LEDE for MK5

[Mr.miYagi]

Hi all

Wanna share how i got LEDE Reboot 17.01.5 running on my MKV

Download
http://downloads.openwrt.org/releases/17.01.5/targets/ar71xx/generic/lede-17.01.5-ar71xx-generic-tl-mr3040-v2-squashfs-factory.bin

Ssh to pineapple

mtd write -r /firmwarelocation.bin firmware (edit, wron command: sysupgrade -n /tmp/lede-17.01.5-ar71xx-generic-tl-mr3040-v2-squashfs-factory.bin)

Connect to the new FW
Set PC LAN to DCHP(dont use wp5.sh script)
Connect lan cable
Browse to 192.168.1.1 login with user root, pass toor

Get sd card working
Get a wifi connection with wlan0 or provide other internet connection
Go to software and install folowing packages, or use opkg trough ssh (this are more package as you need, if someone knows wich one aren't needed, we can sort them out, but sd works with these):
opkg update
opkg install kmod-scsi-core kmod-scsi-generic \
  kmod-usb-core kmod-usb-ohci kmod-usb-uhci kmod-usb2 kmod-usb3 \
  kmod-fs-msdos kmod-fs-vfat kmod-fs-ext4 usbutils \
  kmod-usb-storage kmod-usb-storage-extras block-mount

Reboot
 
Insert a previosly formatted sd card (etx4 and swap partition)
Check with dmesg if its reconized, or check with "block info"
Now you get the menu "Mount points" in the web interface
Click on "generate conf" and the 2 partition will appear

Edit sda1/the ext4 partition
Change mount point to /overlay click on save & apply
Click on "enable" ckeckbox, save and apply afterwards
Reboot
Bam! you have a Openwrt installation with XGB of storage

Install second wifi
Go to software or use opkg:
opkg update / update list first or you won't get results
Search for RTL8187
Install kmod-rtl8187
Here you have your 2. wireless

If you mess up something, you can reset it trough the web interface (didnt find the dip switch/combination for factory reset yet)
Network setting are by pressing the DIP switch 5 for a few second.
Please share your findings about.

First of all i wanna thanks @Allegria for the idea and command to upgrade to Lede and @Zylla that already made MANA possible on the old FW

Open questions:
I tried to install the MANA packages for the Nano and i get several errors, like wrong Architecture or missing libc etc. @Zylla can you help me out to get it running?
If i have to compile it from scratch, it better to switch to lede 18 first and compile it there?
can we port the rest of it like these methods:
https://penturalabs.wordpress.com/2013/04/25/blue-for-the-pineapple/

Thx for the help

 

edit:

its faster that way: update to 3.0 and make the

https://openwrt.org/toh/hwdata/hak5/hak5_wifi_pineapple_nano

upgrade

Model

Hak5 WiFi Pineapple NANO

Architecture

Atheros AR9330 rev 1

Firmware Version

OpenWrt 18.06.2 r7676-cddd7b4c77 / LuCI openwrt-18.06 branch (git-19.020.41695-6f6641d)

 

runs fine that way.

 

The only prolem is how to port all applications? Compile all fom scratch?

 

 

Edited July 4, 2019 by Mr.miYagi

[Allegria]

Mr.miyagi,

Great tutorial.

Keep us posted as you learn more about the MKV and OpenWRT/LEDE.

[Zylla]

The pre-compiled MANA packages are built for Chaos Calmer, and will not run run on LEDE 17.X. 

It's also built with a different C-library. (uClibc), and your version of LEDE is running musl. 

You could download the Makefiles for MANA available on my repo and build it using the correct SDK for the version of LEDE you're using. 

Link to SDK

Or you could try building a complete new firmware running latest openwrt snapshot, I don't see any reason for it not working. 

My MKV died a few years ago, so I'm unable to test anything myself. 

Edited July 4, 2019 by Zylla

[Mr.miYagi]

Wow fast answer

 

So then... I try to get 18.06.2 running. As i understand, every image that has "generic" as subtarged and is for AR9331 should work?

You think i can flash a image from here?

https://openwrt.org/toh/views/toh_fwdownload

like the one for the TL-WR710N?

I bricked my MKV a lot of time, but i have a soldering station and a bus pirate. Could fix it every time till now

Thanks for your help

 

Edit:

Found This:

https://openwrt.org/toh/hwdata/hak5/hak5_wifi_pineapple_nano

openwrt 18.06 for the nano. Can we use just this image? is this only a upgrade or a full image?

 

@Zylla the problem is not to get a new image for the 18.06, my problem is i cant port all the tools to the ne architure.

Edited July 4, 2019 by Mr.miYagi

[Zylla]

Given the tools at your disposal you seem fit to handle a "brick" if any should occur.

The MKV uses AR9331 CPU, same as the NANO.
So i would try flashing this firmware:
https://downloads.openwrt.org/snapshots/targets/ar71xx/generic/openwrt-ar71xx-generic-wifi-pineapple-nano-squashfs-sysupgrade.bin

That's the latest official snapshot build of openwrt for the pineapple nano.
You might need to install a couple of kmods to get everything setup afterwards, as some components differ between the devices.

