directly!
Non arp received. Make sure, the device is connected directly!
Non arp received. Make sure, the device is connected directly!
Non arp received. Make sure, the device is connected directly!
Non arp received. Make sure, the device is connected directly!
Non arp received. Make sure, the device is connected directly!
Non arp received. Make sure, the device is connected directly!
Non arp received. Make sure, the device is connected directly!
Non arp received. Make sure, the device is connected directly!
Non arp received. Make sure, the device is connected directly!
Non arp received. Make sure, the device is connected directly!
Non arp received. Make sure, the device is connected directly!
Non arp received. Make sure, the device is connected directly!
No packet.
d) Plugin the Power of your Fon+
e) Then it should recognize your Fon and start loading the first File...
Something like fis init -f
and then the Start of the Flash process...
Does it something like that? Or what exactly is the Output FonFlash gives you?
Where did you get the Fon+, which Type is it (2201?)?, did you plug it into your Lan and let it update on Fon?
What did you do to the Box before you openend this topic? Did you do any of the Steps of Darrens How to?
Until when?
And last but not least: Build yourself this Serial Cable I'm really getting stuck somehow and really think theres something wrong.
By the way, nice to see that you're in Germany too, but we should keep on doin' this Stuff in English, as most ppl do speak English - a) it would be rude to start speaking German - and B) maybe someone does know a better solution than myself and you would miss the chance as he could not read German ;-)...
Good luck!
-
Pre Info:
This guide has been made with an Fon+ (2201), but should work with any other
Fonera Classic as well. Only limitation is that I have Problems with my
Jasager in Terms of SSIDs, there seems to be a Problem which hasn't been
addressed by Digininja, but the Rest should work.
(Problem described here: http://hak5.org/forums/index.php?showtopic=13883 )
This guide should be quite useful and has been written by using guides and
stuff from this Forum, I just wrote it together and added my own experiances.
Maybe that will turn out as a good starting point and help some newbies.
This Guide ain't perfect and if you think I could add some info - just write me,
I would be happy to provide more accurate Information to make life for new Jasager Friends easier!
Good Luck,
Yours, Xeno
0.) Get it started!
- Get the Jasager 1.0 Firmware from Digininja
http://www.digininja.org/jasager/download.php
- Built an Serial Adapter
Its not that hard and you should built one - so you can recover an dead Fonera.
I.e. http://www.dd-wrt.com/wiki/index.php/LaFon...rial-Cable-Port
I built that myself ("the ugly one") and it works.
Just to add two things:
i) You need to wire RS232 TX to the RX of the Serial (S2) and RS232 RX to the TX
(S3) of the Serial Connector (and 5 is the Ground)
ii) If you use an Fon+ (2201), the Serial Connector on the Phone is like that:
ethernet port
c x VCC 3,3 V MEMORY
a x TX
s x RX CPU
e x GND
1.) Flashing the Fon+ to Jasager
a) With Serial Port only:
- Extract the two Firmware Files onto your PC
- Connect to Serial (9600 baud, 8 Bit Data, 1 Stop Bit, No Software/Hardware Flow Control)
- Power Up the Fonera and Press CTRL+C (within 2 Seconds)
You end up in RedBoot>
Enter fconfig and press Enter until you come to the point Console Baud Rate.
Change the 9600 to 115200. Press enter again till the end and accept the flash with y.
Enter Reset and change the Serial Port settings to 115200 baud.
Repower the Fonera and Press CTRL+C (within 2 Seconds)
You end up in RedBoot>
Enter these Commands:
// Complete Kill of the Fonera Software:
fis init -f
// Download the Firmware Header and Root (fis can take about 20 Minutes!)
load -r -b %{FREEMEMLO} openwrt-atheros-vmlinux.lzma -m xmodem
fis create -e 0x80041000 -r 0x80041000 vmlinux.bin.17
load -r -b %{FREEMEMLO} openwrt-atheros-root.squashfs -m xmodem
fis create -l 0x6F0000 rootfs
// Configure Bootup, enter:
fconfig
// Enter Bootup Script, enter these two lines and press Enter a third time
fis load -l vmlinux.bin.17
exec
// The complete Config should look like that (nothing else changed as the Bootup Script!)
