PixL Posted December 12, 2017 Share Posted December 12, 2017 Ok so i've been playing around with the packet squirrel... I plugged a wifi usb dongle into the usb port and then did the following. iw reg set US opkg update opkg install wpad-mini uci set wireless.@wifi-iface[0].encryption=psk2 uci set wireless.@wifi-iface[0].key="hak5squirrel" uci set wireless.@wifi-iface[0].ssid="Squirrel" uci commit wireless uci set wireless.radio0.disabled=0 wifi When checking my iPhone for wifi networks my packet squirrel is broadcasting an SSID named Squirrel I doesn't provide a network yet but its a start. Link to comment Share on other sites More sharing options...
PixL Posted December 12, 2017 Author Share Posted December 12, 2017 Now if i can figure out some iptables I could maybe connect this into a random ethernet cable and tap a connection out on a wifi ap. Link to comment Share on other sites More sharing options...
trashbo4t Posted December 27, 2017 Share Posted December 27, 2017 Wow super cool I look forward to hearing more! If you are successful would you mind creating a tutorial? Link to comment Share on other sites More sharing options...
Elnight Posted December 28, 2017 Share Posted December 28, 2017 Hope to hear more! Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted December 29, 2017 Share Posted December 29, 2017 Can you bridge one of the interfaces (LAN/WAN) with the WLAN one? You could potentially copy the "NETMODE BRIDGE" to bridge between WAN (or LAN) and WLAN as opposed to WAN and LAN. Link to comment Share on other sites More sharing options...
PixL Posted December 29, 2017 Author Share Posted December 29, 2017 I'm sure I can yes, I've got a Raspberry Pi script somewhere which does something similar, I can probably borrow the iptables from it.... will have a go after new year. Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted January 1, 2018 Share Posted January 1, 2018 Would be nice to give the PS a more practical use, e.g. Using it to bridge an existing WiFi's network from your phone to another SSID. Say, your home WiFi re-broadcasted by the Packet Squirrel through your phone or something. Something that would give you another IP but still under the home WiFi's network (so you get internet but in a different range that's set by the home WiFi - a range given by the PS). It's quite hard to explain so if you get confused reading that I don't blame you. It makes sense in my head. Link to comment Share on other sites More sharing options...
Forkish Posted January 2, 2018 Share Posted January 2, 2018 4 hours ago, Dave-ee Jones said: Would be nice to give the PS a more practical use, e.g. Using it to bridge an existing WiFi's network from your phone to another SSID. Say, your home WiFi re-broadcasted by the Packet Squirrel through your phone or something. Something that would give you another IP but still under the home WiFi's network (so you get internet but in a different range that's set by the home WiFi - a range given by the PS). It's quite hard to explain so if you get confused reading that I don't blame you. It makes sense in my head. A subnet right? Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted January 2, 2018 Share Posted January 2, 2018 19 hours ago, Spoonish said: A subnet right? The same subnet, just a different range. Most routers define a range for clients so they can be managed, but if you could rebroadcast the SSID to get outside it then you could essentially have internet access without being managed, therefore being outside of most management modules (like web filtering, bandwidth limits, tracking etc.). You would still be behind the firewall, obviously. But, yes, it could definitely be a possibility to just go in a different subnet. Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted January 4, 2018 Share Posted January 4, 2018 In terms of the bridging idea, this may help: https://wiki.openwrt.org/doc/recipes/bridgedap Link to comment Share on other sites More sharing options...
