Metasploit Posted December 13, 2017 Share Posted December 13, 2017 Hello, How to make the packet squirrel to a Tor router? Link to comment Share on other sites More sharing options...
Darren Kitchen Posted December 14, 2017 Share Posted December 14, 2017 Absolutely. The LAN Turtle and Packet Squirrel share similar bases - so this module should be easily ported: https://github.com/hak5/lanturtle-modules/blob/gh-pages/modules/tortle That should cover most of the heavy lifting :) Link to comment Share on other sites More sharing options...
Metasploit Posted December 14, 2017 Author Share Posted December 14, 2017 Thank you, Darren Kitchen Link to comment Share on other sites More sharing options...
Metasploit Posted December 14, 2017 Author Share Posted December 14, 2017 it doesn't! What is my mistake? #!/bin/bash /usr/lib/turtle/turtle_module VERSION="0.9" DESCRIPTION="TORtle - TOR Turtle Gateway + TOR hidden SHELL/Service" AUTHOR="Original by shad - customized by GermanNoob" CONF="/tmp/tortle.form" : ${DIALOG_OK=0} : ${DIALOG_CANCEL=1} : ${DIALOG_HELP=2} : ${DIALOG_EXTRA=3} : ${DIALOG_ITEM_HELP=4} : ${DIALOG_ESC=255} function tortlecfg { if [ "$(uci get tortle.version)" != "0.9" ]; then rm /etc/config/tortle fi if [ ! -e "/etc/config/tortle" ]; then touch /etc/config/tortle uci set tortle.version="0.9" uci set tortle.enableproxy="1" uci set tortle.enabletrans="1" uci set tortle.transport="9040" uci set tortle.socksip="172.16.84.1" # deprecated uci set tortle.socksport="5090" uci set tortle.tport="22" uci set tortle.lport="22" uci set tortle.forwarding="1" uci set tortle.enablehidden="1" uci set tortle.hiddendir="/etc/tor/hidden" uci set tortle.enablehidden2="0" uci set tortle.hiddendir2="etc/tor/hidden2" uci set tortle.dnsport="9053" uci set tortle.enablecontrol="0" uci set tortle.controlport="9051" uci set tortle.controladdr="172.16.84.1" # deprecated uci set tortle.hashedpass="16:D2237CB1DA58774A60EF13100BEFEDE024F5C49BA674CE2BEA1032EC38" # default: test uci set tortle.gateway="0" uci set tortle.enablebridge="0" #begin of changes uci set tortle.bridgeip="45.63.68.218" uci set tortle.bridgeport="8443" uci set tortle.bridgefingerprint="FF9217F56523FC663DAF837FD99A99BA00901A15" uci set tortle.enablehttpproxy="0" uci set tortle.httpproxyip="127.0.0.1" uci set tortle.httpproxyport="80" uci set tortle.httpproxyuser="some" uci set tortle.httpproxypasswd="body" uci set tortle.enablehttpsproxy="0" uci set tortle.httpsproxyip="127.0.0.1" uci set tortle.httpsproxyport="443" uci set tortle.httpsproxyuser="some" uci set tortle.httpsproxypasswd="body" uci set tortle.fascistfirewall="0" uci set tortle.fascistfirewallports="80,443" #end of changes uci commit tortle fi tortle_tport="$(uci get tortle.tport)" # * customizable tortle_lport="$(uci get tortle.lport)" # * customizable tortle_socksip="$(uci get network.lan.ipaddr)" # Use network.lan.ipaddr tortle_socksport="$(uci get tortle.socksport)" # Use standard default tortle_forwarding="$(uci get tortle.forwarding)" # * customizable tortle_enablehidden="$(uci get