Jump to content

[Module Idea] 802.1X By-pass - AKA a Turtle too far.


Recommended Posts


Sometime a go I came across this talk from DefCon 19:

The guy mentions the raspberry pi, but the turtle should be able to do this with minor modifications to the bridging code? Possibly have a flag on the code of whether to enable / disable the patch?

The rest of the code is actually documented as a script on a pdf as well.


  • Upvote 1
Link to comment
Share on other sites

So looking at the source code (in this case for the Pineapple, but the code base is similar), the patch should be this:

--- build_dir/linux-ar71xx_generic/linux-3.3.8/net/bridge/br_input.c.orig 2015-08-24 09:29:58.719273414 +0100
+++ build_dir/linux-ar71xx_generic/linux-3.3.8/net/bridge/br_input.c 2015-08-24 09:30:21.615273027 +0100
@@ -81,7 +81,7 @@
if (skb->protocol == htons(ETH_P_PAE)) {
skb2 = skb;
/* Do not forward 802.1x/EAP frames */
- skb = NULL;
+// skb = NULL;
} else if (is_broadcast_ether_addr(dest))
skb2 = skb;
else if (is_multicast_ether_addr(dest)) {

That would then just leave the script, which is almost trivial.

Link to comment
Share on other sites

  • 3 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...