OEZD Posted May 11, 2020 Share Posted May 11, 2020 Hello, I would appriciate help running the squirrel TCPDUMP payload in CLONE mode packet squirrel version the squirrel is running on: 3.2 Downloaded payload from github: packetsquirrel-payloads/payloads/library/sniffing/tcpdump/payload.sh When running the script in TRANSPARENT mode it runs OK. When changing the mode to CLONE - can not have network connection. Thx Quote Link to comment Share on other sites More sharing options...
chrizree Posted September 15, 2020 Share Posted September 15, 2020 Running the script in CLONE mode isn't working due to the fact that the Packet Squirrel hasn't got a br-lan interface in CLONE mode. You can easily add a couple of lines to the original payload script to see what is happening "live" as the payload is running and watch the br-lan interface "disappear" when entering CLONE mode. Replace these lines in the "run" function: # Set networking to TRANSPARENT mode and wait five seconds NETMODE TRANSPARENT sleep 5 With these lines: # Set networking to TRANSPARENT mode and wait ten seconds NETMODE TRANSPARENT sleep 10 echo "TRANSPARENT mode 1" >> /mnt/loot/tcpdump/run_log.txt ifconfig >> /mnt/loot/tcpdump/run_log.txt # Set networking to CLONE mode and wait ten seconds NETMODE CLONE sleep 10 echo "CLONE mode" >> /mnt/loot/tcpdump/run_log.txt ifconfig >> /mnt/loot/tcpdump/run_log.txt # Set networking to TRANSPARENT mode and wait ten seconds NETMODE TRANSPARENT sleep 10 echo "TRANSPARENT mode 2" >> /mnt/loot/tcpdump/run_log.txt ifconfig >> /mnt/loot/tcpdump/run_log.txt Then set the Packet Squirrel in Switch 1 and let it run as intended. After that, go back to Arming Mode and look in the run_log.txt file to see that br-lan is not available in CLONE mode. 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.