Eye Of Amun
Remote wifi probe for Sticky Fingers Kali-Pi
Unifi AC Mesh dual radio
OpenWrt
Kismet remote capture
Aircrack-ng
Ingredients:
Server:
– Sticky Fingers Kali-Pi
– Kismet github edition with server service
The Eye:
– Unifi AC Mesh
– OpenWRT firmware
– Kismet remote cap
– Aircrack-ng
Kismet Client:
– Any client with ssh and web browser
Installation:
Server:
Note: Sticky Fingers Kali-Pi comes with both “Kismet stable” and “Kismet development – github edition” installed side by side. The version to be used is configured in “/home/pi/Kali-Pi/menu”.
New installation:
Install the latest Sticky Fingers Kali-Pi
Set “KISMETVER” to “2” in “/home/pi/Kali-Pi/menu”
Upgrade existing Sticky Fingers Kali-Pi:
Install https://github.com/kismetwireless/kismet
cd /home/pi/Kali-Pi ## Do either of the following two options ## 1. To upgrade the entire kali-pi menu: sudo -u pi git pull ## 2. To only add the "Eye of Amun": sudo -u pi git checkout Menus/kismet cd Menus/kismet sudo cp *.conf /usr/local/etc/ sudo cp kismet.service /etc/systemd/system/ sudo systemctl daemon-reload
Set “KISMETVER” to “2” in “/home/pi/Kali-Pi/menu”.
Start the kismet server by pressing the “Kismet” button in the menu.
The kismet server can also be run as a service by typing:
sudo systemctl enable kismet && \ sudo systemctl start kismet
Enable port forwarding and NAT:
To get Internet access on the eye to install packages or updates, enable port forwarding and masquerading on the Kali-Pi via:
echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward iptables -A FORWARD -i eth0 -j ACCEPT iptables -A FORWARD -0 eth0 -j ACCEPT iptables -A FORWARD -o eth0 -j ACCEPT iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
I only enable it temporarily on a needs basis and don’t bother with persistence.
The Eye:
-
- Connect the LAN interface of the Unifi AC Mesh to the same network as the Kali-Pi. The default IP address of the interface is “192.168.1.20”.
- Log on to the Kali-Pi, download, extract and transfer the OpenWRT to the eye:
wget -O eye-of-amun.tar.xz https://re4son-kernel.com/download/eye-of-amun/ tar -xJf eye-of-amun.tar.xz cd eye-of-amun scp lede-17.01.4-ar71xx-generic-ubnt-unifiac-lite-squashfs-sysupgrade.bin ubnt@192.168.1.20:/tmp/
-
- ssh into the eye
- Follow these steps to to replace both firmware partitions with OpenWrt.
- Point a web browser to the OpenWrt web interface at “192.168.1.1” (root/password)
- Change root password
- Configure the lan interface:
IP: 192.168.254.254
Netmask: 255.255.255.0
Gateway: 192.168.254.1
Disable DHCP server for the interface - Configure the LAN interface of the Kali-Pi to:
IP: 192.168.254.1
Netmask: 255.255.255.0 - Connect the Eye to the Kali-Pi via direct LAN cable
- Log back in to the Kali-Pi and transfer the OpenWRT to the eye:
cd ~/eye-of-amun scp *.ipk kismet_cap ubnt@192.168.254.254:/tmp/
- From the Kali-Pi, ssh into the eye and complete the installation:
cd /tmp opkg update opkg upgrade opkg install libpcap aircrack-ng *.ipk uci set network.lan.peerdns='0' uci add_list network.lan.dns='9.9.9.9' uci commit cp kismet_cap /etc/init.d/ /etc/init.d/kismet_cap enable /etc/init.d/kismet_cap start
- Start kismet on the Kali-Pi
Usage:
1. Start the kismet server on the Kali-Pi
2. The initial web admin password is stored in:
“/home/pi/Kali-Pi/Menus/kismet/.kismet/kismet_httpd.conf”
2. Power up the eye
3. Ssh into the Kali-Pi via it’s wifi interface from your computer and establish a tunnel, e.g:
ssh -L 2501:localhost:2501 root@192.168.1.x
or using PuTTY on Windows, goto “connections->ssh->tunnels
4. Open a browser on your computer and point it to http://127.0.0.1:3501
Tips:
1. Upgrade all packages on the eye:
opkg list-upgradable | cut -f 1 -d ' ' | xargs opkg upgrade
2. Update the kismet server on the Kali-Pi:
cd /usr/local/src/kismet make clean git pull ./configure make -j4 sudo make suidinstall
Happy hacking 🙂
Problems, questions, feedback? Join us in the forums:
https://whitedome.com.au/re4son/forum/
Last modified: