diff options
Diffstat (limited to 'minikrebs/profiles/rickroller_advanced')
20 files changed, 282 insertions, 0 deletions
diff --git a/minikrebs/profiles/rickroller_advanced/airbase-ng b/minikrebs/profiles/rickroller_advanced/airbase-ng Binary files differnew file mode 100755 index 00000000..f6cfd5a6 --- /dev/null +++ b/minikrebs/profiles/rickroller_advanced/airbase-ng diff --git a/minikrebs/profiles/rickroller_advanced/custom_make b/minikrebs/profiles/rickroller_advanced/custom_make new file mode 100755 index 00000000..2f92476f --- /dev/null +++ b/minikrebs/profiles/rickroller_advanced/custom_make @@ -0,0 +1,4 @@ +#!/bin/sh + +HTTPD="uhttpd uhttpd-mod-tls" +make image PROFILE=TLWR703 PACKAGES="$HTTPD dnsmasq wireless-tools block-mount kmod-usb-core kmod-usb2 kmod-usb-storage -radvd -kmod-ppp -kmod-pppoe -kmod-pppox -ppp -ppp-mod-pppoe" FILES=customfiles/ diff --git a/minikrebs/profiles/rickroller_advanced/customfiles/etc/config/dhcp b/minikrebs/profiles/rickroller_advanced/customfiles/etc/config/dhcp new file mode 100644 index 00000000..79d7bea5 --- /dev/null +++ b/minikrebs/profiles/rickroller_advanced/customfiles/etc/config/dhcp @@ -0,0 +1,28 @@ +config dnsmasq + option domainneeded 1 + option boguspriv 1 + option filterwin2k 0 # enable for dial on demand + option localise_queries 1 + option rebind_protection 1 # disable if upstream must serve RFC191 +8 addresses + option rebind_localhost 1 # enable for RBL checking and similar se +rvices + #list rebind_domain example.lan # whitelist RFC1918 responses for +domains + #option local '/lan/' + #option domain 'lan' + option expandhosts 1 + option nonegcache 0 + option authoritative 1 + option readethers 1 + option leasefile '/tmp/dhcp.leases' + option resolvfile '/tmp/resolv.conf.auto' + +config dhcp wlan + option interface lan + option start 100 + option limit 150 + option leasetime 12h +config 'domain' + option name '#' + option ip '192.168.23.1' diff --git a/minikrebs/profiles/rickroller_advanced/customfiles/etc/config/firewall b/minikrebs/profiles/rickroller_advanced/customfiles/etc/config/firewall new file mode 100644 index 00000000..56f20aa7 --- /dev/null +++ b/minikrebs/profiles/rickroller_advanced/customfiles/etc/config/firewall @@ -0,0 +1,112 @@ +config defaults + option syn_flood 1 + option input ACCEPT + option output ACCEPT + option forward REJECT + +config zone + option name lan + option network 'lan' + option input ACCEPT + option output ACCEPT + option forward REJECT + +config zone + option name wan + option network 'wan' + option input ACCEPT + option output ACCEPT + option forward REJECT + option masq 1 + option mtu_fix 1 + +config forwarding + option src lan + option dest wan + +# We need to accept udp packets on port 68, +# see https://dev.openwrt.org/ticket/4108 +config rule + option name Allow-DHCP-Renew + option src wan + option proto udp + option dest_port 68 + option target ACCEPT + option family ipv4 + +# Allow IPv4 ping +config rule + option name Allow-Ping + option src wan + option proto icmp + option icmp_type echo-request + option family ipv4 + option target ACCEPT + +# Allow DHCPv6 replies +# see https://dev.openwrt.org/ticket/10381 +config rule + option name Allow-DHCPv6 + option src wan + option proto udp + option src_ip fe80::/10 + option src_port 547 + option dest_ip fe80::/10 + option dest_port 546 + option family ipv6 + option target ACCEPT + +# Allow essential incoming IPv6 ICMP traffic +config rule + option name Allow-ICMPv6-Input + option src wan + option proto icmp + list icmp_type echo-request + list icmp_type echo-reply + list icmp_type destination-unreachable + list icmp_type packet-too-big + list icmp_type time-exceeded + list icmp_type bad-header + list icmp_type unknown-header-type + list icmp_type router-solicitation + list icmp_type neighbour-solicitation + list icmp_type router-advertisement + list icmp_type neighbour-advertisement + option limit 1000/sec + option family ipv6 + option target ACCEPT + +# Allow essential forwarded IPv6 ICMP traffic +config rule + option name Allow-ICMPv6-Forward + option src wan + option dest * + option proto icmp + list icmp_type echo-request + list icmp_type echo-reply + list icmp_type destination-unreachable + list icmp_type packet-too-big + list icmp_type time-exceeded + list icmp_type bad-header + list icmp_type