RedBoot> fconfig
Run script at boot: true
Boot script:
Enter script, terminate with empty line
>> fis load -l vmlinux.bin.17
>> exec
>>
Boot script timeout (1000ms resolution): 2
Use BOOTP for network configuration: false
Gateway IP address:
Local IP address: 192.168.1.1
Local IP address mask: 255.255.255.0
Default server IP address: 192.168.1.254
Console baud rate: 9600
GDB connection port: 9000
Force console for special debug messages: false
Network debug at boot time: false
Update RedBoot non-volatile configuration - continue (y/n)? y
... Erase from 0xa87e0000-0xa87f0000: .
... Program from 0x80ff0000-0x81000000 at 0xa87e0000: .
RedBoot>
// Reboot, you're done with flashing!
reset
B) With Serial Port and Tftp Server:
- Extract the two Firmware Files onto an reachable tftp Server
- Connect the Wan Port to your Network
- Connect to Serial (9600 baud, 8 Bit Data, 1 Stop Bit, No Software/Hardware Flow Control)
- Power Up the Fonera and Press CTRL+C (within 2 Seconds)
You end up in RedBoot>
Enter these Commands:
// First IP is the Fonera IP/Subnet, Second is the TFTPServer
ip_address -l 192.168.2.99/24 -h 192.168.2.8
// Complete Kill of the Fonera Software:
fis init -f
// Download the Firmware Header and Root (fis can take about 20 Minutes!)
load -r -b %{FREEMEMLO} openwrt-atheros-vmlinux.lzma
fis create -e 0x80041000 -r 0x80041000 vmlinux.bin.17
load -r -b %{FREEMEMLO} openwrt-atheros-root.squashfs
fis create -l 0x6F0000 rootfs
// Configure Bootup, enter:
fconfig
// Enter Bootup Script, enter these two lines and press Enter a third time
fis load -l vmlinux.bin.17
exec
// The complete Config should look like that (nothing else changed as the Bootup Script!)
RedBoot> fconfig
Run script at boot: true
Boot script:
Enter script, terminate with empty line
>> fis load -l vmlinux.bin.17
>> exec
>>
Boot script timeout (1000ms resolution): 2
Use BOOTP for network configuration: false
Gateway IP address:
Local IP address: 192.168.1.1
Local IP address mask: 255.255.255.0
Default server IP address: 192.168.1.254
Console baud rate: 9600
GDB connection port: 9000
Force console for special debug messages: false
Network debug at boot time: false
Update RedBoot non-volatile configuration - continue (y/n)? y
... Erase from 0xa87e0000-0xa87f0000: .
... Program from 0x80ff0000-0x81000000 at 0xa87e0000: .
RedBoot>
// Reboot, you're done with flashing!
reset
c) Via Fon Flash:
- Get FonFlash (and install wpcap Drivers as well, are included in Wireshark)
- Start FonFlash
- Select your Network Interface Card
- Select Rootfs (openwrt-atheros-root.squashfs)
- Select Kernel (openwrt-atheros-vmlinux.lzma)
- Press Flash Router now and Power Up the Fonera.
- Takes approx. 20 Minutes
2.) Connect and Basic Settings
// telnet to 192.168.1.1 and change the root passwd to enable SSH.
telnet 192.168.1.1
passwd
ilovepineapples
ilovepineapples
3.) Fixing Webif
You got two Webinterfaces on the Jasager.
First the Karma/Jasager one at 192.168.1.1:1471,
and Second the Webif/X-Wrt on 192.168.1.1.
In Webif, you can change things like IP Adresses and watch a bunch of data.
Easy configuration for your Fon+ if you're not so used to the CLI in Linux.
