hak5
/
lanturtle-modules
mirror of https://github.com/hak5/lanturtle-modules.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'gh-pages' into patch-1

pull/31/head
Marc 2020-12-26 20:51:10 +00:00 committed by GitHub
parent af33784c9c 302259cfdc
commit d6c5b4e346
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
15 changed files with 301 additions and 338 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
modules/autossh
View File

@ -1,6 +1,6 @@
#!/bin/bash /usr/lib/turtle/turtle_module #!/bin/bash /usr/lib/turtle/turtle_module
VERSION="1.2" VERSION="1.3"
DESCRIPTION="AutoSSH maintains persistent secure shells" DESCRIPTION="AutoSSH maintains persistent secure shells"
CONF=/tmp/autossh.form CONF=/tmp/autossh.form
@ -26,14 +26,14 @@ function stop {
} }
function status { function status {
if pgrep autossh > /dev/null; then echo "1"; else echo "0"; fi if pgrep /usr/sbin/autossh > /dev/null; then echo "1"; else echo "0"; fi
} }
function configure { function configure {
if [ -s /etc/config/autossh ] if [ -s /etc/config/autossh ]
then then
autossh_host=$(uci show autossh.@autossh[0].ssh | awk '{print $7}') autossh_host=$(uci show autossh.@autossh[0].ssh | awk '{print $7}' | sed "s/'//g")
autossh_port=$(uci show autossh.@autossh[0].ssh | awk '{print $9}') autossh_port=$(uci show autossh.@autossh[0].ssh | awk '{print $9}' | sed "s/'//g")
autossh_remoteport=$(uci show autossh.@autossh[0].ssh | awk '{print $6}' | sed 's/:/ /g' | awk '{print $1}') autossh_remoteport=$(uci show autossh.@autossh[0].ssh | awk '{print $6}' | sed 's/:/ /g' | awk '{print $1}')
autossh_localport=$(uci show autossh.@autossh[0].ssh | awk '{print $6}' | sed 's/:/ /g' | awk '{print $3}') autossh_localport=$(uci show autossh.@autossh[0].ssh | awk '{print $6}' | sed 's/:/ /g' | awk '{print $3}')
else else
@ -65,6 +65,7 @@ Local Port: Local port to bind tunnel (Default 22)\n \n" 16 60 4\
read -r autossh_localport read -r autossh_localport
touch /etc/config/autossh touch /etc/config/autossh
uci set autossh.@autossh[0].ssh="-i /root/.ssh/id_rsa -N -T -R "$autossh_remoteport":localhost:"$autossh_localport" "$autossh_host" -p "$autossh_port" " uci set autossh.@autossh[0].ssh="-i /root/.ssh/id_rsa -N -T -R "$autossh_remoteport":localhost:"$autossh_localport" "$autossh_host" -p "$autossh_port" "
uci set autossh.@autossh[0].enabled="1"
uci commit autossh uci commit autossh
rm $CONF rm $CONF
};; };;

