You are previewing Linksys® WRT54G Ultimate Hacking.
O'Reilly logo
Linksys® WRT54G Ultimate Hacking

Book Description

This book will teach the reader how to make the most of their WRT54G series hardware. These handy little inexpensive devices can be configured for a near endless amount of networking tasks. The reader will learn about the WRT54G's hardware components, the different third-party firmware available and the differences between them, choosing the firmware that is right for you, and how to install different third-party firmware distributions. Never before has this hardware been documented in this amount of detail, which includes a wide-array of photographs and complete listing of all WRT54G models currently available, including the WRTSL54GS. Once this foundation is laid, the reader will learn how to implement functionality on the WRT54G for fun projects, penetration testing, various network tasks, wireless spectrum analysis, and more! This title features never before seen hacks using the WRT54G. For those who want to make the most out of their WRT54G you can learn how to port code and develop your own software for the OpenWRT operating system.

Table of Contents

  1. Copyright
  2. Visit us at www.syngress.com
  3. Acknowledgments and Dedications
    1. Paul Asadoorian
    2. Larry Pesce
    3. Thank you!
    4. Book Web Site
  4. Co-authors
  5. Technical Editor
  6. 1. WRT54G Fundamentals
    1. Introduction
    2. Our Approach to This Book
    3. History of the Linksys WRT54G
      1. History of the WRT54G Open Source Firmware
    4. Linksys WRT54G Series Hardware
      1. WRT54G Series: Common Features
        1. Power
        2. The Reset Button
        3. LED
        4. Secure Easy Setup Button
        5. Processor Architecture
          1. BCM47xx
          2. BCM5352
        6. Storage
        7. Memory
          1. RAM
        8. Wireless and Ethernet Networking
        9. Antenna Connectors
      2. Determining Your Hardware Version
      3. WRT54G Models
        1. WRT54G, Version 1.0
        2. WRT54G, Version 1.1
        3. WRT54G, Version 2.0
        4. WRT54G, Version 2.2
        5. WRT54G, Versions 3.0 and 3.1
        6. WRT54G, Version 4
        7. WRT54G, Versions 5.0 and 6.0
        8. WRT54G, Version 7.0
      4. WRT54GL Models
        1. WRT54GL, Version 1.0
        2. WRT54GL, Version 1.1
    5. Linksys WRT54GS Hardware
      1. WRT54GS Models
        1. WRT54GS, Version 1
        2. WRT54GS, Version 1.1
        3. WRT54GS, Version 2.0
        4. WRT54GS, Version 2.1
        5. WRT54GS, Version 3.0
        6. WRT54GS, Version 4.0
        7. WRT54GS, Versions 5.0, 5.1, and 6.0
    6. Other Linksys WRT54G Hardware to Hack
      1. WRT54GC Models
      2. WRTSL54GS Models
    7. WRT54G Buyer’s Guide
      1. Average User
        1. Recommended Models
        2. Recommended Firmware
      2. Power User
        1. Recommended Models
        2. Recommended Firmware
      3. Typical Geek
        1. Recommended Models and Firmware
      4. Speed Freak
        1. Recommended Models and Firmware
      5. Hardware Hacker
        1. Recommended Models and Firmware
      6. Penetration Tester
        1. Recommended Models and Firmware
      7. Bargain Shopper
        1. Recommended Models and Firmware
    8. Resources
    9. Solutions Fast Track
      1. Our Approach to This Book
      2. History of the Linksys WRT54G
      3. Linksys WRT54G Series Hardware
      4. WRT54G Buyer’s Guide
    10. Frequently Asked Questions
  7. 2. Working with WRT54G Firmware
    1. Introduction
    2. Installing Third-Party Firmware
      1. Installing Firmware via the Web Interface
      2. Installing Firmware via TFTP
        1. The Ping Hack
        2. Using the Operating System nvram Command
        3. Directly in the PMON/CFE
        4. Linux TFTP Instructions
        5. Windows TFTP Instructions
        6. OS X TFTP Instructions
        7. Completing the TFTP Installation
      3. TFTP Firmware Installation Step by Step
      4. Installing Firmware via JTAG
    3. Introduction to Firmware Used in This Book
