From charlesreid1

Widy.jpg

Widy redux - returning to the project after a few months away from it.

Getting Back Up And Running

I used Barrier Breaker version of OpenWRT, but I don't recall which firmware platform I picked. I could probably refer to the documentation for the TP-Link router (TP-Link Portable 3G/4G Wireless N Router, TL-MR3040) on the OpenWRT wiki or elsewhere.

To boot up the Widy device:

1. Make sure the Widy is off.

2. Set the Widy into 3G/4G mode.

3. Connect the Widy ethernet port to your computer's ethernet port.

4. Turn the Widy on.

If you monitor your ethernet port, using your operating system's network utility, you should see the Widy device show up at 192.168.1.1. If it shows up at some other IP address, turn the Widy off, ensure it is on 3G/4G mode, and turn it back on.

Once the Widy has turned on, you can ssh to it via ssh root@192.168.1.1, or alternatively you can use the LuCI web interface by going to 192.168.1.1 in a browser. Both use the same root username/password. When you first install OpenWRT, the username is root, there is no password, and you are prompted to set the root password.

The Software

Let's do a quick survey of the software on the Widy.

Programs

OpenWRT Packages with opkg

The following programs are installed through the OpenWRT package manager (can be used via the web interface or via the command line). The interesting ones are:

  • aircrack/airdecap/airdecloak
  • ettercap
  • git
  • kismet
  • lua
  • macchanger
  • nmap
  • packetforge
  • python
  • reaver
  • ruby
  • scapy
  • snort
  • wget
  • iptables/iw
  • luci
  • uhttpd

The Widy/Post-Install page on my wiki has more on opkg and how to install software.

Configuration

Nothing was configured to run at boot. Need to look at the OpenWRT wiki to determine how to do that.

Link: https://wiki.openwrt.org/doc/techref/preinit_mount

Add scripts so that when Widy boots it can potentially be running, listening, and monitoring immediately.

Scapy is the route to go here. Aggregation of data on the fly, compiling information locally and sending it out after compiling a bit.

Tcpdump problem

I couldn't use Scapy because I didn't have tcpdump. But tcpdump wasn't in the opkg repositories. I guess I needed an update. Which meant connecting the router to the internet.

Connecting to Internet

First, fire up the Widy's wireless and use it to connect to a wireless network.

1. Open 192.168.1.1 in a web browser.

2. Log in with root credentials

3. Click Network > Wifi

4. Scan for local wifi works, and join your wifi network of choice

Your Widy device is now connected to the internet via wireless, and you can disconnect the ethernet cable - if you would like.

A ping google.com makes sure you can see the outside world. Now update opkg and install tcpdump:

root@OpenWrt:~# ping google.com
PING google.com (216.58.216.142): 56 data bytes
64 bytes from 216.58.216.142: seq=0 ttl=55 time=24.560 ms
64 bytes from 216.58.216.142: seq=1 ttl=55 time=29.804 ms
64 bytes from 216.58.216.142: seq=2 ttl=55 time=28.281 ms
64 bytes from 216.58.216.142: seq=3 ttl=55 time=15.585 ms
^C
--- google.com ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 15.585/24.557/29.804 ms

root@OpenWrt:~# opkg update
Downloading http://downloads.openwrt.org/barrier_breaker/14.07/ar71xx/generic/packages/base/Packages.gz.
Updated list of available packages in /var/opkg-lists/barrier_breaker_base.
Downloading http://downloads.openwrt.org/barrier_breaker/14.07/ar71xx/generic/packages/luci/Packages.gz.
Updated list of available packages in /var/opkg-lists/barrier_breaker_luci.
Downloading http://downloads.openwrt.org/barrier_breaker/14.07/ar71xx/generic/packages/packages/Packages.gz.
Updated list of available packages in /var/opkg-lists/barrier_breaker_packages.
Downloading http://downloads.openwrt.org/barrier_breaker/14.07/ar71xx/generic/packages/routing/Packages.gz.
Updated list of available packages in /var/opkg-lists/barrier_breaker_routing.
Downloading http://downloads.openwrt.org/barrier_breaker/14.07/ar71xx/generic/packages/telephony/Packages.gz.
Updated list of available packages in /var/opkg-lists/barrier_breaker_telephony.
Downloading http://downloads.openwrt.org/barrier_breaker/14.07/ar71xx/generic/packages/management/Packages.gz.
Updated list of available packages in /var/opkg-lists/barrier_breaker_management.
Downloading http://downloads.openwrt.org/barrier_breaker/14.07/ar71xx/generic/packages/oldpackages/Packages.gz.
Updated list of available packages in /var/opkg-lists/barrier_breaker_oldpackages.

root@OpenWrt:~# opkg install tcpdump
Installing tcpdump (4.5.1-4) to root...
Downloading http://downloads.openwrt.org/barrier_breaker/14.07/ar71xx/generic/packages/base/tcpdump_4.5.1-4_ar71xx.ipk.
Configuring tcpdump.

Scapy

Now that tcpdump was installed, I could use scapy to do some networking things. See the Scapy page on the wiki for notes.