67
modules/keymanager
View File

@ -1,5 +1,5 @@
#!/bin/bash /usr/lib/turtle/turtle_module #!/bin/bash /usr/lib/turtle/turtle_module
VERSION="1.1" VERSION="1.2"
DESCRIPTION="SSH Key Manager" DESCRIPTION="SSH Key Manager"
EXECUTABLE="0" EXECUTABLE="0"
CONF=/tmp/keymanager.form CONF=/tmp/keymanager.form
@ -11,8 +11,6 @@ CONF=/tmp/keymanager.form
: ${DIALOG_ITEM_HELP=4} : ${DIALOG_ITEM_HELP=4}
: ${DIALOG_ESC=255} : ${DIALOG_ESC=255}
function generate_key { function generate_key {
dialog --title "Generate New SSH Key Pair?" \ dialog --title "Generate New SSH Key Pair?" \
--yesno "\nGenerate New SSH Key Pair?\n\n\ --yesno "\nGenerate New SSH Key Pair?\n\n\
@ -31,10 +29,6 @@ case $? in
esac esac
} }
function copy_key { function copy_key {
dialog --ok-label "Submit" \ dialog --ok-label "Submit" \
--title "SSH Copy ID" \ --title "SSH Copy ID" \
@ -54,9 +48,6 @@ User: User on remote SSH server.\n \n" 17 60 3\
read -r copy_host read -r copy_host
read -r copy_port read -r copy_port
read -r copy_user read -r copy_user
read -r copy_pass
if [ -z "$copy_host" ]; then if [ -z "$copy_host" ]; then
dialog --title "Notice" --msgbox "Host Required" 5 60; copy_key dialog --title "Notice" --msgbox "Host Required" 5 60; copy_key
@ -67,21 +58,6 @@ User: User on remote SSH server.\n \n" 17 60 3\
if [ -z "$copy_user" ]; then if [ -z "$copy_user" ]; then
dialog --title "Notice" --msgbox "User Required" 5 60; copy_key dialog --title "Notice" --msgbox "User Required" 5 60; copy_key
fi fi
touch /root/.ssh/known_hosts
if ! grep -q $copy_host /root/.ssh/known_hosts; then
dialog --title "Notice" --msgbox "Cannot find $copy_host in known_hosts. Adding it now." 6 60
ssh-keyscan -p "$copy_port" "$copy_host" 2>/dev/null > /tmp/tmp_hosts
cat /tmp/tmp_hosts >> /root/.ssh/known_hosts
NEWHOST=$(cat /tmp/tmp_hosts)
if [[ -s /tmp/tmp_hosts ]]; then
dialog --title "Notice" --msgbox "Added the following to /root/.ssh/known_hosts:\n\n$NEWHOST" 18 60
else
dialog --title "Notice" --msgbox "There was an error retrieving the key fingerprint" 8 60
copy_key
fi;
rm /tmp/tmp_hosts
fi
rm /tmp/empty_* &>/dev/null rm /tmp/empty_* &>/dev/null
ssh-copy-id -i /root/.ssh/id_rsa.pub -p "$copy_port" "$copy_user"@"$copy_host" ssh-copy-id -i /root/.ssh/id_rsa.pub -p "$copy_port" "$copy_user"@"$copy_host"
configure configure
@ -91,44 +67,9 @@ User: User on remote SSH server.\n \n" 17 60 3\
esac esac
} }
function add_host { function add_host {
dialog --ok-label "Submit" \ dialog --title "Notice" --msgbox "This function is deprecated and is now served by copy_key. This notice exists for documentation consistency. Please run copy_key." 8 60
--title "Add Remote Server to Known Hosts List" \ configure
--form "This utility will add the remote SSH servers key fingerprint to the local known hosts file.\n \n\
Host: Remote SSH Server.\n\
Port: Remote SSH Server Port (Typically 22).\n \n" 14 60 2\
"Host:" 1 1 "$add_host" 1 7 48 0 \
"Port:" 2 1 "$add_port" 2 7 48 0 \
2>$CONF
return=$?
case $return in
0)
cat $CONF | {
read -r add_host
read -r add_port
if [ -z "$add_port" ]; then
add_port="22"
fi
ssh-keyscan -p "$add_port" "$add_host" > /tmp/tmp_hosts
cat /tmp/tmp_hosts >> /root/.ssh/known_hosts
NEWHOST=`cat /tmp/tmp_hosts`
if [[ -s /tmp/tmp_hosts ]]; then
dialog --title "Notice" --msgbox "Added the following to /root/.ssh/known_hosts:\n\n$NEWHOST" 18 60
else
dialog --title "Notice" --msgbox "There was an error retrieving the key fingerprint" 8 60
fi;
rm /tmp/tmp_hosts
configure
};;
1) configure;;
255) configure;;
esac
} }
function review { function review {
@ -155,5 +96,3 @@ function configure {
"back") exit;; "back") exit;;
esac esac
} }

2
modules/meterpreter
View File

@ -1,6 +1,6 @@
#!/bin/bash /usr/lib/turtle/turtle_module #!/bin/bash /usr/lib/turtle/turtle_module
VERSION="1.0" VERSION="1.0"
DESCRIPTION="Metasploit payload to maintain shells" DESCRIPTION="Deprecated - requires firmware v6.1 or below. Metasploit payload to maintain shells."
CONF=/tmp/meterpreter.form CONF=/tmp/meterpreter.form
: ${DIALOG_OK=0} : ${DIALOG_OK=0}

2
modules/meterpreter-sl
View File

@ -4,7 +4,7 @@
# http://imcpwn.com # http://imcpwn.com
VERSION="2.1" VERSION="2.1"
DESCRIPTION="Stageless Metasploit payload to maintain shells" DESCRIPTION="Deprecated - requires firmware v6.1 or below. Stageless Metasploit payload to maintain shells"
CONF=/tmp/meterpreter-sl.form CONF=/tmp/meterpreter-sl.form
AUTHOR=IMcPwn AUTHOR=IMcPwn

