Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Everything posted by hierophant

  1. one important thing is that on one cycle i was fast enough to ssh into the Tetra and issue a service openvpn stop but unfortunately it's still cycling as we speak.
  2. Okay so I setup OpenVPN, adding the auth.txt to the config and such, set it all up and it would run on my Tetra fine but devices connect to the router did not get their IP changed. My setup is MacBook setup to share it's Ethernet connection (working) and a chrome book and ps4 bridged to the WI-FI of this Macbook. So I use Tunnelblick to load my config and execute, again successful AUTHs, VERIFYs OK, IP established. Now my Macbook hooked to Ethernet still works and going through the VPN and changing it's IP. But all other devices go offline. Is this a routing issue of making bridged traffic go through the VPN somehow? At one point messing with the protocols and configs, Tunnelblick did run sharing Wifi, connecting from the router to ethernet to ps4. Wireshark showed only communication between my router and a single VPN server. When it stopped working like that I tried to reload the configs on Tetra and I issued 'service openvpn start' and then instead of restarting and loading the config it just basically went in a cycle of all colors to blue blinking to online blue yellow to black offline again, repeat. Even after reset. I'll try a firmware update. Any help plz? thank youi
  3. Thanks for the links and info and sorry for the bitter tone.
  4. What's the point of the packet squirrel when you can do so much more bridging your own device and running those types of pcap commands?
  5. different ports must be seperated by or i.e port 22 or 80 or 8080 I think you can use 'and' as well as others.
  6. I created a bridge and that's good enough. I wrote a script to just grab the noisiest IP's so it ignores all the random crap and I get a neat list of IP counts, I'm adding geolocation for it when I develop it into something beyond a terminal command. tcpdump -i br-lan -vv -nnn -t -c [how many packets] port [port#] | cut -f 1,2,3,4 -d '.' | sort | uniq -c | sort -nr | head -n 20 This can be run from the terminal of the tetra and probably the nano.
  7. Wow awesome super supportive hacker community we got here. I can't find another thread about connection loss moving from arming to TCPDUMP? I've seen other people complaining but there situation was different. I already called my ISP to see if it was getting knocked off. But nope But anyways thanks for the help on this crap forum. I just bought 7 devices from HAK5 and I can't even getting any motherfuckign Customer Service? Forget it anyways, I already just bridge a connection like I always do. Thought it would be cool to put the squirrel right on the ethernet line BUT OH WELL, Might as well throw this piece of garb in the trash.
  8. I especially need a good way to discover all ips and new ips on my network. I tried a nmap internal network scan and arp and a broadcast address. thanks
  9. Hey guys, So I can get an easy DHCP connection in arming mode. If I change it to payload 1 the tcpdump, I can see some interaction with the usb i formated using mkntfs -F /dev/sda , said operation successful , then the booting green light but then it goes right back to blinking blue which is odd since it's supposed to be for the arming stage and it goes to blue at payload 1 switch. Then it's LAN disconnected. The LAN should stay fluid from arming to payload 1 right? I can't press the top button to see any red light suggesting reading or writing. Only real connection is through the blinking blue light on all switches. I followed the instructions to update the firmware. Maybe I need to make my usb ext4? Do I need to SSH to it? Because I have other HAK5 products and the default ip assigned is not the right one. So I can't see if there's a shell I can do networking input for getting the packet squirrel online in payload 1 mode. I tried arp -a. I tried ifconfig getting the broadcast of my wlan0 and br-lan, ping, than arp -a, to see what ip's there were but nothing but the obvious established devices. Anyhelp would be amazing I'm exhausted with work. Also, DNSPOOF. So the first domain in the config is where you want the target to be sent? And once executed after following the config instructions in the manual. It's specific to the target's nameserver right? It's not gonna start messing DNS all over the network? Thanks for anything you can give me everyone.
  • Create New...