Infinitynull Posted December 13, 2017 Posted December 13, 2017 Hey guys, I am new to the whole forum thing. I am curious on how to use the VPN payload with my packet-squirrel. I bought NordVPN a while ago, they offer the following files to connect ".crt with .key" and ".opvn". Though I am clueless on how to use these files, I tried copying the ".opvn" to the configuration file. I am sure I am doing this wrong, but I want to learn. I know how to use these files on Linux but not so much with the Packet-squirrel, what should I do? Edit: I have read the documentation, before that comes up thanks.
Metasploit Posted December 13, 2017 Posted December 13, 2017 https://www.youtube.com/watch?v=canzdyczLRw show this video
Infinitynull Posted December 13, 2017 Author Posted December 13, 2017 Oh that's perfect, thank you Ulrich Fuchs
Infinitynull Posted December 14, 2017 Author Posted December 14, 2017 Okay, I have fought with this all last night and today. I watched that video you posted Metasploit. I changed the "FOR_CLIENTS", I also copied the configuration file from NordVPN trying both their UDP and TCP files for many different US nodes. I changed the "auth-user-pass auth.txt" and put my credentials username on one line and password on the second line, and made the "auth.txt" file in the same directory as the configuration and payload.sh. I even tried using this configuration through Kali Linux. It worked and automatically connected and worked. BUT when I tried to automated this with the default switch3 payload on the Packet Squirrel, it will not give me internet access or sometimes it does but doesn't change my IP. Below I posted my configuration file, does anyone know what I am doing wrong? EDIT: APPARENTLY I was wrong, I was googling "what is my ip" It was showing my original IP. Though I tried IP chicken and it changed correctly, then I tried a DNS leak test and it also showed the VPN IP correctly. But I still have a problem, the DNS server isn't changing, I have even tried using different DNS servers. So ignore what was said above these sentences but I still have a problem, my DNS isn't changing to google's DNS server what do I do? Is there a way to add multiple DNS servers in case one fails? #!/bin/bash # OpenVPN payload # Set to 1 to allow clients to use the VPN FOR_CLIENTS=1 DNS_SERVER="8.8.8.8" # Cheap hack to set the DNS server function setdns() { while true do [[ ! $(grep -q "$DNS_SERVER" /tmp/resolv.conf) ]] && { echo -e "search lan\nnameserver $DNS_SERVER" > /tmp/resolv.conf } sleep 5 done } function start() { LED SETUP DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd) # Set NETMODE to BRIDGE and wait 3 seconds # to ensure that things can settle [[ "$FOR_CLIENTS" == "1" ]] && { /usr/bin/NETMODE VPN } || { /usr/bin/NETMODE BRIDGE } sleep 3 # Make OpenVPN use the local configuration uci set openvpn.vpn.config="${DIR}/config.ovpn" uci commit # Start the OpenVPN server in the background /etc/init.d/openvpn start # Start SSH Server /etc/init.d/sshd start & # Set DNS server setdns & LED ATTACK } # Start the payload start &
Metasploit Posted December 14, 2017 Posted December 14, 2017 Make the dns in 8.8.8.8, then no dns leaks
Infinitynull Posted December 14, 2017 Author Posted December 14, 2017 I've already tried this, I can manually do this through the dhcp file on my linux machine. But I want to automate this through the Packet Squirrel, I am using the configuration above and it is still not working.
b0N3z Posted December 14, 2017 Posted December 14, 2017 Just remember its based on Openwrt and Openwrt has great wiki pages to look at.
Infinitynull Posted December 14, 2017 Author Posted December 14, 2017 Thank-you for that, I think I figured it out.
Metasploit Posted December 14, 2017 Posted December 14, 2017 How did you fix that have the same problem
Infinitynull Posted December 16, 2017 Author Posted December 16, 2017 Experimental Solution Hey Metasploit, I apologize for this delay. The only way I found to "fix" it was to change "/etc/Networkmanager/Networkmanager.conf" to the code below. But even then it causes problems. I just manually change my "/etc/dhcp/dhclient.conf" to the code below. Listen though, if you change your "Networkmanager.conf" to managed as the code below shows. You will not be able to manually set your "dhclient.conf" as I suggest you to do for the whole solution to DNS leaks. The code for the VPN payload on the Packet-Squirrel is only able to rewrite the "resolv.conf" if you have "ifupdown" in manged mode. But I still get DNS leaks even if it is able to rewrite it, so I would only use the recommend solution below. [main] plugins=ifupdown,keyfile [ifupdown] managed=true Recommend Solution So to make all that above, in a short answer. Only change your DNS settings manually through the "dhclient.conf" located at "etc/dhcp/dhclient.conf" that way it stays permanently. Right below this is the line that you will have to change. Be sure to add more than one DNS server, these two are Googles public DNS servers I think. Then type "service network-manager restart" this will update the "resolv.conf" file automatically. prepend domain-name-servers 8.8.8.8, 8.8.4.4; *** I am talking about changing these files on my Linux System (Kali) not the Packet Squirrel. ***
Metasploit Posted December 16, 2017 Posted December 16, 2017 I fix the dns leak always change the file you mentioned on every connection with the packet squirrel in 8.8.8.8
Recommended Posts
Archived
This topic is now archived and is closed to further replies.