18
modules/module_list
View File

@ -1,26 +1,24 @@
autossh Maintain persistent secure shells autossh Maintain persistent secure shells
clomac Clone Clients MAC address into WAN interface
cron Schedule tasks cron Schedule tasks
ddnsc Dynamic Domain Name Service
dns-spoof Forges replies to arbitrary DNS address dns-spoof Forges replies to arbitrary DNS address
dnsmasq-spoof DNSSpoof using DNSMasq dnsmasq-spoof DNSSpoof using DNSMasq
follow-file Follow log printing data as file grows follow-file Follow log printing data as file grows
iodine Creates a DNS Tunnel using iodine
keymanager SSH Key Manager keymanager SSH Key Manager
meterpreter Metasploit payload to maintain shells meterpreter-https Metasploit HTTPS payload for more discrete shells
modulemanager Manage Modules modulemanager Manage Modules
netcat-revshell NetCat Reverse Shell netcat-revshell NetCat Reverse Shell
nmap-scan Network Mapper discovers hosts and services on a network nmap-scan Network Mapper discovers hosts and services on a network
openvpn Openvpn client openvpn Openvpn client
ptunnel Proxies TCP over Ping (ICMP) traffic ptunnel Proxies TCP over Ping (ICMP) traffic
quickcreds Snag creds from locked machines -Mubix, Room362.com
responder Responder - LLMNR, NBT-NS and MDNS poisoner
script2email Email script output via SMTP script2email Email script output via SMTP
script2http Post script output via HTTP script2http Post script output via HTTP
sshfs Mounts remote File Systems over SSH sshfs Mounts remote File Systems over SSH
tortle TOR Turtle Gateway TOR hidden SHELL Service
upnp-portfwd uPnP Port Forwarding
uptime System Uptime uptime System Uptime
urlsnarf Sniffs HTTP URL traffic urlsnarf Sniffs HTTP URL traffic
clomac Clone Clients MAC address into WAN interface
upnp-portfwd uPnP Port Forwarding
ddnsc Dynamic Domain Name Service
tortle TOR Turtle Gateway TOR hidden SHELL Service
meterpreter-sl Stageless Metasploit payload to maintain shells
responder Responder - LLMNR, NBT-NS and MDNS poisoner
QuickCreds Snag creds from locked machines -Mubix, Room362.com
iodine Creates a DNS Tunnel using iodine
meterpreter-https Metasploit HTTPS payload for more discrete shells

2
modules/openvpn
View File

@ -26,7 +26,7 @@ function stop {
} }
function status { function status {
if pgrep openvpn > /dev/null; then echo "1"; else echo "0"; fi if pgrep /usr/sbin/openvpn > /dev/null; then echo "1"; else echo "0"; fi
} }
function configure { function configure {