tortle.enablehidden)" # * customizable tortle_hiddendir="$(uci get tortle.hiddendir)" # tortle_enablehidden2="$(uci get tortle.enablehidden2)" # Reserved for future use tortle_hiddendir2="$(uci get tortle.hiddendir2)" # Reserved for future use tortle_dnsport="$(uci get tortle.dnsport)" # Use standard default tortle_enableproxy="$(uci get tortle.enableproxy)" # * customizable tortle_enabletrans="$(uci get tortle.enabletrans)" # * customizable tortle_transport="$(uci get tortle.transport)" # Use standard default tortle_enablecontrol="$(uci get tortle.enablecontrol)" # * customizable tortle_controlport="$(uci get tortle.controlport)" # Use standard default tortle_controladdr="$(uci get network.lan.ipaddr)" # Use network.lan.ipaddr tortle_hashedpass="$(uci get tortle.hashedpass)" # * customizable tortle_gateway="$(uci get tortle.gateway)" # * customizable tortle_version="$(uci get tortle.version)" tortle_enablebridge="$(uci get tortle.enablebridge)" tortle_bridgeip="$(uci get tortle.bridgeip)" tortle_bridgeport="$(uci get tortle.bridgeport)" tortle_bridgefingerprint="$(uci get tortle.bridgefingerprint)" tortle_enablehttpproxy="$(uci get tortle.enablehttpproxy)" tortle_httpproxyip="$(uci get tortle.httpproxyip)" tortle_httpproxyport="$(uci get tortle.httpproxyport)" tortle_httpproxyuser="$(uci get tortle.httpproxyuser)" tortle_httpproxypasswd="$(uci get tortle.httpproxypasswd)" tortle_enablehttpsproxy="$(uci get tortle.enablehttpsproxy)" tortle_httpsproxyip="$(uci get tortle.httpsproxyip)" tortle_httpsproxyport="$(uci get tortle.httpsproxyport)" tortle_httpsproxyuser="$(uci get tortle.httpsproxyuser)" tortle_httpsproxypasswd="$(uci get tortle.httpsproxypasswd)" tortle_fascistfirewall="$(uci get tortle.fascistfirewall)" tortle_fascistfirewallports="$(uci get tortle.fascistfirewallports)" if [ -e "$tortle_hiddendir/hostname" ]; then tortle_hostname="$(cat $tortle_hiddendir/hostname)" uci set tortle.hostname="$tortle_hostname" uci commit tortle else tortle_hostname="--Please first START TORtle to generate an Onion address--" fi } function hiddenserviceconf { dialog --ok-label "Apply" \ --title "Hidden Service configurtation" \ --form "Onion Host sets up a hidden service inside the TOR network. By default it is a TORShell (SSH within TOR)\n\n" 26 60 10\ "Onion Host Enable: ($tortle_hostname)" 1 1 "$tortle_enablehidden" 1 20 5 0 \ " External Port:" 2 1 "$tortle_tport" 2 20 5 0 \ " Local Port:" 3 1 "$tortle_lport" 3 20 5 0 \ 2>$CONF return=$? case $return in $DIALOG_OK) cat $CONF | { read -r tortle_enablehidden read -r tortle_tport read -r tortle_lport uci set tortle.enablehidden="$tortle_enablehidden" uci set tortle.tport="$tortle_tport" uci set tortle.lport="$tortle_lport" uci commit tortle rm $CONF } configure;; $DIALOG_CANCEL) rm $CONF clear configure;; esac } function torproxyconf { dialog --ok-label "Apply" \ --title "Proxy & Gateway configuration" \ --form "TORGateway, if enabled, automatically and conveniently tunnels ALL eth0 traffic through TOR Transparent Proxy.\n\n\ TOR Proxy is just the regular SOCKS proxy through TOR.