Wall-E Posted July 3, 2011 Share Posted July 3, 2011 Hi, I'm using an open-mesh router and flashed it according "Building or Unbricking guide" on the hak5 home page. I verified access to webif and Karma site with no problems. For now I'm not interested in the Karma bit and deauthing clients and having them connect to my AP instead of the real one. I'm trying to use the Jasager as an AP instead of using Aireplay to create an AP. I’ve read the forums about the automatic scripts that enables everything for me, but really I’m trying to do things myself one step at a time to understand the process, then maybe I will use the scripts later when I know how everything works. I used the guide on karmetasploit to edit the settings on my router to: DHCP: config dnsmasq option domainneeded 1 option boguspriv 1 option filterwin2k '0' #enable for dial on demand option localise_queries 1 option local 'lan' option domain 'lan' option expandhosts 1 option nonegcache 0 option authoritative 1 option readethers 1 option leasefile '/tmp/dhcp.leases' option resolvfile '/tmp/resolv.conf.auto' config dhcp lan option interface lan option start 100 option limit 150 option leasetime 12h option ignore 0 list dhcp_option 3,192.168.0.1 list dhcp_option 6,192.168.0.2,208.67.222.222 list dhcp_option 6,192.168.0.2,8.8.8.8 config dhcp wan option interface wan option start 100 option limit 150 option leasetime 12h option ignore 1 list dhcp_option 3,192.168.0.1 list dhcp_option 6,192.168.0.2,208.67.222.222 list dhcp_option 6,192.168.0.2,8.8.8.8 Network: config interface loopback option ifname lo option proto static option ipaddr 127.0.0.1 option netmask 255.0.0.0 config interface lan option ifname eth0 option type bridge option netmask 255.255.255.0 option proto static option ipaddr 192.168.0.2 option gateway 192.168.0.1 option dns 8.8.8.8 Next in bt5 I connected my wlan0 to my home internet using wicd then I ran ifconfig eth0 192.168.0.1 netmask 255.255.255.0 and I could log in to the router on 192.168.0.2 before the ip address for eth0 changes to 192.168.10.5 for some reason! Another thing I noticed is every time I disconnect from my eth0 connection on wicd to try to connect to the wireless, the wireless connects fine for a minute before automatically disconnecting and going back to the eth0 connection like wicd is forcing eth0 to be the primary connection, which causes me to lose connectivity to the internet and also I'm not able to access the webif page because the ip address is on a different range than the set 192.168.0.x I’ve tried changing those settings in wicd: Under Preferences & General Settings Network interfaces I unchecked always show wired interface I unchecked always switch to a wired connection when available Under wired automatic connection I choose prompt for wired network profile Under Automatic reconnection I unchecked automatically reconnect on network connection loss And still the connection keeps disconnecting the wireless and connecting to the wired & changing the eth0 address to 192.168.10.5 as I verified by running ifconfig. I’m not sure if this is a linux issue or a setting that I did wrong on the router. Any ideas what the problem might be? Quote Link to comment Share on other sites More sharing options...
Wall-E Posted July 4, 2011 Author Share Posted July 4, 2011 *Correction* Earlier I meant to say Airbase-ng not Aireplay-ng I've made some progress. I gave my eth0 a static ip of 192.168.0.1 and I rebooted my backtrack. I've tried setting a static ip before, but forgot about the step of restarting the network file and then I would revert back to my old settings so that's why the settings never got implemented. Here are my new findings: setting a static ip for eth0 lets me access the router's webif & also I'm able to connect to the internet through my droid tether (easytether0) when I SSH into the router and ping: 192.168.0.1 (which is ip for eth0) I get replies back :) 192.168.117.1 (which is the easytether gw) I get replies back :) 192.168.117.2 (which is the easytether0) I get replies back :) 8.8.8.8 no replies back <_< cnn.com no replies back <_< BUT I get this: root@OpenWrt:~# ping cnn.com PING cnn.com (157.166.224.26): 56 data bytes which displays the real ip address for the website. Any ideas what I'm missing here that's not enabling me from pinging those sites? Also I tried to connect to the access point, but it's not giving an IP address to my Ipad Quote Link to comment Share on other sites More sharing options...
Wall-E Posted July 4, 2011 Author Share Posted July 4, 2011 I can't seem to find the edit button to edit add-on to my posts To forward traffic I'm using: ifconfig eth0 192.168.0.1 netmask 255.255.255.0 echo '1' > /proc/sys/net/ipv4/ip_forward iptables -X iptables -F iptables -A FORWARD -i easytether0 -o eth0 -s 192.168.0.0/24 -m state --state NEW -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A POSTROUTING -t nat -j MASQUERADE route del default route add default gw 192.168.117.1 easytether0 Quote Link to comment Share on other sites More sharing options...