203
modules/ping-monitor Normal file
View File

@ -0,0 +1,203 @@
#!/bin/bash /usr/lib/turtle/turtle_module
VERSION="1.0"
DESCRIPTION="Sends ping response data to a SSHFS host"
CONF=/tmp/ping-monitor.form
: ${DIALOG_OK=0}
: ${DIALOG_CANCEL=1}
: ${DIALOG_HELP=2}
: ${DIALOG_EXTRA=3}
: ${DIALOG_ITEM_HELP=4}
: ${DIALOG_ESC=255}
sp="/root/ping_monitor.output"
pf="/var/run/ping-monitor.pid"
function set_globals {
if [ -s /etc/config/ping-monitor ]
then
target=$(uci get ping-monitor.target)
else
touch /etc/config/ping-monitor
echo "ping-monitor not configured"
return 1
fi
}
function check_sshfs {
cat /etc/mtab | awk '{print $2}' | grep -e '^/sshfs'
return $?
}
function stop_ping {
pingpid=$(ps | grep -v grep | grep 'ping '"${target}" | awk '{print $1}')
kill -2 ${pingpid}
while kill -0 ${pingpid} > /dev/null 2>&1; do sleep 0.1; done
}
function start_ping {
case "$(status)" in
1)
# Already running
return 1
;;
*)
:
;;
esac
check_sshfs > /dev/null 2>&1
if [ $? -eq 0 ]; then
find /root -type f -name "ping_monitor.*" -exec mv {} /sshfs \;
fi
ping ${target} | while read pong; do echo "$(date '+%Y-%m-%d %H:%M:%S') ${pong}"; done > ${sp} &
local pid=$!
echo ${pid} > ${pf}
echo "ping-monitor started with pid: ${pid}"
return 0
}
function move {
local dt="$(date +%Y%m%d-%H%M%S)"
local dp="/root/ping_monitor.${dt}"
if [ -f ${sp} ]; then
mv ${sp} ${dp} # atomic?
fi
check_sshfs > /dev/null 2>&1
if [ $? -eq 0 ]; then
test -f ${dp} && mv ${dp} /sshfs
fi
}
function rotate {
stop_ping
move
start_ping
}
function start {
set_globals || exit 1
start_ping
case $? in
2)
exit 1
;;
1)
# It's already running. Let's sigint and rotate.
rotate
;;
*)
:
;;
esac
if [ -f /var/spool/cron/crontabs/root ]; then
grep '\*/5 \* \* \* \* /etc/turtle/modules/ping-monitor start' /var/spool/cron/crontabs/root > /dev/null || {
echo '*/5 * * * * /etc/turtle/modules/ping-monitor start' >> /var/spool/cron/crontabs/root
/etc/init.d/cron reload
}
fi
check_sshfs > /dev/null 2>&1
if [ $? -ne 0 ]; then
>&2 echo "sshfs is not mounted"
if [ "$(/etc/turtle/modules/sshfs status)" != "Running." ]; then
/etc/turtle/modules/sshfs start
fi
fi
}
function stop {
set_globals || exit 1
sed -i '/\*\/5 \* \* \* \* \/etc\/turtle\/modules\/ping-monitor start/d' /var/spool/cron/crontabs/root
/etc/init.d/cron reload
stop_ping
# Attempt to move the last log
move
}
function status {
if [ -f ${pf} ]; then
pid="$(head -n1 ${pf})"
kill -0 ${pid} > /dev/null 2>&1
if [ $? -eq 0 ]; then
if [ "ping-monitor" == "$(cat /proc/${pid}/comm)" ]; then
echo "1";
return 0
fi
fi
fi
echo "0"
}
function configure {
if [ ! -f /etc/turtle/modules/sshfs ]; then
echo "dependency module sshfs is not installed."
return 1
fi
check_sshfs > /dev/null 2>&1
if [ $? -ne 0 ]; then
echo "sshfs is not mounted."
return 1
fi
if [ -s /etc/config/ping-monitor ]
then
target=$(uci get ping-monitor.target)
else
touch /etc/config/ping-monitor
fi
dialog --ok-label "Submit" \
--help-button \
--title "ping-monitor configuration" \
--form "Send ping data to a remote host (requires sshfs module)\n\n\
Target: host to ping.\n" 16 60 1\
"Target:" 1 1 "${target}" 1 9 54 0 \
2>$CONF
return=$?
case $return in
$DIALOG_OK)
cat $CONF | {
read -r target
if [ -z "$target" ]; then
target="8.8.8.8"
fi
touch /etc/config/ping-monitor
uci set ping-monitor.target="$target"
uci commit ping-monitor
rm $CONF
clear
};;
$DIALOG_CANCEL)
rm $CONF
clear
exit;;
$DIALOG_HELP)
dialog --title "Help" \
--msgbox " \
ping-monitor will send continuous ping requests to a target host and record the timestamped \
responses to the local filesystem. Every 5 minutes, it will attempt to move the response data \
from the local filesystem to a remote filesystem over sshfs. Therefore, this module requires \
that the sshfs module be installed, configured, and started. \n\n \
For analyzing the data, use any of your favorite tools like sed, awk, find, and python. \n\n \
For some out-of-the-box examples, look at https://github.com/mmdj4u/lanturtle-heaven \
" 20 60
configure
;;
$DIALOG_ESC)
clear;;
esac
}