Forkish Posted January 4, 2018 Share Posted January 4, 2018 On 1/2/2018 at 6:24 PM, Dave-ee Jones said: The same subnet, just a different range. Most routers define a range for clients so they can be managed, but if you could rebroadcast the SSID to get outside it then you could essentially have internet access without being managed, therefore being outside of most management modules (like web filtering, bandwidth limits, tracking etc.). You would still be behind the firewall, obviously. But, yes, it could definitely be a possibility to just go in a different subnet. When you say managment range, do you mean as in DCHP range? Wouldn’t that be possible only if the subnet hosting routers didn’t define their managment range as *.*.*.0/24 ? If on that train of thought, do most router’s default managment stop outside their set DCHP range? Are you thinking (if the range is <254) of a wireless bridge thing but with you’re own dhcp range? /haven’t read your link yet Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted January 4, 2018 Share Posted January 4, 2018 14 hours ago, Spoonish said: When you say managment range, do you mean as in DCHP range? No, I mean as in DHCP range. :P Yeah, the range wouldn't necessarily be outside of a subnet. E.g. the router may only use 192.168.1.50 -> 192.168.1.254. This is more common for businesses because internal devices (such as POS machines, laptops, printers, cameras, servers etc.) can be in the same subnet (192.168.1.1 -> 192.168.1.49). Cameras, of course, may be in a different subnet. 14 hours ago, Spoonish said: Are you thinking (if the range is <254) of a wireless bridge thing but with you’re own dhcp range? Yes, this would help you get outside of that range. I think the PS could do it quite easily, however I don't know how fast it's going to be as the middleman between the 2 networks. It's processing power is quite low.. Link to comment Share on other sites More sharing options...
PixL Posted January 6, 2018 Author Share Posted January 6, 2018 I've had a quick look at this and once you've installed wpad-mini in arming mode as below... opkg update opkg install wpad-mini Then the following payload.sh should share whatever LAN it is plugged into as a wireless access point called squirrel. #!/bin/bash LED SETUP uci set wireless.@wifi-iface[0].encryption=psk2 uci set wireless.@wifi-iface[0].key="hak5squirrel" uci set wireless.@wifi-iface[0].ssid="Squirrel" uci commit wireless uci set wireless.radio0.disabled=0 & uci set wireless.radio1.disabled=0 & uci set wireless.radio2.disabled=0 & uci set wireless.radio3.disabled=0 & LED ATTACK wifi LED STAGE1 NETMODE BRIDGE I imagine if you spotted an ethernet port somewhere and wanted to investigate without being obvious and running cat5 to your laptop from it.. you could plug your packet squirrel into it, power up and walk away. Then you can connect your laptop to it from somewhere else in range and investigate the network. I know the above is a little untidy and but it's a work in progress. Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted January 7, 2018 Share Posted January 7, 2018 On 1/7/2018 at 6:16 AM, PixL said: I imagine if you spotted an ethernet port somewhere and wanted to investigate without being obvious and running cat5 to your laptop from it.. you could plug your packet squirrel into it, power up and walk away. Then you can connect your laptop to it from somewhere else in range and investigate the network. That's the ideal reason for the Squirrel acting as an AP - that's why I want it to. Link to comment Share on other sites More sharing options...
barry99705 Posted January 18, 2018 Share Posted January 18, 2018 Heh, I have a client that has a 255.0.0.0 internal subnet. Their old "IT Guy" got tired of changing everything when they ran out of ip addresses. I thought that was a little strange and found the dhcp server was set to never expire! It is a church, and had free wifi for the congregation. Changed the setting to 8 hours, but didn't change the subnet, didn't feel like fixing the printers. Anyway your idea of being outside managed ip space won't work. The router will treat any traffic as managed traffic. Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted January 19, 2018 Share Posted January 19, 2018 9 hours ago, barry99705 said: Anyway your idea of being outside managed ip space won't work. The router will treat any traffic as managed traffic. That's true for things like firewalls, port forwarding and routing, but there are cases where management is done via DHCP (I mean, take 75% of Windows Servers running DHCP..). Link to comment Share on other sites More sharing options...
barry99705 Posted January 20, 2018 Share Posted January 20, 2018 22 hours ago, Dave-ee Jones said: That's true for things like firewalls, port forwarding and routing, but there are cases where management is done via DHCP (I mean, take 75% of Windows Servers running DHCP..). Ahh! I see what you're saying. Link to comment Share on other sites More sharing options...
EvilMutley Posted February 6, 2018 Share Posted February 6, 2018 Using @PixL payload from above, ive added "ifconfig wlan0 up" as it does not detect the wifi adaptor otherwise. But the payload still does not work for me, am i missing something. #!/bin/bash LED SETUP ifconfig wlan0 up uci set wireless.@wifi-iface[0].encryption=psk2 uci set wireless.@wifi-iface[0].key="hak5squirrel" uci set wireless.@wifi-iface[0].ssid="Squirrel" uci commit wireless uci set wireless.radio0.disabled=0 & uci set wireless.radio1.disabled=0 & uci set wireless.radio2.disabled=0 & uci set wireless.radio3.disabled=0 & LED ATTACK wifi LED STAGE1 NETMODE BRIDGE If i SSH in to the Squirrel and run the payload or enter it line by line in to Terminal it works ? but i get uci: Invalid argument uci: Invalid argument uci: Invalid argument but the payload does work, wpad-mini is installed and updated and so is the Squirrel and its running Version 1.2. any help of this Link to comment Share on other sites More sharing options...
