alxrogan · June 6, 2017 00:45
diff --git a/lan turtle stuff b/lan turtle stuff
 Get turtle online.

 opkg update
 opkg install ntpdate
 ntpdate pool.ntp.org


 Make sure that you change your hostname before you deploy the turtle to a target network, along with the MAC address. You can do this with the rc.local files as well as the if-pre.up scripts. You can also edit /etc/config/system file to change hostname and timezone (https://wiki.openwrt.org/doc/uci/system#time_zones)

 You can also directly modify the /etc/config/network file 
 config interface 'wan'
 	option ifname 'eth1'
 	option proto 'dhcp'
 	option macaddr '00:0b:db:8d:d2:21'


 One of the use cases for the LAN Turtle is to be plugged into a victim computer to allow a remote attacker access. When you do this, you effectively take the victim computer off the network for direct inbound access. In order to minimize the impact of this, I use the clomac module to attempt to clone the existing MAC address so that the same DHCP address is assigned the wan interface of the turtle.

 After the IP address is cloned, the firewall on the turtle needs to be configured to forward all inbound traffic from the WAN interface IP to the LAN IP address of the victim. To modify the firewall script, you will need the IP address entry from the /tmp/dhcp.leases file that dnsmasq writes out.

 I'm planning to do a simple script for the firewall that will pull the IP from the dhcp.leases file and write the appropriate /etc/config/firewall script and then execute it.

 Right now the /etc/config/firewall additions are as follows. You should be able to reduce it to one redirect (for port forwarding) and one rule (to allow traffic) by combining tcp and udp into proto 'tcpudp' as referenced https://wiki.openwrt.org/doc/howto/port.forwarding

 config 'redirect'                                      
        option 'src' 'wan'                             
        option 'proto' 'tcp'                           
        option 'src_ip' ''                             
        option 'src_dport' '1:65535'                   
        option 'dest_ip' '172.16.84.109'               
        option 'dest_port' '1:65535'                   
                                                       
 config 'rule'                                          
        option 'src' 'wan'                             
        option 'proto' 'tcp'                           
        option 'src_ip' ''                             
        option 'dest_ip' ''                            
        option 'dest_port' '1:65535'                   
        option 'target' 'ACCEPT'
 		
 config 'redirect'                                      
        option 'src' 'wan'                             
        option 'proto' 'udp'                           
        option 'src_ip' ''                             
        option 'src_dport' '1:65535'                   
        option 'dest_ip' '172.16.84.109'               
        option 'dest_port' '1:65535'                   
                                                       
 config 'rule'                                          
        option 'src' 'wan'                             
        option 'proto' 'udp'                           
        option 'src_ip' ''                             
        option 'dest_ip' ''                            
        option 'dest_port' '1:65535'                   
        option 'target' 'ACCEPT'
	Get turtle online.

	opkg update
	opkg install ntpdate
	ntpdate pool.ntp.org


	Make sure that you change your hostname before you deploy the turtle to a target network, along with the MAC address. You can do this with the rc.local files as well as the if-pre.up scripts. You can also edit /etc/config/system file to change hostname and timezone (https://wiki.openwrt.org/doc/uci/system#time_zones)

	You can also directly modify the /etc/config/network file
	config interface 'wan'
	option ifname 'eth1'
	option proto 'dhcp'
	option macaddr '00:0b:db:8d:d2:21'


	One of the use cases for the LAN Turtle is to be plugged into a victim computer to allow a remote attacker access. When you do this, you effectively take the victim computer off the network for direct inbound access. In order to minimize the impact of this, I use the clomac module to attempt to clone the existing MAC address so that the same DHCP address is assigned the wan interface of the turtle.

	After the IP address is cloned, the firewall on the turtle needs to be configured to forward all inbound traffic from the WAN interface IP to the LAN IP address of the victim. To modify the firewall script, you will need the IP address entry from the /tmp/dhcp.leases file that dnsmasq writes out.

	I'm planning to do a simple script for the firewall that will pull the IP from the dhcp.leases file and write the appropriate /etc/config/firewall script and then execute it.

	Right now the /etc/config/firewall additions are as follows. You should be able to reduce it to one redirect (for port forwarding) and one rule (to allow traffic) by combining tcp and udp into proto 'tcpudp' as referenced https://wiki.openwrt.org/doc/howto/port.forwarding

	config 'redirect'
	option 'src' 'wan'
	option 'proto' 'tcp'
	option 'src_ip' ''
	option 'src_dport' '1:65535'
	option 'dest_ip' '172.16.84.109'
	option 'dest_port' '1:65535'

	config 'rule'
	option 'src' 'wan'
	option 'proto' 'tcp'
	option 'src_ip' ''
	option 'dest_ip' ''
	option 'dest_port' '1:65535'
	option 'target' 'ACCEPT'

	config 'redirect'
	option 'src' 'wan'
	option 'proto' 'udp'
	option 'src_ip' ''
	option 'src_dport' '1:65535'
	option 'dest_ip' '172.16.84.109'
	option 'dest_port' '1:65535'

	config 'rule'
	option 'src' 'wan'
	option 'proto' 'udp'
	option 'src_ip' ''
	option 'dest_ip' ''
	option 'dest_port' '1:65535'
	option 'target' 'ACCEPT'