103
modules/ptunnel
View File

@ -1,103 +0,0 @@
#!/bin/bash /usr/lib/turtle/turtle_module
VERSION="1.0"
DESCRIPTION="Proxies TCP over Ping (ICMP) traffic"
CONF=/tmp/ptunnel.form
: ${DIALOG_OK=0}
: ${DIALOG_CANCEL=1}
: ${DIALOG_HELP=2}
: ${DIALOG_EXTRA=3}
: ${DIALOG_ITEM_HELP=4}
: ${DIALOG_ESC=255}
function start {
if [ -s /etc/config/ptunnel ]
then
ptunnel_host=$(uci get ptunnel.host)
ptunnel_local_port=$(uci get ptunnel.lport)
ptunnel_dst_host=$(uci get ptunnel.rhost)
ptunnel_dst_port=$(uci get ptunnel.rport)
echo ptunnel -p "$ptunnel_host" -lp "$ptunnel_local_port" -da "$ptunnel_dst_host" -dp "$ptunnel_dst_port" > /dev/null &
ptunnel -p "$ptunnel_host" -lp "$ptunnel_local_port" -da "$ptunnel_dst_host" -dp "$ptunnel_dst_port" > /dev/null &
echo -n "ptunnel started with pid: "; pidof ptunnel
else
touch /etc/config/ptunnel
echo "ptunnel not configured"
fi
}
function stop {
killall ptunnel
}
function status {
if pgrep ptunnel > /dev/null; then echo "1"; else echo "0"; fi
}
function configure {
if [ -s /etc/config/ptunnel ]
then
ptunnel_host=$(uci get ptunnel.host)
ptunnel_local_port=$(uci get ptunnel.lport)
ptunnel_dst_host=$(uci get ptunnel.rhost)
ptunnel_dst_port=$(uci get ptunnel.rport)
else
touch /etc/config/ptunnel
fi
dialog --ok-label "Submit" \
--help-button \
--title "PTunnel Configuration" \
--form "\nPTunnel Server: Address of the server running the ptunnel proxy.\n\
Local Port: Port on localhost from which traffic will be tunneled.\n\
Dst Server: Destination host to which traffic will be proxied.\n\
Dst Port: Destination port to which traffic will be proxied.\n\n" 16 75 4\
"PTunnel Host:" 1 1 "$ptunnel_host" 1 15 40 0 \
"Local Port:" 2 1 "$ptunnel_local_port" 2 15 40 0 \
"Dst. Host:" 3 1 "$ptunnel_dst_host" 3 15 40 0 \
"Dst. Port:" 4 1 "$ptunnel_dst_port" 4 15 40 0 \
2>$CONF
return=$?
case $return in
$DIALOG_OK)
cat $CONF | {
read -r ptunnel_host
read -r ptunnel_local_port
read -r ptunnel_dst_host
read -r ptunnel_dst_port
touch /etc/config/ptunnel
uci set ptunnel.host="$ptunnel_host"
uci set ptunnel.lport="$ptunnel_local_port"
uci set ptunnel.rhost="$ptunnel_dst_host"
uci set ptunnel.rport="$ptunnel_dst_port"
uci commit ptunnel
rm $CONF
clear
};;
$DIALOG_CANCEL)
rm $CONF
clear
exit;;
$DIALOG_HELP)
dialog --title "Help" \
--msgbox "Ping Tunnel, or ptunnel, is an application that allows you to reliably tunnel TCP connections to a remote host using ICMP echo request and reply packets, commonly known as ping requests and replies.\
A common use case is to provide a secure covert reverse shell via SSH.\n\n\
Ping Tunnel configuration accepts the following:\n\n\
* Ptunnel Host: Address of the server running the ptunnel proxy - often a VPS or other such machine online with a static IP or domain.\n\
* Local Port: TCP listening port on localhost through which traffic will be proxied to the ptunnel host.\n\
* Dst Server: Destination host of the remote proxy to which traffic will be forwarded.\n\
* Dst Port: Destination port to remote proxy to which traffic will be forwarded.\n\n\
Example: example.com, 8000, example.com, 22\n\n\
This would configure ptunnel to connect to the ptunnel server running on domain.com and forward all traffic going to port 8000 on localhost to port 22 on example.com.\n\n\
With this an autoSSH session to the SSH server running on example.com port 22 may be established through the Ping Tunnel via localhost port 8000.\
" 20 60
configure
;;
$DIALOG_ESC)
clear;;
esac
}

