Jump to content
K0ALA

Services always on / started

Recommended Posts

Heyo!

So I've been having this issue for a while now, all of the services on the "turtle" menu always seem started or on, pressing the start or well now called "stop" button just says "killing <module> at PID <PID>" and when pressing it again just the same thing, none of the modules are one as none of them do what they're supposed to do when on. And enabling a service doesnt show the "*" symbol in the checkbox next to the service name like it usually does when enabled. Any clues? Attached images show a non started / enabled service and one show how the menu looks with the openvpn server enabled and started

Screenshot 2020-07-12 at 16.26.20.png

lan_turtle_menu.png

Share this post


Link to post
Share on other sites

I assume that you are on the v6.2 firmware since you have included a screenshot displaying that firmware version. I can't reproduce the problem with my v6.2 based LAN Turtle though.

Is it the openvpn module alone that produces the described problems, or all, or just some? Which modules in that case?

I had the same kind of problem with the urlsnarf module when upgrading to v6.2. First I got the indication that the module was started even though I hadn't done anything to enable it  apart from installing the module itself. The reason for this was that no executable binary was actually available in the system at all. My conclusion is that the urlsnarf module (although available via the Module Manager) isn't available anymore since v6.2 and therefore "deprecated" as a module (executable not installable either using opkg, the script file is now also empty when installing it using the Module Manager and the module/script is also removed from the GitHub repository of modules). So, check that the openvpn binary actually is present in your system. It should, I have it in my stock v6.2 system. It should reside in /usr/sbin (check permissions as well). You can also position yourself in the root of the file system and run:
find . -perm /u=x | grep "openvpn"

I know, it sounds really "non-logical" that the module indicates that something is started that isn't even available. Well, it's the module that is started, not the executable binary, I guess.

OK, so now on to the next issue with trying to unsuccessfully stop a module. Yet again I had this issue with urlsnarf (although on an older firmware, I think it was 5.0 since that is the "restore firmware" version that also holds the urlsnarf binary).

I got a message similar to yours, i.e. that the module with a certain process ID was killed. But..... it was still running when issuing ps to check for processes. I might remember the details wrong but in any way I solved it by renaming the module script file. When trying to "debug", I executed ps before trying to stop the module, but the PID that was returned in the Turtle GUI was not the same (but a higher number) as the one I had been identified previously. I'm not sure though how this affects the openvpn module since that seems to use "killall" to stop processes. As I remember it, urlsnarf (that I had problems with) didn't use killall.

However, I figured out that there is a “naming conflict” between the binary urlsnarf (in /usr/sbin) and the script urlsnarf (in /etc/turtle/modules)
The negative effect to this “conflict” is that the process of stopping urlsnarf kills one process but is leaving one running. I'm not sure that this solves your situation at all though since you seem to have nothing running. However, I renamed the urlsnarf script file in /etc/turtle/modules to “get-some-http-loot” and after doing that, I didn't have this problem anymore. The only effect was a different name listed among the LAN Turtle modules in the LAN Turtle "GUI", but I could live with that 🙂

Also compare the content your version of the openvpn module script with the one published on GitHub. Some files (openvpn is one of them) where updates just some days ago. Not sure though if it really affects the problems you are facing. The modules are located on the Turtle in /etc/turtle/modules
https://github.com/hak5/lanturtle-modules/tree/gh-pages/modules

Also try to start and stop the modules from the command line. It's sometimes easier to catch output there rather than in the "semi GUI" of the Turtle.
/etc/turtle/modules/<module_name> start
/etc/turtle/modules/<module_name> stop
it's also possible to run it with a kind of "shortcut"
start <module_name>
stop <module_name>

For example
/etc/turtle/modules/netcat-revshell start
/etc/turtle/modules/netcat-revshell stop
start netcat-revshell
stop netcat-revshell

Try to "hack" the LAN Turtle based on the above and hopefully you will find something that works for you.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...