unknown-header-type + option limit 1000/sec + option family ipv6 + option target ACCEPT + +config redirect + option src lan + option proto tcp + option src_dport 80 + option src_ip !192.168.23.1 + option dest_port 80 + option dest_ip 192.168.23.1 + option target DNAT + +config redirect + option src lan + option proto tcp + option src_dport 443 + option src_ip !192.168.23.1 + option dest_port 443 + option dest_ip 192.168.23.1 + option target DNAT diff --git a/minikrebs/profiles/rickroller_advanced/customfiles/etc/config/fstab b/minikrebs/profiles/rickroller_advanced/customfiles/etc/config/fstab new file mode 100644 index 00000000..b1e678dc --- /dev/null +++ b/minikrebs/profiles/rickroller_advanced/customfiles/etc/config/fstab @@ -0,0 +1,19 @@ +config global automount + option from_fstab 1 + option anon_mount 1 + +config global autoswap + option from_fstab 1 + option anon_swap 0 + +config mount + option target /overlay + option device /dev/sda1 + option fstype ext4 + option options rw,sync + option enabled 1 + option enabled_fsck 0 + +config swap + option device /dev/sda2 + option enabled 1 diff --git a/minikrebs/profiles/rickroller_advanced/customfiles/etc/config/network b/minikrebs/profiles/rickroller_advanced/customfiles/etc/config/network new file mode 100644 index 00000000..7ac322a7 --- /dev/null +++ b/minikrebs/profiles/rickroller_advanced/customfiles/etc/config/network @@ -0,0 +1,15 @@ +config interface 'loopback' + option ifname 'lo' + option proto 'static' + option ipaddr '127.0.0.1' + option netmask '255.0.0.0' + +config interface 'wan' + option ifname 'eth0' + option proto 'dhcp' + +config interface 'lan' + option ifname 'wlan0' + option proto 'static' + option ipaddr 192.168.23.1 + option netmask 255.255.255.0 diff --git a/minikrebs/profiles/rickroller_advanced/customfiles/etc/config/system b/minikrebs/profiles/rickroller_advanced/customfiles/etc/config/system new file mode 100644 index 00000000..ffbe1530 --- /dev/null +++ b/minikrebs/profiles/rickroller_advanced/customfiles/etc/config/system @@ -0,0 +1,8 @@ +config system + option hostname rickroller + option timezone UTC + +config 'led' 'lan_led' + option 'name' 'blue-led' + option 'sysfs' 'tp-link:blue:system' + option 'trigger' 'default-on' diff --git a/minikrebs/profiles/rickroller_advanced/customfiles/etc/config/uhttpd b/minikrebs/profiles/rickroller_advanced/customfiles/etc/config/uhttpd new file mode 100644 index 00000000..74695b7c --- /dev/null +++ b/minikrebs/profiles/rickroller_advanced/customfiles/etc/config/uhttpd @@ -0,0 +1,13 @@ +config uhttpd main + list listen_http 0.0.0.0:80 + list listen_https 0.0.0.0:443 + option home /www + option rfc1918_filter 1 + option max_requests 3 + option cert /etc/uhttpd.crt + option key /etc/uhttpd.key + option cgi_prefix /cgi-bin + option script_timeout 60 + option network_timeout 30 + option tcp_keepalive 1 + option error_page /index.html diff --git a/minikrebs/profiles/rickroller_advanced/customfiles/etc/config/wireless b/minikrebs/profiles/rickroller_advanced/customfiles/etc/config/wireless new file mode 100644 index 00000000..bce01a9e --- /dev/null +++ b/minikrebs/profiles/rickroller_advanced/customfiles/etc/config/wireless @@ -0,0 +1,19 @@ +config wifi-device radio0 + option type mac80211 + option channel 11 + option macaddr 14:e6:e4:e6:e4:e0 + option hwmode 11ng + option htmode HT20 + list ht_capab SHORT-GI-20 + list ht_capab SHORT-GI-40 + list ht_capab RX-STBC1 + list ht_capab DSSS_CCK-40 + # REMOVE THIS LINE TO ENABLE WIFI: + option disabled 0 + +config wifi-iface + option device radio0 + option network lan + option mode ap + option ssid default + option encryption none diff --git a/minikrebs/profiles/rickroller_advanced/customfiles/etc/dropbear/authorized_keys b/minikrebs/profiles/rickroller_advanced/customfiles/etc/dropbear/authorized_keys new file mode 120000 index 00000000..9c87fc52 --- /dev/null +++ b/minikrebs/profiles/rickroller_advanced/customfiles/etc/dropbear/authorized_keys @@ -0,0 +1 @@ +/root/.ssh/authorized_keys