Now that you have changed the root password and therefor have access to ssh,
you can use putty to connect to 192.168.1.1
a) Opkg
echo "src X-Wrt http://downloads.x-wrt.org/xwrt/kamikaze/8.../packages" >> /etc/opkg.conf
opkg update
opkg remove -recursive luci-*
opkg update
opkg install webif
reboot
B) Manual
// Remove Previous Install
opkg -recursive remove haserl
// Download and move these files to the tmp directory on the fon using winSCP
haserl_0.9.24-1_mips.ipk
webif_0.3-4709_mips.ipk
webif-theme-xwrt_0.3-4709_all.ipk
// Install the files using putty.
opkg install haserl_0.9.24-1_mips.ipk
opkg install webif_0.3-4709_mips.ipk
opkg install webif-theme-xwrt_0.3-4709_all.ipk
4.) Enable Wireless
uci set wireless.wifi0.disabled=0
uci commit wireless && wifi
reboot
5.) Duplicate Ports (only on Fon+ 2201)
This does enable you to use the Wan Port to connect the Jasager to an Wan Source
(i.e. another Router) - which does get its IP and Config via dhcp Client.
Than you can plug your PC \ Laptop to the Lan Port and can sniff there the Traffic
the Wifi User does create. So you don't need any ICS or Stuff anymore...
Its cool and easy, BUT BEWARE(!) - this cloning works in both directions -
So if YOU surf the net on your PC \ Laptop, the Wireless User can see it aswell!
(However, it did not yet work out for me...)
// Enter UCI Commands
uci set network.wifi=interface
Fon+ has 3 interfaces lan, wan wifi – by default wifi interface is not configured
uci set network.wifi.ifname=ath0
uci set network.wifi.proto=static
uci set network.wifi.ipaddr=192.168.1.1
uci set network.wifi.netmask=255.255.255.0
// uci set network.wifi.dns=192.168.1.1 (If you want to set it)
uci set dhcp.cfg0875fa=dhcp
uci set dhcp.cfg0875fa.start=2
uci set dhcp.cfg0875fa.limit=250
uci set dhcp.cfg0875fa.leasetime=60m
uci set dhcp.cfg0875fa.ignore=0
uci set dhcp.cfg0875fa.interface=wifi
uci commit
// Activate External Firewall Rules
vi /etc/config/firewall
// uncomment the following line
# include a file with users custom iptables rules
config include
option path /etc/firewall.user
// Enter Firewall Rules to Allow Lan/Wlan Port "Crossover"
vi /etc/firewall.user
// Add the following lines
iptables -I zone_lan_forward -i br-lan -o br-lan -j ACCEPT
//Reboot
reboot
6.) There is no Step 6. Have fun!
-
Ok thats helped me loads. Thanks bud :)
Not a problem at all, you're welcome ^^
-
So no steps 1-10, don't you have to unlock it or does the flash unlock it for you? thanks for the help by the way:)
Yep,
no unlocking required as there is no possiblity to "Hack" the original Fon Firmware at the moment.
So all we do with FonFlash is to OVERWRITE the Firmware - no unlocking required as we just "kill 'em all" ;-).
(I was so sad as I recieved my 2201... I wished I would have had the possibility to "hack" it - its such a fun... So I ordered an Fonera Classic now, unhacked... So that I can still have some fun and do the more awesome Hardware Mods with it that aren't possible anymore with the 2201 / Fon+ ^^'''').
So just follow as I described, and I THINK it should work ;-).
Good luck,
Yours,
Xeno
-
You didn't really answer my question so I will put in yes or no terms. I start with step 1 in this link http://wiki.hak5.org/wiki/Fon_Jasager_Install and go through all steps 1-11 and on step 11 I use the firmware from Jasagers homepage. and after it is done flashing it is finished right. because steps 1-10 unlocks it. and step 11 uploads the firmware.
Woops!
Ok: YES NO YES NO:.. YES YES...
Just kidding ;-).