43
modules/QuickCreds → modules/quickcreds
View File

@ -1,6 +1,6 @@
#!/bin/bash /usr/lib/turtle/turtle_module #!/bin/bash /usr/lib/turtle/turtle_module
VERSION="1.3" VERSION="1.3"
DESCRIPTION="Snagging creds from locked machines --Mubix, Room362.com. Implements responder attack and saves creds to numbered directories in /root/loot. LED will blink rapidly while QuickCreds is running. Upon capture of NTLM hash the amber LED will light solid. Author: Hak5Darren. Credit: Mubix." DESCRIPTION="Snagging creds from locked machines --Mubix, Room362.com. Implements responder attack and saves creds to numbered directories in /root/loot. LED will blink while QuickCreds is running. Upon capture of NTLM hash the amber LED will light solid. Author: Hak5Darren. Credit: Mubix."
CONF=/tmp/QuickCreds.form CONF=/tmp/QuickCreds.form
: ${DIALOG_OK=0} : ${DIALOG_OK=0}
@ -10,11 +10,6 @@ CONF=/tmp/QuickCreds.form
: ${DIALOG_ITEM_HELP=4} : ${DIALOG_ITEM_HELP=4}
: ${DIALOG_ESC=255} : ${DIALOG_ESC=255}
function configure { function configure {
# dialog --title "QuickCreds" --msgbox "\n\ # dialog --title "QuickCreds" --msgbox "\n\
# Dependencies will be installed. An Internet connection is required.\n\ # Dependencies will be installed. An Internet connection is required.\n\
@ -30,7 +25,6 @@ case $response in
255) exit ;; 255) exit ;;
esac esac
# Check to see if QuickCreds has already been configured # Check to see if QuickCreds has already been configured
if [[ -d /root/loot || -s /root/loot/responder.log ]]; if [[ -d /root/loot || -s /root/loot/responder.log ]];
then then
@ -51,11 +45,6 @@ The LAN Turtle is currently offline.\nPlease connect the LAN Turtle to the Inter
# Install dependencies # Install dependencies
opkg update | dialog --progressbox "Updating opkg" 14 72 opkg update | dialog --progressbox "Updating opkg" 14 72
if [[ ! $(opkg list-installed | grep git) ]];
then
opkg install git | dialog --progressbox "Installing dependency git" 14 72
fi
if [[ ! $(opkg list-installed | grep python-sqlite3) ]]; if [[ ! $(opkg list-installed | grep python-sqlite3) ]];
then then
opkg install python-sqlite3 | dialog --progressbox "Installing dependency python-sqlite3" 14 72 opkg install python-sqlite3 | dialog --progressbox "Installing dependency python-sqlite3" 14 72
@ -79,8 +68,11 @@ fi
if [[ ! -d /etc/turtle/Responder || ! -s /etc/turtle/Responder/Responder.py ]]; if [[ ! -d /etc/turtle/Responder || ! -s /etc/turtle/Responder/Responder.py ]];
then then
rm -rf /etc/turtle/Responder rm -rf /etc/turtle/Responder
git clone git://github.com/lgandx/responder /etc/turtle/Responder -q | dialog --progressbox "Installing dependency responder" 14 72 rm -rf /tmp/v2.3.3.5.tar.gz*
rm -rf /etc/turtle/Responder/.git wget --progress=dot https://github.com/lgandx/Responder/archive/v2.3.3.5.tar.gz -P /tmp 2>&1 | dialog --progressbox "Download dependency responder" 14 72
mkdir /etc/turtle/Responder
tar xzf /tmp/v2.3.3.5.tar.gz -C /etc/turtle/Responder 2>&1 | dialog --progressbox "Install dependency responder" 14 72
rm -rf /tmp/v2.3.3.5.tar.gz*
fi fi
# Setup loot directory and complete setup # Setup loot directory and complete setup
@ -92,11 +84,6 @@ Configuration complete. Creds will be saved to /root/loot\n\
Enable this module to have it start the attack on boot.\n" 9 72 Enable this module to have it start the attack on boot.\n" 9 72
} }
function start { function start {
# Stop on-off-on DHCP blink pattern script # Stop on-off-on DHCP blink pattern script
echo "Stopping DHCP Detect Blink Script" echo "Stopping DHCP Detect Blink Script"
@ -138,32 +125,24 @@ if [ $(grep -v '\$:' /etc/turtle/Responder/logs/*NTLM* 2>/dev/null) ];
finished finished
fi fi
fi fi
echo 255 > /sys/class/leds/turtle\:yellow\:system/brightness echo 255 > /sys/class/leds/turtle\:yellow\:system/brightness 2>&1
/usr/bin/sleep 0.04 sleep 1
echo 0 > /sys/class/leds/turtle\:yellow\:system/brightness echo 0 > /sys/class/leds/turtle\:yellow\:system/brightness 2>&1
/usr/bin/sleep 0.04 sleep 1
done done
} }
function finished { function finished {
echo 255 > /sys/class/leds/turtle\:yellow\:system/brightness echo 255 > /sys/class/leds/turtle\:yellow\:system/brightness 2>&1
exit exit
} }
function stop { function stop {
kill $(ps | grep [R]esponder | awk {'print $1'}) kill $(ps | grep [R]esponder | awk {'print $1'})
/etc/init.d/dnsmasq start 1&> /dev/null /etc/init.d/dnsmasq start 1&> /dev/null
echo "QuickCreds Stopped" echo "QuickCreds Stopped"
} }
function status { function status {
if ps | grep -w -q [R]esponder.py; then echo "1"; else echo "0"; fi if ps | grep -w -q [R]esponder.py; then echo "1"; else echo "0"; fi
} }