To build MANA you would need to download the SDK for the snapshot release. Here:
https://downloads.openwrt.org/snapshots/targets/ar71xx/generic/openwrt-sdk-ar71xx-generic_gcc-7.4.0_musl.Linux-x86_64.tar.xz

 

I hope that helps 🙂

BTW: When building MANA. Chose the "light" version when installing on "Non Chaos Calmer" versions, as the main version has a postinst script made for the Pineapple.

Edited July 4, 2019 by Zylla

[Allegria]

26 minutes ago, Zylla said:

I hope that helps 🙂

BTW: When building MANA. Chose the "light" version when installing on "Non Chaos Calmer" versions, as the main version has a postinst script made for the Pineapple.

Thank you for the help.

[Mr.miYagi]

with the original 3.0 beta and the Nano upgrade now im on 18.06.02 and kinda of official release. New enough for me.

Never portet aps with sdk, only compiled for debian et. But i have no experience in it. Hope i get it.

 

Already installed the MANA Light package from you git. It seems to install. I dont know what exactly, bit it installs 😄

 

Every help is appreciated

[Allegria]

2 minutes ago, Mr.miYagi said:

with the original 3.0 beta and the Nano upgrade now im on 18.06.02 and kinda of official release. New enough for me.

 

how did you go back to 3.0.0 beta from LEDE Reboot 17.01.5?

[Mr.miYagi]

 

1 minute ago, Allegria said:

how did you go back to 3.0.0 beta from LEDE Reboot 17.01.5?

Tried to go back to 3.0 and made the https://openwrt.org/toh/hwdata/hak5/hak5_wifi_pineapple_nano upgrade.

I was thinking the nano upgrade is only a upgrade and not a full image, so i was thinking that is a better idea to upgrade from 3.0.

but pineapple stuff seems removed here, so no package for the actual distro/architecture.

Try to figure out how how to compile mana and the other stuff on 18.06.

[Allegria]

I'm still on LEDE Reboot 17.01.5 and want to return to 3.0.0 beta then commit the Nano upgrade. However,

sysupgrade -n /tmp/upgrade-3.0.0.bin 

throws

Image metadata not found
Invalid image, hardware ID mismatch, hw:30400002 00000001 image:6d6b3531 00000001.
Image check 'platform_check_image' failed.

so what code did you run to return back to 3.0.0 beta?

[Mr.miYagi]

copy fw to /tmp

cd to /tmp

mtd write -r 3.0upgradexxxx.bin firmware

 

edit:

Be patient, tooks long to flash and the 1. boot

Edited July 4, 2019 by Mr.miYagi

[Foxtrot]

56 minutes ago, Mr.miYagi said:

.....now im on 18.06.02 and kinda of official release......

Hi everyone, I just wanted to chime in quickly and clarify that the OpenWRT trunk builds for the NANO are not compatible with the Mark V, nor are they 'official' (read: the firmware that we provide to users of the WiFi Pineapple). There are other differences between the Mark V and NANO in both software and hardware that make them incompatible with eachother. The OpenWRT trunk NANO builds also lack any of the software that we ship in actual official releases by Hak5.

Happy hacking :)

[Mr.miYagi]

thx foxtrott

I know nothing is official, but hey, we are here for hacking 😉

 

 

btw

Mana seems to work with the provided .ipk fom @Zylla , have still some trouble to start it correctly.

Got clients associated!!! Even wlan1 connected to elan0 with a fake AP!!

most of the time i get:

root@OpenWrt:~# hostapd-mana /etc/mana-toolkit/hostapd-mana.conf
Configuration file: /etc/mana-toolkit/hostapd-mana.conf
Could not read interface wlan1 flags: No such device
nl80211: Driver does not support authentication/association or connect commands
nl80211: deinit ifname=wlan1 disabled_11b_rates=0
Could not read interface wlan1 flags: No such device
nl80211 driver initialization failed.
wlan1: interface state UNINITIALIZED->DISABLED
wlan1: AP-DISABLED

i switched to wlan0, killed wpa_supplicant and dnsmasq, and sometime it works.

but if i deactivate the wlan1 in the web interface, it doesen't show up in iwconfig, and i get that error.

And if i activate, networkmanager etc makes a mess...

im sure

Edited July 4, 2019 by Mr.miYagi

[Allegria]

10 hours ago, Foxtrot said:

Hi everyone, I just wanted to chime in quickly and clarify that the OpenWRT trunk builds for the NANO are not compatible with the Mark V, nor are they 'official' (read: the firmware that we provide to users of the WiFi Pineapple).

Thanks Foxtrot. Could you suggest a better OpenWRT truck build for this venture?