\ No newline at end of file diff --git a/minikrebs/profiles/rickroller_advanced/customfiles/etc/shadow b/minikrebs/profiles/rickroller_advanced/customfiles/etc/shadow new file mode 100644 index 00000000..9cc800dd --- /dev/null +++ b/minikrebs/profiles/rickroller_advanced/customfiles/etc/shadow @@ -0,0 +1,5 @@ +root:$1$WFDw.yoc$MuPQ4h/nu3WMpHmte5Yrp/:15719:0:99999:7::: +daemon:*:0:0:99999:7::: +ftp:*:0:0:99999:7::: +network:*:0:0:99999:7::: +nobody:*:0:0:99999:7::: diff --git a/minikrebs/profiles/rickroller_advanced/customfiles/etc/uhttpd.crt b/minikrebs/profiles/rickroller_advanced/customfiles/etc/uhttpd.crt Binary files differnew file mode 100644 index 00000000..d406c90f --- /dev/null +++ b/minikrebs/profiles/rickroller_advanced/customfiles/etc/uhttpd.crt diff --git a/minikrebs/profiles/rickroller_advanced/customfiles/etc/uhttpd.key b/minikrebs/profiles/rickroller_advanced/customfiles/etc/uhttpd.key Binary files differnew file mode 100644 index 00000000..d5d163d2 --- /dev/null +++ b/minikrebs/profiles/rickroller_advanced/customfiles/etc/uhttpd.key diff --git a/minikrebs/profiles/rickroller_advanced/doc/OVERLAY b/minikrebs/profiles/rickroller_advanced/doc/OVERLAY new file mode 100644 index 00000000..f95d8000 --- /dev/null +++ b/minikrebs/profiles/rickroller_advanced/doc/OVERLAY @@ -0,0 +1,6 @@ +# External USB-Stick Overlay + +partition as following (using cfdisk/parted/gparted): +sdx + -> sdx2 : swap size ~ 320MB + -> sdx1 : ext4 -- The Rest (size > 200MB) diff --git a/minikrebs/profiles/rickroller_advanced/doc/README.md b/minikrebs/profiles/rickroller_advanced/doc/README.md new file mode 100644 index 00000000..355bb9ff --- /dev/null +++ b/minikrebs/profiles/rickroller_advanced/doc/README.md @@ -0,0 +1,10 @@ +# Rickroller Profile + +The purpose of the profile is to create an access point where every connection +is rewritten to rickroll. + +this is the advanced profile which faciliates an usb-stick to unleash the full +potential of the platform by using airbase-ng (from aircrack-ng) which will +answer to all the probe requests, effectively rick-rolling each and everyone. + +please also see OVERLAY diff --git a/minikrebs/profiles/rickroller_advanced/overlay/www/1x1.gif b/minikrebs/profiles/rickroller_advanced/overlay/www/1x1.gif Binary files differnew file mode 100644 index 00000000..8e91660f --- /dev/null +++ b/minikrebs/profiles/rickroller_advanced/overlay/www/1x1.gif diff --git a/minikrebs/profiles/rickroller_advanced/overlay/www/cgi-bin/rrhelper b/minikrebs/profiles/rickroller_advanced/overlay/www/cgi-bin/rrhelper new file mode 100755 index 00000000..ec328a3b --- /dev/null +++ b/minikrebs/profiles/rickroller_advanced/overlay/www/cgi-bin/rrhelper @@ -0,0 +1,15 @@ +#!/bin/sh + +RRLOG="/tmp/rrlog" + +if [ -n "$RRLOG" ]; then + echo `awk '{print $1}' /proc/uptime` $REMOTE_ADDR:$REMOTE_PORT \'$HTTP_REFERER\' \'$HTTP_USER_AGENT\' >>"$RRLOG" +fi + +# To signal a rickroll, blink for 15 seconds +(echo timer > /sys/devices/platform/leds-gpio/leds/tp-link:blue:system/trigger ;sleep 15;echo none > /sys/devices/platform/leds-gpio/leds/tp-link:blue:system/trigger) & + + +echo "Content-type: image/gif" +echo "" +cat /www/1x1.gif diff --git a/minikrebs/profiles/rickroller_advanced/overlay/www/index.html b/minikrebs/profiles/rickroller_advanced/overlay/www/index.html new file mode 100644 index 00000000..46bd7c33 --- /dev/null +++ b/minikrebs/profiles/rickroller_advanced/overlay/www/index.html @@ -0,0 +1,27 @@ +<html> +<head> +<title>RickRoll'D</title> +</head> +<body > +<center> + <h1 style='font-size:400%'>RickRoll'D</h1> + <img src='rick.gif' width="50%"><br/> + <audio controls id="audio" autoplay loop > + <source src="rick.ogg" type="audio/ogg" ></source> + </audio> +</center> +<script> + //try various hacks to get autorun and looping working +var audio = document.getElementById('audio'); +audio.addEventListener('ended', function(){ + this.currentTime = 0; +}, false); + audio.addEventListener('canplay', function() { + audio.play(); + }); + audio.load(); + audio.play(); +</script> +<img src="/cgi-bin/rrhelper"> +</body> +</html> diff --git a/minikrebs/profiles/rickroller_advanced/overlay/www/rick.gif b/minikrebs/profiles/rickroller_advanced/overlay/www/rick.gif Binary files differnew file mode 100644 index 00000000..3ce9c237 --- /dev/null +++ b/minikrebs/profiles/rickroller_advanced/overlay/www/rick.gif diff --git a/minikrebs/profiles/rickroller_advanced/overlay/www/rick.ogg b/minikrebs/profiles/rickroller_advanced/overlay/www/rick.ogg Binary files differnew file mode 100644 index 00000000..f52a3d71 --- /dev/null +++ b/minikrebs/profiles/rickroller_advanced/overlay/www/rick.ogg |