\n\n\ Forwarding enables/disables LAN Turtle IP forwarding to help prevent leaks for Proxy mode.\n \n" 26 60 10\ "TOR Proxy Enable:" 1 1 "$tortle_enableproxy" 1 20 5 0 \ "TransProxy Enable:" 2 1 "$tortle_enabletrans" 2 20 5 0 \ "TORGateway Enable:" 3 1 "$tortle_gateway" 3 20 5 0 \ "Forwarding Enable:" 4 1 "$tortle_forwarding" 4 20 5 0 \ 2>$CONF return=$? case $return in $DIALOG_OK) cat $CONF | { read -r tortle_enableproxy read -r tortle_enabletrans read -r tortle_gateway read -r tortle_forwarding uci set tortle.enableproxy="$tortle_enableproxy" uci set tortle.enabletrans="$tortle_enabletrans" uci set tortle.gateway="$tortle_gateway" uci set tortle.forwarding="$tortle_forwarding" uci commit tortle rm $CONF } configure;; $DIALOG_CANCEL) rm $CONF clear configure;; esac } function bridgeconf { dialog --ok-label "Apply" \ --title "Bridge configurtation" \ --form "Bridges can be used to avoid blocking of the standard tor relays\n\n" 26 60 10\ " Bridge Enable:" 1 1 "$tortle_enablebridge" 1 20 5 0 \ " Bridge IP:" 2 1 "$tortle_bridgeip" 2 20 15 0 \ " Bridge Port:" 3 1 "$tortle_bridgeport" 3 20 5 0 \ "BridgeFingerprint:" 4 1 "$tortle_bridgefingerprint" 4 20 40 0 \ 2>$CONF return=$? case $return in $DIALOG_OK) cat $CONF | { read -r tortle_enablebridge read -r tortle_bridgeip read -r tortle_bridgeport read -r tortle_bridgefingerprint uci set tortle.enablebridge="$tortle_enablebridge" uci set tortle.bridgeip="$tortle_bridgeip" uci set tortle.bridgeport="$tortle_bridgeport" uci set tortle.bridgefingerprint="$tortle_bridgefingerprint" uci commit tortle rm $CONF } configure;; $DIALOG_CANCEL) rm $CONF clear configure;; esac } function httpproxyconf { dialog --ok-label "Apply" \ --title "HTTP Proxy configuration" \ --form "If an HTTP Proxy is used to control internet access is can be configured here.\n\n" 26 60 10\ "httpproxy Enable:" 1 1 "$tortle_enablehttpproxy" 1 20 5 0 \ "httpproxy IP:" 2 1 "$tortle_httpproxyip" 2 20 15 0 \ "httpproxy Port:" 3 1 "$tortle_httpproxyport" 3 20 5 0 \ "httpproxy User:" 4 1 "$tortle_httpproxyuser" 4 20 10 0 \ "httpsproxy Passwd:" 5 1 "$tortle_httpproxypasswd" 5 20 15 0 \ 2>$CONF return=$? case $return in $DIALOG_OK) cat $CONF | { read -r tortle_enablehttpproxy read -r tortle_httpproxyip read -r tortle_httpproxyport read -r tortle_httpproxyuser read -r tortle_httpproxypasswd uci set tortle.enablehttpproxy="$tortle_enablehttpproxy" uci set tortle.httpproxyip="$tortle_httpproxyip" uci set tortle.httpproxyport="$tortle_httpproxyport" uci set tortle.httpproxyuser="$tortle_httpproxyuser" uci set tortle.httpproxypasswd="$tortle_httpproxypasswd" uci commit tortle rm $CONF } configure;; $DIALOG_CANCEL) rm $CONF clear configure;; esac } function httpsproxyconf { dialog --ok-label "Apply" \ --title "HTTPS Proxy configuration" \ --form "If an HTTPS Proxy is used to control internet access is can be configured here.