Its a bit more easy to be complicated:
Flashing with the Fon Firmware does not need anything else, except some Bug fixes.
I'm writing an tutorial about it at the moment (with all useful posts around here) for the fon2201, which I'm going to release in some days, but I give you a little quick start (I think you're ok with that ;-):
First
Flash the Firmware onto your Fonera with FonFlash
( http://www.gargoyle-router.com/download.php ) - Just load the Firmware in the App, wire up your Fon and press flash, plugin the power of your fon... It will take about 20 minutes+ and inform you when its done.
Second
Do step 12 and 13 to enable functionality
Third
If you want webif, you need to do this:
opkg update
opkg install webif
reboot
Forth
You're on step 20,
have fun!
Greets,
Xeno
-
No Problem at all, I'm myself not an native Speaker, but German ;-).
So good luck ^^
-
You got that
http://www.gargoyle-router.com/downloads/f...ash-windows.zip
Software?
( Website: http://www.gargoyle-router.com/download.php )
Mh, maybe your pcap is outdated or you got none.
I would recommend you following:
Download and install Wireshark (it will come in handy after you use Jasager some time ;-) - the main fact is that it does install the Winpcap Driver during the install. You MUST have that.
Then REBOOT(!, otherwise that driver component won't load correctly) and try again with Fon Flash.
And if you got some spare time, think about building an serial Adapter for your Fonera. Ain't that hard and its really worth it (or do just get an Serial Mobile Phone Cable and connect it as described and the unbricking Topic...) - and THEN you can really see whats going on on your little fellow...
(I would really recommend to get one - anyway.)
If it ain't an hardware fault, we will get that thing running again I think ^.^.
Cheers and good luck!
Xeno
-
169.254.36.225 is an private IP.
Dunno wheter the flash went wrong and the Jasager ain't installed correctly.
Fact is, your windows only gives you a Private IP if it can't get one from the dhcp Server (which should run on the Jasager - seems like it doesn't....).
Well - I would advise you to use the FonFlash Tool instead of EasyFlash.
Works better.
Just enter the data the same way as in the tutorial, press flash and power up your fonera.
( And by the way, 192.168.1.1 will be the IP of your Fonera - so you could have i.e. 192.168.1.2 - if you don't get it by dhcp, set it manually and try to connect as described in the Tutorial... Subnetmask for the manual Entry is 255.255.255.0 )
Greetings,
Xeno
-
Just wondering... Is it possible to use just a standard usb cable to connect to the serial points in the fon 2100 ? and if not can i just use a standard grey thick serial cable like an optical or hdd cable type? (non sata)
Also i forgot to introduce myself! Hey Everyone, i have watched hak5 since the 1st episode so i apologize for taking years to register on the forums...
Um don't really know what you mean, but you need the TTL to RS232 Converter in the middle of it.
So Serial Connector of your PC / USB2Serial Adapter -> TTL Converter -> Fon.
I think this Converter straightens out the -15 to +15V on the Serial Console to 0-3,3V (which is Default Voltage on any Serial Port for Mobile Phones and little Router Guys and Gals like the Fonera).
Important thing: NOT USING AN TTL WILL FRY YOUR FONERA!
So just buy an Usb/Serial Mobile Phone Cable and connect it to the Fonera (they got it built in at 99,9%) or solder yourself an Adapter. ( I built after that one: http://www.dd-wrt.com/wiki/index.php/LaFon...console_adapter - was simple and works great!)
Greets,
Xeno
-
Dunno,
but Fon Flash as beakmy recommended it does work on Windows XP as well as Windows 7 - I actually use both OSes next to BT3 to play with my little F*nic Friend ;-) ^.^.
Greets,
Xeno
-
Hi,
Just get the Jasager 1.0 Firmware from digininjas Website,
grab a copy of FonFlash,
Start it, Select the NIC your Fon+ is attached to, select rootfs and Kernel File and press the Flash button.
