Sunday, May 10, 2015

Raspberry Pi - Mobile Hotspot with Kali Linux

Recently I was playing with the idea to create a working 3G mobile hotspot from a Raspberry Pi, loaded with Kali Linux.
One can think of numerous reasons for having such a device handy, for example if your Smart Phone still doesn't have mobile hotspot functionality, Kali Linux has a lot of tools to make this work flawlessly, hence my selection ;-)

So there I was with my idea, I had no clue where to start, but after reading on the Kali Linux site I stumbled upon their downloads page where they have pre-built images, also for the Raspberry Pi.

I downloaded the Kali Linux 1.0.6a image for the Raspberry Pi onto my desktop from the link below, it came as a compressed file (apparently LMZA2 compression)
After unzipping this with 7-Zip, I had my kali-Linux-1.0.6a-rpi.img file ready to put on to my SSD card.
You will need to download the win32 disk imager from Source Forge to be able to put this onto your SSD card.

After writing my kali-Linux-1.0.6a-rpi.img file onto my SSD card, I plugged my SSD into my freshly purchased Raspberry Pi box and booted it up while connected to my HDMI screen.
It booted properly into Kali Linux with Xfce as window manager, and was able to login to the box with root as login and toor as default password, default there was network-manager set up which got me a DHCP address, so no problem for the initial network connection.

I'm a real CLI lover, so the first thing which I did is make some tweaks which allowed me to work more easily with the CLI environment:

I edited my ~/.bashrc file to turn on CLI colorization:

# You may uncomment the following lines if you want `ls' to be colorized:
export LS_OPTIONS='--color=auto'
eval "`dircolors`"
alias ls='ls $LS_OPTIONS'
alias ll='ls $LS_OPTIONS -lA'
alias l='ls $LS_OPTIONS -l'
I replaced the default network-manager on the RPi with ceni, this is a network manager which uses the /etc/network/interfaces file and ifup/ifdown scripts to manage the network side of things, because it gave me the most straight forward network experience, also tried nmcli and wicd-curses, but uninstalled these because of odd behavior.

First I installed ceni network manager:

Download the ceni Debian package at Siduction repository:

Install the pagkage:
The installation will generate some error because of missing dependencies, to correct this, execute the following:
To launch ceni:

The first time U run ceni it will complain about network-manager which is running, select to use ceni and shutdown network-manager, after doing this just exit ceni.
If you're happy with your DHCP IP, you don't need to do anything here, if you want to set a fixed IP you can use ceni to reconfigure your eth0 interface, but, don't do this if you're ssh'd into the box, because you'll loose connection while reconfiguring the interface.

If ssh'd into the box just edit your /etc/network/interfaces file and replace:
auto eth0
iface eth0 inet dhcp

with:
auto eth0
iface eth0 inet static
address 192.168.1.5
netmask 255.255.255.0
gateway 192.168.1.254


Secondly: I disabled and uninstalled network-manager:

root@kali:~# apt-get remove network-manager
root@kali:~# apt-get autoremove
  
Now's the time to reboot your Raspberri Pi to test your new network configuration, if all went ok, your IP address will be up after the reboot.

Now for the G3 broadband part of things, I will be using three packages:

- PPP
The PPP package will install the point to point protocol daemon, which will manage the connection between you and your 3g provider. On the version of Kali that we're currently using, this package comes already preinstalled.

- Sakis3g
Sakis3g is a script used to make a 3g connection. You need to be able to provide a few details: your APN, the PIN for your sim card and your username and password if your provider requires them.
In my case, I purchased a Huawei E303 dongle, and a prepaid sim card from a local providere where I live.
You can grab a copy of the script on the Sourceforge website and set it up as follows:

Before going further, you should attempt to make a 3g connection using the sakis3g script alone, proving everything you've done up till now works. Sakis3g has an interactive mode, which will prompt you for information regarding your 3g connection. In the terminal window, type:
and follow the prompts on screen. If you have no APN user or password, enter '0'. Once a connection has been made, make sure you can browse the internet, or issue a ping from the terminal window:

- UMTSkeeper
UMTSkeeper is used to automatically reconnect you to the internet if your connection drops, it nails your connection up, and keeps it up.
Download and set up UMTSkeeper with the following commands:

Now to make sure that Sakis3g and UMTSkeeper will work correctly together we move the Sakis3g script into the umtskeeper folder that we just created:

root@kali:~/umtskeeper# mv ~/sakis3g ~/umtskeeper/sakis3g
Now test UMTSkeeper. The command at first may look a bit confusing (the details are for my connection):

./umtskeeper --sakisoperators "USBINTERFACE='0' OTHER='USBMODEM' USBMODEM='12d1:1506' APN='CUSTOM_APN' CUSTOM_APN='safaricom' SIM_PIN='1234' APN_USER='saf' APN_PASS='data'" --sakisswitches "--sudo --console" --devicename 'Huawei' --log --silent --monthstart 8 --nat 'no'

Breaking it down a little, these are the areas that you will need to change:
USBMODEM: The Device ID we found using the lsusb command earlier
CUSTOM_APN, APN_USER, APN_PASS, SIM_PIN: Information about your sim card and your providers data network.

A full breakdown of the paramaters can be found on the UMTSKeeper site.

Once you are satisfied UMTSKeeper is working in harmony with Sakis3g, we can edit /etc/rc.local so that it starts when the operating system boots. In the terminal window, type:

and add the following single line, edited to show your path to the umtsfolder you found with the 'pwd' command earlier:

PATH GOES HERE/umtskeeper --sakisoperators "USBINTERFACE='0' OTHER='USBMODEM' USBMODEM='12d1:1506' APN='CUSTOM_APN' CUSTOM_APN='safaricom' SIM_PIN='1234' APN_USER='saf' APN_PASS='data'" --sakisswitches "--sudo --console" --devicename 'Huawei' --log --silent --monthstart 8 --nat 'no' &

Now exit, saving your changes, and reboot your Raspberry Pi.  Upon reboot your Raspberri Pi will be connected over 3g and keep your connection hammered up.

This concludes the Mobile broadband part of things, so now U have internet, now still need to have a Wifi access point for wireless clients to connect to and a DHCP server to give them an IP and a DNS server address.



For the wireless part we will be configuring hostapd.
To install this package:

After installation we need to modify the hostapd configuration file:

Uncomment and set DAEMON_CONF to the absolute path of a hostapd configuration file and hostapd will be started during system boot:

DAEMON_CONF="/etc/hostapd/hostapd.conf"

Save and close the file. Next create a text file called /etc/hostapd/hostapd.conf with the following contents:
# interface on which people will connect to your AP
interface=wlan0
# the bridge interface
bridge=br0
# the wireless driver to use (this default one will do in most cases)
driver=nl80211
# (IN == INDIA, UK == United Kingdom, US == United States and so on )
country_code=BE
# the name of your network that others will see
ssid=nixcraft
# Set operation mode (a = IEEE 802.11a, b = IEEE 802.11b, g = IEEE 802.11g)
hw_mode=b
# the Wifi channel on which to run your AP
channel=6
# the encryption of your access point
wpa=2
# your wireless password
wpa_passphrase=password
# key management algorithm
wpa_key_mgmt=WPA-PSK
# Set cipher suites (encryption algorithms)
wpa_pairwise=TKIP
#Set cipher suites (encryption algorithms)
rsn_pairwise=CCMP
auth_algs=1
# Accept all MAC addresses
macaddr_acl=0



Save and close the file.

How Do I start / stop / restart AP?

Use the following commands:
# /etc/init.d/hostapd start
# /etc/init.d/hostapd stop
# /etc/init.d/hostapd restart

Step #3: Configure /etc/network/interfaces

You can setup wlan0 in standalone mode or bridge it with eth0. The bridge mode will open your wireless client to access rest of the LAN and you will able to connect to the Internet. Most user bridge the wireless interface with the AP's Internet-connected interface.

Set br0 (wlan0+eth0) in bridge mode

You need to install bridge-utils package for configuring the Linux Ethernet bridge:
# apt-get install bridge-utils 


Step #3: Configure /etc/network/interfaces

You can setup wlan0 in standalone mode or bridge it with eth0. The bridge mode will open your wireless client to access rest of the LAN and you will able to connect to the Internet. Most user bridge the wireless interface with the AP's Internet-connected interface.

Set br0 (wlan0+eth0) in bridge mode

You need to install bridge-utils package for configuring the Linux Ethernet bridge:
# apt-get install bridge-utils


Edit /etc/network/interfaces, enter:
# vi /etc/network/interfaces
Modify or set config as follows:

 
auto lo br0
iface lo inet loopback
 
# wireless wlan0
allow-hotplug wlan0
iface wlan0 inet manual
 
# eth0 connected to the ISP router
allow-hotplug eth0
iface eth1 inet manual
 
# Setup bridge
iface br0 inet static
    bridge_ports wlan0 eth1
    address 192.168.1.11
    netmask 255.255.255.0
    network 192.168.1.0
    ## isp router ip, 192.168.1.2 also runs DHCPD ##
    gateway 192.168.1.2
    dns-nameservers 192.168.1.2
 
Save and close the file. At this stage I recommend that you reboot the computer or restart all services as follows (may not work over remote ssh session):
# /etc/init.d/networking restart
# /etc/init.d/hostapd restart

OR
# reboot



No comments:

Post a Comment