Comments (28)
Thanks a lot!
Im writing a installer atm and will make a pull request once im finished
from hackpi.
I will try to implement this check.
I have tested the new module and the "Failed to bring up br0" error still exists.
However Win 10 recognizes the Pi as a network interface, and i can access it via SSH. Yay :)
from hackpi.
No news for now, I've been busy on other projects. But I'll get back to it probably this week.
from hackpi.
Sorry for late reply!
Do you have any more details on the error? Did you make sure you have the bridge-utils package installed?
from hackpi.
No other errors that I can remember. I'll have to check when I get home about that and if I have the bridge utility installed.
One more thing, while I have you, do you know anything about getting the whole backdoor part of this working. I've looked everywhere and can't seem to get and even clue as to how it all works. I'm afraid that if anything it's only left me more confused. So if you have any insight or maybe could throw out a little step by step I would be most sincerely greatful.
from hackpi.
^as would many others..from what I've seen many people are having much trouble with getting the backdoors to funtion.
from hackpi.
Ok, let me know. Though I'm wondering, are you saying that while there is an error bringing up br0, HackPi still seems to be working? E.g, when connected to a computer, it is detected and starts PoisonTap?
As for the backdoor, unfortunately, I don't quite know how it works either, sorry... But I'll be digging around to get a better understanding one of these days.
from hackpi.
Having the same issue!
Followed your installation instructions and after reboot the pi says:
interface usb0 does not exist!
interface usb1 does not exist!
Waiting for br0 to get ready
RTNETLINK answers: File exists
Failed to bring up br0
EDIT:
So there are two issues that might solve the problem.
- isc-dhcp-server location is wrong. Correct is
sudo mv -f ~/HackPi/isc-dhcp-server /etc/default/
- On boot the raspberry says:
[ERROR] failed to load Kernel Modules
This may be because the USB dwc2 is currently 4.4.48+ and not 4.4.38+ and therefore overwriting the file will cause the error.
from hackpi.
Ah! You're right, I will correct the default path.
Also, concerning the kernel module, it is indeed built against the 4.38+ kernel and not the 4.48+. I will rebuild it for this version an upload it.
from hackpi.
Very nice installer, thanks!
I built and uploaded the new kernel module (4.4.48+), and slightly modified your installer to reflect the changes I made to the project structure, as well as kernel version detection.
Let me know if everything works and especially if br0 is going up successfuly.
from hackpi.
sure thing!
However, we need to enhance the kernel check, because if there is a new version, then the installer will fail.
from hackpi.
Indeed. We could add a check to abort installation if the kernel version is different from the ones that exist.
It should also be possible to script the kernel module building. I already added a new readme file explaining the steps required to make one.
from hackpi.
It's possible that this error occurs at startup, when the dummy ethernet gadget is created for fingerprinting purposes. br0 can't start at this point (it's normal). Then, when the real gadget is created, br0 can start (and apparently does, otherwise I think you wouldn't be able to connect to it and Windows wouldn't recognize it).
I'll try preventing it from auto starting in interfaces (as it's manually started after gadget creation anyways), see how it goes.
from hackpi.
Could you please explain why the bridge interface is needed in first place?
from hackpi.
I explained it in the readme file (agreed, it's a bit long!) :).
Basically, each libcomposite function (the ECM function for Linux and MacOs and the RNDIS function for Windows) creates an usbX interface. I didn't want to duplicate iptables, routes etc. rules nor change server configurations to listen on several interfaces, so I implemented the bridge interface as the main interface.
Also, because of an update, MacOs is not longer smart enough to ignore the RNDIS function (which needs to be declared first for Windows) and load the ECM function as it used to (and Linux still does). So, the ECM function needs to be declared first, and that means there will only be one usb interface that could be brought up: usb0. Everything that would be bound to the usb1 interface would fail.
Finally, it is somehow future-proof: if at some point I decide to add a new function (EEM?), I will only need to add it to the list of interfaces bound by the bridge and not worry about other configurations.
from hackpi.
Sorry, but i still dont get why the second interface (usb1) is needed and why it is not possible to just use usb0.
I'll try preventing it from auto starting in interfaces (as it's manually started after gadget creation anyways)
You mean this?:
/etc/network/interface
post-up route add -net 0.0.0.0/0
post-up iptables -t nat -A PREROUTING -i br0 -p tcp --dport 80 -j REDIRECT --to-port 1337
/etc/rc.local
/sbin/route add -net 0.0.0.0/0 br0
[...]
/sbin/iptables -t nat -A PREROUTING -i br0 -p tcp --dport 80 -j REDIRECT --to-port 1337
from hackpi.