\n\n" 26 60 10\ "httpsproxy Enable:" 1 1 "$tortle_enablehttpsproxy" 1 20 5 0 \ "httpsproxy IP:" 2 1 "$tortle_httpsproxyip" 2 20 15 0 \ "httpsproxy Port:" 3 1 "$tortle_httpsproxyport" 3 20 5 0 \ "httpsproxy User:" 4 1 "$tortle_httpsproxyuser" 4 20 10 0 \ "httpssproxy Passwd:" 5 1 "$tortle_httpsproxypasswd" 5 20 15 0 \ 2>$CONF return=$? case $return in $DIALOG_OK) cat $CONF | { read -r tortle_enablehttpsproxy read -r tortle_httpsproxyip read -r tortle_httpsproxyport read -r tortle_httpsproxyuser read -r tortle_httpsproxypasswd uci set tortle.enablehttpsproxy="$tortle_enablehttpsproxy" uci set tortle.httpsproxyip="$tortle_httpsproxyip" uci set tortle.httpsproxyport="$tortle_httpsproxyport" uci set tortle.httpsproxyuser="$tortle_httpsproxyuser" uci set tortle.httpsproxypasswd="$tortle_httpsproxypasswd" uci commit tortle rm $CONF } configure;; $DIALOG_CANCEL) rm $CONF clear configure;; esac } function fascistfirewallconf { dialog --ok-label "Apply" \ --title "Fascist Firewall configuration" \ --form "If firewall is used that restricts all traffic to several ports \n\n\ this can be configured here.\n\n" 26 60 10\ "Fascist Fw Enable:" 1 1 "$tortle_fascistfirewall" 1 20 5 0 \ "Fascist Fw ports:" 2 1 "$tortle_fascistfirewallports" 2 20 5 0 \ 2>$CONF return=$? case $return in $DIALOG_OK) cat $CONF | { read -r tortle_fascistfirewall read -r tortle_fascistfirewallports uci set tortle.fascistfirewall="$tortle_fascistfirewall" uci set tortle.fascistfirewallports="$tortle_fascistfirewallports" uci commit tortle rm $CONF } configure;; $DIALOG_CANCEL) rm $CONF clear configure;; esac } function helpmsg { dialog --title "Help" \ --msgbox "\ TORtle V$tortle_version\n\n\ TOR SHELL\n\ =========\n\ Hostname: $tortle_hostname\n\ TOR Port: $tortle_tport (Redirected to localhost:$tortle_lport)\n\ \n TOR GATEWAY\n\ ===========\n\ TOR Proxy is at $tortle_socksip:$tortle_socksport\n\ TOR Transport is at $tortle_socksip:$tortle_transport\n\ TOR Dnsport is $tortle_dnsport\n\ \n\n\n\ For support, please use the LAN Turtle forum at:\n\n\ https://forums.hak5.org/index.php?/forum/88-lan-turtle/\n\n\ " 27 60 return=$? configure clear } function configure { tortlecfg dialog --title "TORtle Configuration" \ --menu "Choose feature to configure" 26 60 10 \ "Hidden Service" "Configure Hidden Service" \ "Tor Proxy" "Configure Tor Proxy" \ "Tor Bridge" "Specify a Tor Bridge to be used" \ "HTTP Proxy" "Specify a HTTP Proxy to be used" \ "HTTPS Proxy" "Specify a HTTP Proxy to be used" \ "Fascist Firewall" "Configure Fascist Firewall settings" \ "Help" "A short explaination of the module" \ "EXIT" "Exists the configuration" \ 2> $CONF result=$(cat $CONF && rm $CONF &>/dev/null) case $result in "Hidden Service") hiddenserviceconf;; "Tor Proxy") torproxyconf;; "Tor Bridge") bridgeconf;; "HTTP Proxy") httpproxyconf;; "HTTPS Proxy") httpsproxyconf;; "Fascist Firewall") fascistfirewallconf;; "Help") helpmsg;; "EXIT") exit;; esac } function start { tortlecfg if [ ! -e "/usr/sbin/tor" ]; then opkg update && opkg install tor fi if [ ! -e "/var/lib/tor" ]; then ( mkdir -p /var/lib/tor chown sshd.sshd /var/lib/tor mkdir -p $tortle_hiddendir chown sshd.sshd $tortle_hiddendir ) 2> /dev/null fi if [ ! -e "$tortle_hiddendir" ]; then ( mkdir -p $tortle_hiddendir chown sshd.sshd $tortle_hiddendir ) 2> /dev/null fi ( if [ "$tortle_enablebridge" == "1" ]; then echo "Bridge obfs3 $tortle_bridgeip:$tortle_bridgeport $tortle_bridgefingerprint" echo "UseBridges 1" fi echo "User sshd" echo "RunAsDaemon 1" echo "PidFile /var/run/tor.pid" echo "DataDirectory /var/lib/tor" if [ "$tortle_enableproxy" == "1" ]; then echo "SocksPort $tortle_socksip:$tortle_socksport" fi if [ "$tortle_enablehidden" == "1" ]; then echo "HiddenServiceDir $tortle_hiddendir" echo "HiddenServicePort $tortle_tport 127.0.0.1:$tortle_lport" fi if [ "$tortle_enabletrans" == "1" ]; then echo "VirtualAddrNetworkIPv4 10.192.0.0/10" echo "AutomapHostsOnResolve 1" echo "TransPort $tortle_transport" echo "TransListenAddress $tortle_socksip" echo "DNSPort $tortle_dnsport" echo "DNSListenAddress $tortle_socksip" fi if [ "$tortle_enablecontrol" == "1" ]; then echo "ControlListenAddress $tortle_controladdr" echo "ControlPort $tortle_controlport" echo "HashedControlPassword $tortle_hashedpass" fi if [ "$tortle_enablehttpproxy" == "1" ]; then echo "HTTPProxy $tortle_httpproxyip:$tortle_httpproxyport" echo "HTTPProxyAuthenticator $tortle_httpproxyuser:$tortle_httpproxypasswd" fi if [ "$tortle_enablehttpsproxy" == "1" ]; then echo "HTTPSProxy $tortle_httpsproxyip:$tortle_httpsproxyport" echo "HTTPSProxyAuthenticator $tortle_httpsproxyuser:$tortle_httpsproxypasswd" fi if [ "$tortle_fascistfirewall" == "1" ]; then echo "FascistFirewall 1" echo "FirewallPorts $tortle_fascistfirewallports" fi ) > /tmp/tortlerc tor -f /tmp/tortlerc if [ "$tortle_gateway" == "1" ]; then iptables -t nat -A PREROUTING -i br-lan -p udp --dport 53 -j REDIRECT --to-port $tortle_dnsport iptables -t nat -A PREROUTING -i br-lan -p tcp --dport 53 -j REDIRECT --to-port $tortle_dnsport iptables -t nat -A PREROUTING -i br-lan -p tcp --dest $tortle_socksip -j ACCEPT # Should I add here a rule to allow reaching eth1 network? Perhaps... but is it secure? iptables -t nat -A PREROUTING -i br-lan -p tcp -j REDIRECT --to-port $tortle_transport fi echo "$tortle_forwarding" > /proc/sys/net/ipv4/ip_forward } function stop { tortlecfg killall -9 tor # if [ "$tortle_gateway" == "1" ]; then ( iptables -t nat -D PREROUTING -i br-lan -p udp --dport 53 -j REDIRECT --to-port $tortle_dnsport iptables -t nat -D PREROUTING -i br-lan -p tcp --dport 53 -j REDIRECT --to-port $tortle_dnsport iptables -t nat -D PREROUTING -i br-lan -p tcp --dest $tortle_socksip -j ACCEPT iptables -t nat -D PREROUTING -i br-lan -p tcp -j REDIRECT --to-port $tortle_transport ) 2> /dev/null # fi echo "1" > /proc/sys/net/ipv4/ip_forward echo "All TORtle services and redirections have been disabled." } function status { if pgrep -x tor > /dev/null; then echo "1" else echo "0" fi } Link to comment Share on other sites More sharing options...
ThoughtfulDev Posted December 15, 2017 Share Posted December 15, 2017 Did you even changed something? Don't think so...so check the code and try to get the iptables/tor stuff from it. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.