CommodoreDad

For macchanger, I got the source from http://www.gnu.org/software/macchanger and did the following: Put the BashBunny into arming mode (switch 3) Copy the macchanger-X.X.X .tar.gz to the BashBunny; let's say /loot/. Create a payload for Switch 1 LED SETUP ATTACKMODE SERIAL STORAGE cp /root/udisk/loot/macchange.tar.gz /root/. LED FINISH Save, unplug the BB, move to switch 1, and plug back in. When the LED indicates Finished, use your serial terminal program to log into the BB Now, you can compile and install: # you should already be in /root tar xfz macchanger-X.X.X.tar.gz cd macchanger-X.X.X ./configure make # NOTE: the following only puts the binary into the BB system. Use 'make install' # if you want everything including docs. cd src cp macchanger /usr/bin/. cd ../.. rm -rf macchanger-X.X.X # if you want to remove it. Once done, you'll have macchanger readily available. Enjoy!

So I did a little more digging and found adding '--no-check-certificate' to the wget commands in /etc/turtle/modules/modulemanager allowed the Dialog scripts to obtain the modules as expected**. I presume this would work for /usr/bin/turtle_update as well. However, this is obviously not the most secure way. So, I also created a ~/.wgetrc file with the line: ca_directory = /etc/ssl/certs per this link...but no love. Finally, doing a grep on the /etc/ssl/certs/cacerts.pem file for "COMODO ECC Domain Validation" also turned up no love. I'm not an expert on SSL trust chains, but perhaps the CA (COMODO ECC Domain Validation Secure Server CA 2) cert just isn't available in the collection of /etc/ssl/certs/cacerts.pem. Perhaps someone more skilled with SSL chains can provide some insight. Hope this helps... ** WARNING: after changing all wgets to "wget --no-check-certificate" in the modulemanager script, not only did I successfully download the modules I wanted, but also ran the "Update Installed Modules" successfully. HOWEVER, updating the modules also updated modulemanager, thereby losing my wget changes. *forehead smack*

Has anyone solved this? I manually upgraded the firmware to v4, but still am unable to download modules via the Dialog "GUI"...I get back a message saying "No modules available". Additionally, when I exit to the shell and after inspecting /usr/bin/turtle_update, I tried to issue the 'wget' command manually (no, not for modules but to see if the https problem people are taking about was fixed in firmware v4). Turns out, I get the following message: root@turtle:~# wget https://lanturtle.com/updates/current_version --2017-11-22 03:46:25-- https://lanturtle.com/updates/current_version Resolving lanturtle.com... 2400:cb00:2048:1::681b:b041, 104.27.177.65, 104.27.176.65 Connecting to lanturtle.com|2400:cb00:2048:1::681b:b041|:443... failed: Permission denied. Connecting to lanturtle.com|104.27.177.65|:443... connected. ERROR: cannot verify lanturtle.com's certificate, issued by 'CN=COMODO ECC Domain Validation Secure Server CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB': Issued certificate not yet valid. To connect to lanturtle.com insecurely, use `--no-check-certificate'. root@turtle:~# So it seems the HTTPS problem still hasn't been solved. I'm presuming this is the same issue with the Dialog scripts for downloading modules though I've not dove into the Dialog scripts yet. Just thought I'd ask if anyone had solved this yet. Thanks!