No, I simply meant this:
/etc/network/interface
auto lo br0
However, the duplicates lines you've quoted are something I need to clean up. They shouldn't be needed in /etc/network/interface but if I remove them, it didn't seem to be working anymore...
About the bridge, it's not that you can't use usb0... I'll try to explain better.
For Windows to work, I had to create a specific function, RNDIS in gadget.sh. This one has to be declared first so it will listen on usb0.
Then, I create the ECM function for Linux and Mac. As it's created second, it will come up on usb1.
Since they both exist at the same time, there are two interfaces, usb0 and usb1.
But at this point, HackPi actually doesn't know which interface the host will use, because it doesn't know what kind of host it's connected to (except for MacOs thanks to fingerprinting, but that is another story). Windows will connect to the usb0 interface, but Linux will skip that one and connect to the usb1 interface. That means the servers and network configuration had to be set up on usb1 too, otherwise HackPi wasn't working during my tests.
This is why I thought of using a bridge. Hope I managed to be a bit clearer!
from hackpi.
Ah, now I get it. Thanks for the explanation.
Too bad fingerprinting doesnt work on Windows/Linux. However, nice workaround with the bridge though.
from hackpi.
You're welcome.
Actually, it should be possible to make it work for any OS. That would require some dedication and more advanced USB traffic analysis, however. See this link.
At some point, I'd like to find time to implement this...
from hackpi.
At this point i think the error message has to do something with the duplicated lines / auto start of the interfaces.
I still get the error message at boot, however I can login locally with "raspberrypi.local" and when i run brctl show i get the following:
> brctl show
bridge name bridge id STP enabled interfaces
br0 8000.426164555342 no usb0
usb1
And ifconfig shows:
br0 Link encap:Ethernet HWaddr 42:61:64:55:53:42
inet addr:1.0.0.1 Bcast:255.255.255.255 Mask:0.0.0.0
inet6 addr: fe80::c47e:3fff:feb3:96c1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:619 errors:0 dropped:0 overruns:0 frame:0
TX packets:744 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:81248 (79.3 KiB) TX bytes:55697 (54.3 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:324 errors:0 dropped:0 overruns:0 frame:0
TX packets:324 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:26244 (25.6 KiB) TX bytes:26244 (25.6 KiB)
usb0 Link encap:Ethernet HWaddr 42:61:64:55:53:42
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:623 errors:0 dropped:4 overruns:0 frame:0
TX packets:697 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:81424 (79.5 KiB) TX bytes:78422 (76.5 KiB)
usb1 Link encap:Ethernet HWaddr 42:61:64:55:53:43
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
from hackpi.
Yeah probably. However, each time I changed anything to these lines, it would stop working altogether... I'm looking into it.
Also, during my testing, I wasn't getting any error message about the bridge. Are these showing in dmesg?
From what I can see of brctl show and ifconfig output, it does indeed seem to be correctly working (well, that, and also the fact that you can SSH into it!)
from hackpi.
Yeah probably. However, each time I changed anything to these lines, it would stop working altogether
This is exactly what happens to me.
I'm looking into it.
Any news?
from hackpi.
Hi, in the code you say sudo chmod +x installer.sh but give the error no such file etc :c i should change for install.sh?
from hackpi.
Hey,
where in the code? The "install.sh" states:
Usage:
chmod +x install.sh
./install.sh
from hackpi.
Thanks u! everything works in my raspberry pi zero!. it's there a tutorial for the end server
from hackpi.
Nice to hear! I updated the Readme.
from hackpi.
Alright!
I tested everything on a clean Raspbian installation with Firmware version 4.9.
Installer works great, patching works great, device recognition under Win 10 works great, error is still there, but PoisonTap works IF there is no proxy defined in the browser.
However, i cant access HTTPS sites anymore with HackPi attached :(
The more I try to fix stuff, the more I think this whole PoisonTap thingy is more like a buggy proof of concept :/
from hackpi.
Yeah, seems like it...
I'll probably start working on another project now that I can successfully create Ethernet gadgets, I have some ideas in mind.
from hackpi.
Related Issues (17)
- Windows does not recognize the ethernet adapter HOT 5
- Cant install HOT 3
- Guide for only running Responder HOT 1
- Trying to add keyboard to gadget HOT 4
- wireless interface don't work? HOT 1
- help manual?? HOT 1
- Serial interface OSX High Sierra don't work HOT 4
- responder HOT 1
- backend server tutorial HOT 1
- works with windows 7
- will this work on win 7? HOT 8
- WINDOWS OS
- THIS STEAL ONLY HTTP COOKIES? or http and https?
- Implemented recently? HOT 1
- Issue after reboot HOT 12
- Not detected by any OS HOT 10
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from hackpi.