      1. Linksys Original Firmware
        1. Background
        2. Features
        3. Who Should Use This Firmware
      2. Latest Linksys Firmware (VxWorks)
        1. Background
        2. Features
        3. Who Should Use This Firmware
      3. OpenWrt
        1. Background
        2. Features
        3. Installation
        4. Who Should Use This Firmware
      4. DD-WRT
        1. Background
        2. Features
        3. Installation
          1. Installing DD-WRT on WRT54G, Versions 5.0-6.0
        4. Who Should Use This Firmware
      5. Ewrt
        1. Background
        2. Features
        3. Who Should Use This Firmware
    4. Other Firmware Worth Mentioning
      1. FairuzaWRT
        1. Background
        2. Features
        3. Installation
        4. Using FairuzaWRT
          1. The FairuzaWRT Command Line
          2. The Main Menu
          3. Installing Software under FairuzaWRT
          4. Installing Aircrack-ng with FairuzaWRT
        5. Who Should Use This Firmware
      2. Sveasoft
        1. Background
        2. Features
        3. Who Should Use This Firmware
      3. HyperWRT
        1. Background
        2. Features
        3. Who Should Use This Firmware
    5. Summary
    6. Solutions Fast Track
      1. Installing Third-Party Firmware on Your WRT54G
      2. Introduction to Firmware Used in This Book
      3. Other Firmware Worth Mentioning
    7. Links to Sites
    8. Frequently Asked Questions
  8. 3. Using Third-Party Firmware
    1. Introduction
    2. Configuring and Using OpenWrt
      1. The OpenWrt Command Line
        1. Configuring OpenWrt Using nvram
        2. Changing the IP Address
      2. Installing Software with Ipkg
        1. Installing Packages
      3. Working with VLANs
      4. Setting the Wireless Radio Transmit Power
      5. Configuring the DNS and DHCP Server Using dnsmasq
        1. Configuring a Caching-Only DNS Server
        2. Configuring a Custom DHCP Server
      6. SSH Server Security
      7. Reprogramming the SES Button As a WiFi Toggle
      8. Configuring NTP Time Synchronization
      9. Storage Using USB
      10. Storage with Samba
        1. Configuring a Samba Server
        2. Configuring a Samba Client
      11. Backing Up and Restoring
      12. Installing and Using X-Wrt: A Web GUI for OpenWrt
    3. Configuring and Using DD-WRT
      1. Setting the Wireless Radio Transmit Power
      2. Making the File System Writable
      3. Working with VLANs
    4. Securing Your Firmware
      1. Securing OpenWrt
        1. Disabling Telnet
        2. Disabling HTTP and Enabling HTTPS
        3. Disabling DNS and DHCP Servers
        4. Verifying the Results
      2. Securing DD-WRT
        1. Disabling HTTP and Enabling HTTPS
        2. Disabling Telnet and Enabling SSH
        3. Disabling DHCP and DNS Servers
      3. Keeping Up-to-Date
    5. Summary
    6. Resources
    7. Solutions Fast Track
      1. Configuring and Using OpenWrt
      2. Configuring and Using DD-WRT
      3. Securing Your Firmware
    8. Frequently Asked Questions
  9. 4. WRT54G Fun Projects
    1. Introduction
    2. Wardriving-in-a-Box
      1. Prerequisites for This Hack
      2. Kismet
      3. The Finishing Touches
    3. Setting Up a Wireless Media Adapter
      1. Creating a Wireless Ethernet Bridge (WET)
        1. Configuring the Bridge
      2. Setting Up a Routed Bridge
        1. Configuring the Firewall
    4. Captive Portal-in-a-Box
    5. Asterisk for VoIP
      1. Installing Asterisk
      2. Configuring Asterisk
        1. Configuring modules.conf
        2. Configuring VoIP Provider Connectivity
        3. Configuring extensions.conf
        4. Configuring the X-Lite Soft Phone
        5. Troubleshooting Asterisk
        6. Auto-Starting Asterisk on Boot
    6. Summary
    7. Solutions Fast Track
      1. Wardriving-in-a-Box
      2. Setting Up a Wireless Media Adapter
      3. Captive Portal-in-a-Box
      4. Asterisk for VoIP
    8. Frequently Asked Questions
  10. 5. Securing Wireless Using a WRT54G
    1. Introduction