I used this image to upgrade from 3.0.0 beta
https://downloads.openwrt.org/snapshots/targets/ar71xx/generic/openwrt-ar71xx-generic-wifi-pineapple-nano-squashfs-sysupgrade.bin

The MKV would ping on 192.168.1.1 but not provide a GUI.
The MKV recovery was accessible with dip switch 5 in the down position and browsing to 192.168.1.1 in Chrome, but not Firefox.
I had to use the factory.bin file to recover.
https://www.wifipineapple.com/mk5/factory.bin

From there I went back to 3.0.0 beta, then this NANO image.
http://downloads.openwrt.org/releases/18.06.4/targets/ar71xx/generic/openwrt-18.06.4-ar71xx-generic-wifi-pineapple-nano-squashfs-sysupgrade.bin

Now on OpenWrt 18.06.4

[Zylla]

Yeah as Foxtrot is saying there are differences between the Nano and the MKV. 

I don't recommend anyone attempt to flash the openwrt builds and expect it to to work!

It might work. But it also might brick your device. 

So my comment above recommending @Mr.miYagito try it was because he seemed capable to handle a brick if it should occur.

I'll send you a pm. @Mr.miYagi, so I can try compiling a version of mana for the version of openwrt you need. 

 

[Allegria]

Thanks @Zylla. I have OpenWrt 18.06.4 on the MKV now with an Alfa awus036neh installed as well. Looking forward to your work on Mana.

[Mr.miYagi]

Hey @Allegria

Just install https://github.com/adde88/hostapd-mana-openwrt-simple/blob/master/bin/ar71xx/packages/base/hostapd-mana-light_2.6-2_mips_24kc.ipk?raw=true

and launch with "hostapd-mana /etc/mana-toolkit/hostapd-mana.conf"

The hostapd part seems to work. Now we need to get dns2proxy and sslstrip working

Edited July 5, 2019 by Mr.miYagi

[Zylla]

I suggest trying this IPK which I built for snapshot a while back, especially if there's issues with the other one. 

It's built with musl as the C library, which is the default now in snapshot and LEDE.

https://github.com/adde88/hostapd-mana-openwrt/raw/master/bin/ar71xx/generic-glibc/packages/hostapd-mana-light_2.6.5-4-musl_mips_24kc.ipk

[Mr.miYagi]

18 hours ago, Zylla said:

I suggest trying this IPK which I built for snapshot a while back, especially if there's issues with the other one. 

It's built with musl as the C library, which is the default now in snapshot and LEDE.

https://github.com/adde88/hostapd-mana-openwrt/raw/master/bin/ar71xx/generic-glibc/packages/hostapd-mana-light_2.6.5-4-musl_mips_24kc.ipk

Trows me erros about dependencies, dont installs.

 

https://github.com/adde88/hostapd-mana-openwrt-simple/blob/master/bin/ar71xx/packages/base/hostapd-mana-light_2.6-2_mips_24kc.ipk

installs fine and work. Already tested

 

[Mr.miYagi]

And because  i was bored and already experimenting, i tried to flash the newest Nano 2.5.4 img...

Aaaaand its boots up. Im stuck now at the setup screen, it ask to push the reset button to continue, wich i dont have.

I tried already with a few DIP switch combination, but it didn't work. I try now:

- More DIP switch combinations

- Try to find out if some GPIO pins triggers it

- Try ro find out, how i cuould skip this part of the setup

 

Edit: Reset on Nano seems on gpio12, no DIP switches are 12 on mkv

Edited July 6, 2019 by Mr.miYagi

[Zylla]

On 7/6/2019 at 1:26 PM, Mr.miYagi said:

And because  i was bored and already experimenting, i tried to flash the newest Nano 2.5.4 img...

Aaaaand its boots up. Im stuck now at the setup screen, it ask to push the reset button to continue, wich i dont have.

I tried already with a few DIP switch combination, but it didn't work. I try now:

- More DIP switch combinations

- Try to find out if some GPIO pins triggers it

- Try ro find out, how i cuould skip this part of the setup

 

Edit: Reset on Nano seems on gpio12, no DIP switches are 12 on mkv

Stuck at the setup screen?
Here's what worked for me:

1. SSH to the Pineapple
2. jffs2reset
3. reboot

This suggestion is meant for you only, in this specific scenario.

Edited July 7, 2019 by Zylla

[Allegria]

I have been following along as @Mr.miYagi continues to press on with this. Keep it up. Thanks @Zylla!

[Mr.miYagi]

Seems burp suite is the answer. Passed the secure setup, but could not finish the setup till now. Fummeling with the packets... 

[Mr.miYagi]

4 hours ago, Zylla said:

Stuck at the setup screen?
Here's what worked for me:

1. SSH to the Pineapple
2. jffs2reset
3. reboot

This suggestion is meant for you only, in this specific scenario.

At the setup screen the pineapple doesent accept any ssh connection. 

With the manipulated packed, it skips the reset button part, i can enter all settings like pw ssid etc. When i press continue, it goes back to the welcome setup screen and doesent set the pw etc. 

Maybe i broke the setup, and trying to find out, how to reset it or restart the setup. Maybe this helps. 

The other thing is, its not meant for this device. I mean, maybe the setup doesent work on mk5. 

[Allegria]

@Mr.miYagi have you made any progress?