2
modules/sshfs
View File

@ -32,7 +32,7 @@ function stop {
} }
function status { function status {
if pgrep sshfs > /dev/null; then echo "1"; else echo "0"; fi if pgrep /usr/bin/sshfs > /dev/null; then echo "1"; else echo "0"; fi
} }
function configure { function configure {

120
modules/urlsnarf
View File

@ -1,120 +0,0 @@
#!/bin/bash /usr/lib/turtle/turtle_module
VERSION="1.1"
DESCRIPTION="URL Snarf sniffs HTTP traffic"
CONF=/tmp/urlsnarf.form
: ${DIALOG_OK=0}
: ${DIALOG_CANCEL=1}
: ${DIALOG_HELP=2}
: ${DIALOG_EXTRA=3}
: ${DIALOG_ITEM_HELP=4}
: ${DIALOG_ESC=255}
function start {
DATE=$(date +"%Y-%m-%d_%H-%M")
if [ -s /etc/config/urlsnarf ]
then
urlsnarf_log=$(uci get urlsnarf.log)
case $urlsnarf_log in
sshfs)
if pgrep sshfs > /dev/null; then
echo "SSHFS Running"
echo "urlsnarf -n -i br-lan >> /sshfs/urlsnarf_$DATE.log" | at now
echo urlsnarf started with pid $(pidof urlsnarf)
else
echo "SSHFS not running"
fi
;;
tmp)
echo "urlsnarf -n -i br-lan > /tmp/urlsnarf_$DATE.log" | at now
echo urlsnarf started with pid $(pidof urlsnarf)
;;
none)
echo "urlsnarf -n -i br-lan" | at now
echo urlsnarf started with pid $(pidof urlsnarf)
;;
esac
else
echo "URLSnarf not configured."
fi
}
function stop {
echo "Killing URLSnarf at PID:"
pidof urlsnarf
kill $(pidof urlsnarf)
}
function status {
if pgrep urlsnarf > /dev/null; then echo "1"; else echo "0"; fi
}
function configure {
if [ -s /etc/config/urlsnarf ];
then
urlsnarf_log=$(uci get urlsnarf.log)
else
touch /etc/config/urlsnarf
fi
dialog --ok-label "Submit" \
--extra-button \
--extra-label "Test" \
--help-button \
--title "URLSnarf Configuration" \
--radiolist "\n\
urlsnarf outputs all requested URLs sniffed from HTTP traffic in CLF (Common Log Format, used by most web servers), suitable for offline post-processing with web log analysis tool (analog, wwwstat, etc.)...\n\nUse [Space] to select choice.\n" 16 60 3\
1 "Save log to SSHFS if available." off\
2 "Save log to /tmp/" off\
3 "Do not save log file." on\
2>$CONF
return=$?
case $return in
$DIALOG_OK)
LOG=$(cat $CONF)
case $LOG in
1)
uci set urlsnarf.log="sshfs"
uci commit urlsnarf
;;
2)
uci set urlsnarf.log="tmp"
uci commit urlsnarf
;;
3)
uci set urlsnarf.log="none"
uci commit urlsnarf
;;
esac
;;
$DIALOG_CANCEL)
rm $CONF
clear
exit;;
$DIALOG_HELP)
dialog --title "Help" \
--msgbox "\
Using URLSnarf, one may monitor the HTTP (web) activity on passing through the LAN Turtle.\n\n\
The default configuration monitors TCP ports 80, 8080 and 3128 (Squid) with IP hostname resolution disabled.\n\n\
Activity may be logged either locally in /tmp/ (which is memory limited), or to a remote file system using the SSHFS module.\n\n\
Logs will be saved in the CLF (Common Log Format) used by most web servers for further analysis with tools such as analog or wwwstat.\n\n\
Log filenames are datestamped.\
" 20 60
configure
;;
$DIALOG_EXTRA)
urlsnarf -n -i br-lan > /tmp/urlsnarf.log &
dialog \
--title "URL Snarf (keys 'h' and 'l' scroll)" \
--tailbox /tmp/urlsnarf.log 18 72\
2>$CONF
kill $(pidof urlsnarf)
rm /tmp/urlsnarf.log
configure
;;
$DIALOG_ESC)
clear;;
esac
}