Wall-E Posted July 6, 2011 Author Share Posted July 6, 2011 I've made some progress, sorta Following the guide here I re-flashed my router and followed the steps My setup: eth0 set to static ip 192.168.0.1 router set to 192.168.0.2 smartphone ip: 192.168.117.2 I can access both the internet & router at the same time dhcp file: config 'dnsmasq' option 'domainneeded' '1' option 'filterwin2k' '0' option 'local' '/lan/' option 'domain' 'lan' option 'expandhosts' '1' option 'nonegcache' '0' option 'authoritative' '1' option 'readethers' '1' option 'leasefile' '/tmp/dhcp.leases' option 'resolvfile' '/tmp/resolv.conf.auto' option 'boguspriv' '0' option 'localise_queries' '0' config 'dhcp' 'lan' option 'interface' 'lan' option 'start' '100' option 'limit' '150' option 'leasetime' '720m' option 'ignore' '0' list 'dhcp_option' '3,192.168.117.2' list 'dhcp_option' '6,8.8.8.8' config 'dhcp' 'wan' option 'interface' 'wan' option 'ignore' '1' option 'start' '' option 'limit' '' option 'leasetime' '' network file: config 'interface' 'loopback' option 'ifname' 'lo' option 'proto' 'static' option 'ipaddr' '127.0.0.1' option 'netmask' '255.0.0.0' config 'interface' 'lan' option 'ifname' 'eth0' option 'type' 'bridge' option 'proto' 'static' option 'netmask' '255.255.255.0' option 'macaddr' '' option 'ipaddr' '192.168.0.2' option 'ip6addr' '' option 'ip6gw' '' option 'dns' '' option 'gateway' '192.168.117.2' and I edited /karma/www/cgi-bin/functions.rb under "def create_interface()" added: system("sleep 1") system("brctl addif br-lan ath0 2>&1 > /dev/null") On backtrack I execute the commands in instructions with adjusting wlan0 to easytether0 (usb tether to my phone) echo 1 > /proc/sys/net/ipv4/ip_forward sudo iptables -t nat -A POSTROUTING -o easytether0 -j MASQUERADE What the problem is: Not being able to duplicate the steps and initiate connection after restart. The first time I tried this I was able to connect my ipad to the router and got the following addresses on my ipad connection: IP address: 192.168.0.186 Subnet mask: 255.255.255.0 Router: 192.168.0.1 DNS: 8.8.8.8 Search Domain: lan I was browsing with good speeds, then I shutdown everything and came back to try to connect the same ipad, but it wasn't getting any ip address. I tried a different ipad and a laptop, but still got the same issue. Hours later I tried again and after connecting and disconnecting the interface on the Karma page and issuing the backtrack commands that I used earlier I was able to connect again. I tried to dublicate my same steps just to confirm it will work again and it didn't work! •I tried connecting from different distance from the router and restart my backtrack machine and the router several times and also my ipads with no luck. The devices connect fine, but they don't get issued an ip address. •I also tried booting up backtrack and setup all my eth0 and my easytether0 connections before turning on the router (just to see if maybe there is a conflicting setting between the laptop and the router and maybe the router will pick up the settings from backtrack), but no luck there. • never made changes in the dhcp file or the network file and I was able to have devices connect to my router the several times I was able too so I know the settings are correct, but if there is a problem with them I don't mind making a change. I'm happy with the progress I made so far, but I want this to work all the time, not one out 10 tries. Any ideas what the problem might be?? Quote Link to comment Share on other sites More sharing options...
bobbyb1980 Posted September 12, 2011 Share Posted September 12, 2011 (edited) I'm having similar issues. We're using a very similar setup, I have BT5 running Jasager on an 0M1 also. I use the jasagerPwn script to do the ICS bit. I am able to get the router setup as an AP with ICS no problem (no sslstrip though). One thing I changed that was hurting was having an eth0 entry in wicd. I deleted any signs of eth0 from wicd as my wlan0 and eth0 were always conflicting when being managed from the same program. I deleted eth0 config from wicd and used "ifconfig eth0 192.168.10.2 up" after every reboot and ran wicd only to connect wlan0 to a wireless network (only since I use WEP and it's a pain to use WEP and iwconfig). I recommend to only use "network managery" type interfaces when ifconfig and iwconfig can't do the same job. I learned that when I start the router (running latest version of Jasager), I ssh into and stop dnsmasq. I then go to Jasager's GUI and turn karma on (I do not add my true AP to the black/whitelist, when I do it never works). If Karma is not enabled on the router, the clients to the AP have no DNS (they can ping 8.8.8.8 fine but they can not ping google.com) But when Karma is enabled, I am able to share internet completely fine. Hope that helped. Edited September 12, 2011 by bobbyb1980 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.