PixL Posted February 6, 2018 Author Share Posted February 6, 2018 The payload is very much a quick hack of a script, it isn't always clear if your wifi adapter will be given radio0 or another incremental number... so i guessed and tried radio0, 1,2 & 3 and just put & at the end so it carries on regardless. The script is working as intended, feel free to make some changes to it and more accurately select which radio interface your using and delete the other 3.. Link to comment Share on other sites More sharing options...
EvilMutley Posted February 6, 2018 Share Posted February 6, 2018 2 minutes ago, PixL said: The payload is very much a quick hack of a script, it isn't always clear if your wifi adapter will be given radio0 or another incremental number... so i guessed and tried radio0, 1,2 & 3 and just put & at the end so it carries on regardless. The script is working as intended, feel free to make some changes to it and more accurately select which radio interface your using and delete the other 3.. yeah the script works fine for me apart from i cant run it on a switch for some reason, Like i said runs fine from the terminal but if i assign it either to switch one, two or three it starts to run and the i get a red LED and no "Squirrel" wifi is created Link to comment Share on other sites More sharing options...
EvilMutley Posted February 6, 2018 Share Posted February 6, 2018 problem sorted, had to chmod the payload before it would work Link to comment Share on other sites More sharing options...
PixL Posted February 6, 2018 Author Share Posted February 6, 2018 Aha, glad it's working, feel free to experiment with it and post your modified code back here. Link to comment Share on other sites More sharing options...
EvilMutley Posted February 8, 2018 Share Posted February 8, 2018 Can you guys check over this Payload for me as i'm getting mixed results. sometimes working sometimes not. I'm tryinf to combine the OpenVPN standard payload that comes with the Squirrel with a bit of code written by @PixL which enables the Wifi access point on the Squirrel (with an adaptor). So im trying to connect to the Wifi access point that created and then route the traffic through the VPN. here the Payload. #!/bin/bash # # Title: Wifi OpenVPN access point # Description: Create a connection to a VPN-connection to an OpenVPN-server and creates a Wifi access point called Squirrel, sends connected traffic over the VPN. # Author: Evilmutley # Version: 1.0 # Category: VPN # Target: Any # Net Mode: BRIDGE, VPN # Set to 1 to allow clients to use the VPN FOR_CLIENTS=1 DNS_SERVER="8.8.8.8" # Cheap hack to set the DNS server function setdns() { while true do [[ ! $(grep -q "$DNS_SERVER" /tmp/resolv.conf) ]] && { echo -e "search lan\nnameserver $DNS_SERVER" > /tmp/resolv.conf } sleep 5 done } function start() { LED SETUP DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd) # Update factory default payload cp ${DIR}/payload.sh /root/payloads/switch3/payload.sh # Set NETMODE to BRIDGE and wait 3 seconds # to ensure that things can settle [[ "$FOR_CLIENTS" == "1" ]] && { /usr/bin/NETMODE VPN } || { /usr/bin/NETMODE BRIDGE } sleep 3 # Make OpenVPN use the local configuration uci set openvpn.vpn.config="${DIR}/config.ovpn" uci commit # Start the OpenVPN server in the background /etc/init.d/openvpn start # Start SSH Server /etc/init.d/sshd start & # Set DNS server setdns & } # Brings up Wifi adaptor ifconfig wlan0 up # Sets Encrption, SSID and Password for Wifi access point. uci set wireless.@wifi-iface[0].encryption=psk2 uci set wireless.@wifi-iface[0].key="hak5squirrel" uci set wireless.@wifi-iface[0].ssid="Squirrel" uci commit wireless uci set wireless.radio0.disabled=0 & LED ATTACK wifi NETMODE BRIDGE # Start the payload start & Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.