projects:penetration_testing:hardware_projects:minipwner_updated_guide_2019

Minipwner 2019

This is a working guide which contains info on how to take a MR3040 and turn it into a minipwner. The guide doesn't introduce anything new that is different, but rather is built upon 2 guides existing on the internet but since the first guide was out-of-date and the 2nd guide was incomplete, this guide would be the new guide which will get you a fully working minipwner for use in pentesting environments.

A minipwner is a hacking device built upon a portable router. For this guide, I will be using a MR3040. The MR3040 is not available to buy in stores any more, as far as I have seen, but on aliexpress they still sell them, if you're willing to wait a month for delivery or if you're lucky, you can get one second hand.

  • Integrated Wired and Wireless connections

Once plugged into a target network, the Mini-Pwner can establish an SSH tunnel through the target network, or can be accessed by wifi. In addition, the MiniPwner can be configured as a wifi sniffer and logger - war walking in your pocket.

  • Low power consumption, can be run off battery.

With a 2000 mAh built-in battery, the Mini-Pwner will run for over five hours of active wired and wireless activity. No need to find a power outlet during the pen test.

  • Multiple Pen Testing Tools included:

aircrack-ng, elinks, ettercap-ng, karma, kismet, nbtscan, netcat, nmap, openvpn, perl 5, samba client, snort, tar, tcpdump, tmux, yafc, and wget all come pre-installed.

  • Flexible and Expandable

The MiniPwner runs on the open source OpenWrt operating system. You can easily add or change the installed packages.

  • Small size

The MiniPwner can be easily carried in a pocket, hidden behind a telephone, or hang from a jack by a short ethernet cable (included).

The guide is done in two parts. One is setting up the USB, the other is preparing the router.

Most of the information here is correct so it will be used to prepare the USB.

First, you need to format the USB stick. You will need two partitions on the USB drive. A swap partition and an EXT3 partition. In my opinion, the original guide gets it wrong and the newer guide by nicholasadamou gets it wrong as well, as I only managed to get past a kernel issue during the minipwner setup, only by using ext3.

It is important to remember which partition is which, so for me, the first partition is the swap partition and the 2nd partition is the ext3 partition where data will be stored permanently.

My router firmaware specifications:

OpenWrt Attitude Adjustment 12.09 / LuCI 0.11.1 Release (0.11.1)

First, we need to get the OpenWRT software from the official page.

https://openwrt.org/toh/hwdata/tp-link/tp-link_tl-mr3040_v2

and the version to get is named “openwrt-ar71xx-generic-tl-mr3040-v2-squashfs-factory.bin”

Boot your TP-Link MR3040 and login at http://192.168.0.1 (default credentials are admin/admin). Select System Tools and then Firmware Upgrade. Use the Choose File button to select the OpenWRT Barrier Breaker image. Use the Upgrade button to apply the image. Wait for the image to be applied. After the TP-Link reboots it will now be at 192.168.1.1 And you can plug in the USB into the router.

After installing openWRT to your router, you should log in and set a new root password so you can enable SSH and after that, go to Networking, and connect to the wifi graphically. Doing it graphically is faster and less prone to errors than doing editing files on the router, like the very first guide suggested.

First off, enable the wifi.

And then connect to the wifi of your choice.

Then, you're going to go to the Software category, and download additional packages.

Your OpenWRT should look similar, except for the packages to be installed. Currently as of doing this guide, I am doing it from a working minipwner. You should have a button there called “Update packages” or “Update”. You need to press it and update the router repository.

Once that is done, go to the Filter, and write in a part of the package name.

You will need to download these packages

  kmod-scsi-core
  kmod-usb-storage
  block-mount
  kmod-lib-crc16
  kmod-crypto-hash
  kmod-fs-ext4
  kmod-lib-crc32c
  kmod-crypto-crc32c
  

Note:I am not sure if kmod-lib-crc16c and kmod-fs-ext4 are needed but they were there in the 2013 guide so I left them in and I have them in my current minipwner.

Once you have the packages installed, reboot the router and SSH into it.

ssh [email protected]

At this point, the USB must be in the router.

Then go to the fstab file and change it to reflect these values. I'd like to pinpoint that in the Config Swap and Config mount, you put in the correct numbers of the partitions you made when partitioning the USB stick.

  vim /etc/config/fstab

The only way this differs from the original configuration is the changing of ext4 to ext3.

Once that is done, you run these commands:

  mkdir -p /tmp/cproot
  mount --bind / /tmp/cproot
  mkdir /mnt/sda2
  mount /dev/sda2 /mnt/sda2 
  tar -C /tmp/cproot -cvf - . | tar -C /mnt/sda2 -xf -
  umount /tmp/cproot

At this point, you reboot, and it should hopefully put the USB as the mounting point assuming you've followed this guide all the way.

Once the router has restarted and you've SSH'ed into it again, you can issue the df -h command to see if the root filesystem is the USB.

Then download this file to your PC. This is the minipwner overlay, which will turn your router into the minipwner.

minipwner-overlay_2.0.0.tar

Once it's on your computer, you can use SCP to transfer it over to the router.

  scp minipwner-overlay_2.0.0.tar [email protected]:/root/
  

And once you've done that successfully, you go to the router and write:

  tar -xvzf scp minipwner-overlay_2.0.0.tar
 

And then you just execute the shell file with sh setup.sh.

  sh setup.sh
  

And then reboot again, and then move the pin on the router to the WISP mode.

Once it boots up, you will see the Minipwner overlay working once you SSH into the machine again.

Congratulations! You now have built the minipwner successfully!

But you aren't done yet. You should still install some packages. I've included the default list of things to install from the 2013 guide. Since the terminal has a character limit of 255 characters, you cannot just copy paste it into there in one string, you have to do it in parts.

Remember to do OPKG update first!

  opkg update

And then you can start installing packages.

  opkg install libpcap libstdcpp libpthread zlib libopenssl libbz2 bzip2 terminfo libnet1 libpcre libltdl libncurses librt libruby wireless-tools hostapd-common-old kmod-madwifi ruby uclibcxx libnl libcap libreadline libdnet libdaq libuuid libffi python-mini openssl-util kmod-tun liblzo libevent2-core libevent2-extra libevent2-openssl libevent2-pthreads libevent2 aircrack-ng elinks ettercap karma kismet-client kismet-drone kismet-server netcat nmap openvpn-easy-rsa openvpn-openssl perl samba36-client samba36-server snort tar tcpdump tmux yafc wget python vim unzip

Sources

  • projects/penetration_testing/hardware_projects/minipwner_updated_guide_2019.txt
  • Last modified: 2019/08/19 23:28
  • by vares