2017
05.25

Sup all,

Sorry for the delay in posting any new articles but life caught up with me.

This article involves the inverse path usb armory and how to not only ssh into it, but be able to reach the outside world from it while connected to my gentoo machine.

As of the time of writing:
– the image used on the armory was debian base 20170518
– Gentoo Base System release 2.3
– Gentoo sources 4.11.2-r1

There were some kernel changes that had to be made due to the usb CDC networking:

Device Drivers --->
    [*] Network Device Support --->
        <*> USB Network Adapters --->
            <*>   Multi-purpose USB Networking Framework
                -*-     CDC Ethernet support (smart devices such as cable modems)
                <*>     CDC EEM support
                -*-     CDC NCM support
                <*>     CDC MBIM support
                <*>     Host for RNDIS and ActiveSync devices
            <*>   Simple USB Network Links (CDC Ethernet subset)
                [*]     Embedded ARM Linux links (iPaq, ...)

These settings will create an eth interface called enp0s20u1 when the usb armory is plugged in (ignore the first column since its dmesg timing).

Once the image is loaded onto the microsd card and the usb armory plugged in, dmesg should give you something similar to :

[ 1199.466184] usb 1-1: new high-speed USB device number 4 using xhci_hcd                                                                                                                                                                                                                  
[ 1199.637025] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a2                                                                                                                                                                                                                
[ 1199.637032] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=0                                                                                                                                                                                                           
[ 1199.637035] usb 1-1: Product: RNDIS/Ethernet Gadget                                                                                                                                                                                                                                     
[ 1199.637037] usb 1-1: Manufacturer: Linux 4.9.28 with 53f80000.usb                                                                                                                                                                                                                       
[ 1199.645848] cdc_ether 1-1:1.0 usb0: register 'cdc_ether' at usb-0000:00:14.0-1, CDC Ethernet Device, 1a:55:89:a2:69:42                                                                                                                                                                  
[ 1199.651675] cdc_ether 1-1:1.0 enp0s20u1: renamed from usb0                                                                                                                                                                                                                              
[ 1199.659833] IPv6: ADDRCONF(NETDEV_UP): enp0s20u1: link is not ready

Once plugged in, you are going to want to ssh into your usb armory and grant it internet access. The best thing to do is something along the lines of the next couple of commands. i placed them all in a script for ease but i will just paste the raw commands below (YMMV):

sudo ifconfig enp0s20u1 10.0.0.2 gateway 10.0.0.2 netmask 255.255.255.0
sudo echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward
sudo iptables -t nat -A POSTROUTING -o wlp3s0 -j MASQUERADE
sudo /etc/init.d/iptables save
sudo /etc/init.d/iptables stop
sudo /etc/init.d/iptables start

Now to test it but just remember that both user and password are “usbarmory”:

ssh usbarmory@10.0.0.1
usbarmory@10.0.0.1's password: 
Warning: untrusted X11 forwarding setup failed: xauth key data not generated

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Thu May 25 23:53:59 2017 from 10.0.0.2
-bash: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
usbarmory@usbarmory:~$ 

and Voila!!!

now you are in the usb armory and you can update it.

The following two tabs change content below.

charlie root

VP of keeping it real / HNIC at pissedoffadmins.com
I bring the cold coffee.

Latest posts by charlie root (see all)

No Comment.

Add Your Comment