22
updates/6.1.update Normal file
View File

@ -0,0 +1,22 @@
function sha256sum() {
python -sBc "import hashlib;print hashlib.sha256(open('$1','rb').read()).hexdigest()"
}
echo -e "Update Available. Install will begin in 15 seconds...\n\n"
echo -e "All local LAN Turtle data will be erased.\n\n"
echo -e "Press CTRL+C to CANCEL\n\n"
sleep 15
echo -e "Downloading Upgrade file, please wait.\n\n"
wget -q -O /tmp/upgrade.bin https://downloads.hak5.org/api/devices/lanturtle/firmwares/6.1
echo -e "Upgrade file downloaded. Verifying file integrity.\n\n"
[[ "$(sha256sum /tmp/upgrade.bin)" == "e8af71827f0c98fc1e62b531e2f0e4dbad12c1e45738affd6aaeedc92142af76" ]] && {
echo -e "DO NOT UNPLUG OR POWER DOWN THE LAN TURTLE\n\n"
echo -e "Upgrade in progress. Please wait ~5 minutes.\n"
echo -e "The LAN Turtle will reboot when the upgrade is complete.\n"
echo -e "This SSH session will now close.\n"
echo "sleep 10 && sysupgrade -n /tmp/upgrade.bin" | at now &> /dev/null
sleep 8 && clear
killall sshd
} || {
echo -e "SHA256 checksum missmatch. Please try again."
}

22
updates/6.2.update Normal file
View File

@ -0,0 +1,22 @@
function sha256sum() {
python -sBc "import hashlib;print hashlib.sha256(open('$1','rb').read()).hexdigest()"
}
echo -e "Update Available. Install will begin in 15 seconds...\n\n"
echo -e "All local LAN Turtle data will be erased.\n\n"
echo -e "Press CTRL+C to CANCEL\n\n"
sleep 15
echo -e "Downloading Upgrade file, please wait.\n\n"
wget -q -O /tmp/upgrade.bin https://downloads.hak5.org/api/devices/lanturtle/firmwares/6.2
echo -e "Upgrade file downloaded. Verifying file integrity.\n\n"
[[ "$(sha256sum /tmp/upgrade.bin)" == "463771173c17b8aa3e6baac397d8d9c893d896b8f009b471dea0d66792b5afd1" ]] && {
echo -e "DO NOT UNPLUG OR POWER DOWN THE LAN TURTLE\n\n"
echo -e "Upgrade in progress. Please wait ~5 minutes.\n"
echo -e "The LAN Turtle will reboot when the upgrade is complete.\n"
echo -e "This SSH session will now close.\n"
echo "sleep 10 && sysupgrade -n /tmp/upgrade.bin" | at now &> /dev/null
sleep 8 && clear
killall sshd
} || {
echo -e "SHA256 checksum missmatch. Please try again."
}

22
updates/6.update Normal file
View File

@ -0,0 +1,22 @@
function sha256sum() {
python -sBc "import hashlib;print hashlib.sha256(open('$1','rb').read()).hexdigest()"
}
echo -e "Update Available. Install will begin in 15 seconds...\n\n"
echo -e "All local LAN Turtle data will be erased.\n\n"
echo -e "Press CTRL+C to CANCEL\n\n"
sleep 15
echo -e "Downloading Upgrade file, please wait.\n\n"
wget -q -O /tmp/upgrade.bin https://downloads.hak5.org/api/devices/lanturtle/firmwares/6
echo -e "Upgrade file downloaded. Verifying file integrity.\n\n"
[[ "$(sha256sum /tmp/upgrade.bin)" == "d7d333f747770944385b06521075f28126ded11adec5cabe14934cb6f4458820" ]] && {
echo -e "DO NOT UNPLUG OR POWER DOWN THE LAN TURTLE\n\n"
echo -e "Upgrade in progress. Please wait ~5 minutes.\n"
echo -e "The LAN Turtle will reboot when the upgrade is complete.\n"
echo -e "This SSH session will now close.\n"
echo "sleep 10 && sysupgrade -n /tmp/upgrade.bin" | at now &> /dev/null
sleep 8 && clear
killall sshd
} || {
echo -e "SHA256 checksum missmatch. Please try again."
}

2
updates/current_version
View File

@ -1 +1 @@
5 6.2