Then power on your Fon+ - and wait about 20 Minutes - its going to give you an Ack that its done.
And off you're!
But I would recommend you to solder yourself an Serial Cable - its great for unbricking and might help a lot!
Greets,
Xeno
-
Hello beakmyn,
I tried your idea and set up as described - and the both ports do work in that way:
I connected my real Router to the Wan Port and my Eee to the Lan Port.
I booted the Eee into BT3 and fired up Hamster 2.
Then I surfed the Web over the Wlan Access from an another Pc.
But sadly - I can prove that with Wireshark - I can't see the Traffic of the Wlan surfing Device on the Lan Port...
Any thoughts about it?
Thank you,
Xeno
-
I'll probably go for 8.09_1 or whatever they call the latest stable release.
The kmod-gpio was a package I found so don't know if I have the source but I'll have a look
Hi,
I can confirm the problem with my Jasager 1.0 Firmware freshly flashed Fon+ 2201.
Funny thing, if I set Karma to Blacklisting, I see some "funny" ssids...
Are you working on the problem?
Greetings,
Xeno
-
Thanks!
So the Fonera+ IS in the Monkey Interceptor.
Yes,
as you can read on www.digininja.org under Networking, Interceptor, the Fon+ is used for the Interceptor, but can be used for the Jasager Project aswell.
But you can only make it a Jasager or Interceptor at the same time, if thats what your thinking about.
-
Well Fonera+ is used for the Interceptor (Monkey).
But you can use the Fonera+ aswell for Jasager - just download diginijas complete Firmware (says 1.0 but its the recent Jasager!) and flash it with the tool you like onto your Fonera+.
And then, you're done ;-).
(Second Ethernet Port doesn't do anything on the configuration, but theres a guy on this Forum working on it to create the second Port to an "sniff-only" Port - so that first one can connect to an actual Webconnection and does not need an Computer with ICS or in the middle - as it does replicate the Data to the second Port... or at least its planed like this ^^)
Greets,
Xeno
-
write an pm to t00dy, he did gave me an invite as well ^.^
-
anything new on that topic? is it possible to just add an sd-card to the fonera+ 2201 with the usual fon style? (adding it to the normal gpio pins and killing the condensators?)
thanks,
xeno
-
thank you very much, i'm looking forward to it ^.^
-
Oh thank you very much for that info!
That will make "debuging" a lot easier should I ever stumble across a "virgin Fonera" XD....
( I just love the Video How To XDDD )
-
Well funny thing on my side, I did use the serial cable I once build for my Netgear WGT634U, as it turned out to have the same Layout Rx/Tx/Gnd follow up as my Fonera+ 2201. I did use an serial cable from an Siemens C35i (very old Mobile Phone) - and what shall I say?: Very funny thing is, I always read it doesn't boot without breaking the ground or so - I can leave that cable plugged into the fonera+ all the time - and it will go into red, it will boot OpenWrt - everything. And I don't need to plug anything up or down...
Hm I'm thinking about trying one of the blue Cisco RJ45<->Serial Cables... As we have them floating around in like tons.. I think they should have an 5V Converter also integrated into the cable... anyone can confirm that?
Greetings,
Xeno
-
hi beakmyn!
your concept sounds interessting!
if you got it working could you describe the exact way "how" to accomplish that?
would be really cool as I would love to do the same thing to my jasager ;-).
(its not about making it more easier, but a lot more comfortable in that way - and easy capturing under backtrack ^.~).
greetings,
xeno
-
Tried.
Kind of worked.
It responded to a single probe request, and a computer automatically connected.
Other computers weren't detecting any APs.
In other words: It's kind of intermittent.
Funny thing here too:
I needed to reflash my brandnew Fon 2201 a second time until the Webif worked!
First time was ok and OpenWrt and such booted, but first after second time complete flashing according to your Website - the webif did work.
wrong ip after flashing??
in WiFi Pineapples Mark I, II, III
Posted
Well, please post what you get after building the cable...