    2. Basic Wireless Security
      1. Select a Secure Network Name (SSID)
      2. Hiding Your SSID
      3. MAC Address Filtering
      4. Configuring WEP
    3. Configuring WPA-Personal (PSK)
      1. Introduction to WPA/WPA2 (802.11 i)
      2. Configuring WPA-PSK (and WPA2-PSK)
    4. Configuring WPA-Enterprise (and WPA2-Enterprise)
      1. Access Point Configuration
      2. Client Configuration
        1. OS X Configuration
        2. Windows Client Configuration
      3. Finishing Up
    5. Summary
    6. Solutions Fast Track
      1. Basic Wireless Security
      2. Configuring WPA-Personal (PSK)
      3. Configuring WPA-Enterprise (and WPA2-Enterprise)
    7. Frequently Asked Questions
  11. 6. WRT54G for Penetration Testers
    1. Introduction
    2. Tunneling and VPN
      1. Using the WRT54G As an OpenVPN Bridged Client
      2. Remote Office Connectivity with vpnc
    3. Wireless Security Tools Using OpenWrt
      1. WRT54G Kismet Drone
        1. Installing and Configuring a Kismet Drone
      2. WRT54G Remote Bluetooth Scanner
        1. About the Bluetooth Adapter
        2. Preparing the WRTSL54GS USB Capabilities
        3. Configuring the USB Bluetooth Adapter
        4. Using the USB Bluetooth Adapter to Discover Devices
      3. WRT54G Remote 2.4GHz Spectrum Analyzer
    4. WRTSL54GS CDMA Internet Connection
    5. WRT54G Wireless Captive Portal Password Sniffer
    6. Summary
    7. Solutions Fast Track
      1. Tunneling and VPN
      2. Wireless Security Tools Using OpenWrt
      3. WRTSL54GS and CDMA Internet Connection
      4. WRT54G Wireless Captive Portal Password Sniffer
    8. Frequently Asked Questions
  12. 7. WRT54G Hardware Hacking
    1. Introduction
    2. Fun with Wireless Antennas
      1. Components Needed for This Hack
      2. Understanding RF
    3. Antenna Types
      1. Omnidirectional Antennas
      2. Directional Antennas
      3. Attaching Antennas to the WRT54G
    4. Adding Ports: SD Card, Serial, and JTAG
      1. Opening the Router
        1. WRT54G and GL Series
        2. WRTSL54GS Series
      2. SD Card
        1. Components Needed for This Hack
        2. The Hack
          1. Using the SD Card under OpenWrt
      3. Serial
        1. Components Needed for This Hack
        2. The Hack
          1. Using the Serial Port under OpenWrt
      4. JTAG
        1. Components Needed for This Hack
        2. The Hack
      5. Constructing a JTAG Cable
    5. Powering Your WRT54G with Alternative Sources
      1. Components Needed for This Hack
      2. The Hack
        1. Alkaline Batteries
        2. Rechargeable Lithium-ion Battery Pack
        3. 12. Volt Lead Acid Battery
        4. Battery Comparison
        5. Usb
        6. Fire Wire 400
        7. Automotive Power
        8. Homebrew Power over Ethernet (PoE)
        9. Alternative Power Summary
    6. Attaching Your WRT54G to Your Laptop
      1. Component Needed for This Hack
      2. The Hack
    7. Summary
    8. Solutions Fast Track
      1. Fun with Wireless Antennas
      2. Adding Ports: SD Card, Serial, and JTAG
      3. Powering Your WRT54G with Alternative Sources
      4. Attaching Your WRT54G to Your Laptop
    9. Frequently Asked Questions
  13. 8. Troubleshooting WRT54G
    1. Introduction
    2. Using OpenWrt Failsafe Mode to Unbrick Your Router
    3. Using JTAG to Unbrick Your Router
    4. Getting Further Help
      1. Resources for This Book
      2. OpenWrt
      3. DD-WRT
      4. Ewrt
      5. WRT54G Hacking Help
    5. Summary
    6. Solutions Fast Track
      1. Using OpenWrt Failsafe Mode to Unbrick Your Router
      2. Using JTAG to Unbrick Your Router
      3. Getting Further Help
    7. Frequently Asked Questions
  14. A. NVRAM Command Reference
    1. Introduction
    2. nvram Command Usage
    3. IP and Networking
    4. VLANs
    5. Wireless
    6. File System
    7. Miscellaneous Hardware and Custom Software Options
  15. B. Hardware Hacking Parts
    1. Introduction
    2. Antennas
    3. SD Card
    4. Serial Port
    5. JTAG
    6. Alternative Power