I did a post on this a few years ago, here is an update for 2013. This walkthrough is based on the technique found here: http://www.ex-parrot.com/pete/upside-down-ternet.html
First the disclaimer: Do not do this to any sort of important computer or network, because it WILL break things. This is meant as a prank for home use only; such as confusing your brother, sister, kids, wife, etc... Doing this to a network you don't own is a felony and could result in jail time and fines!
Add the following config to /etc/dnsmasq.conf to configure the dhcp server on eth1, which should be the USB ethernet adapter.
domain-needed
interface=eth1
domain=upside-down-ternet
dhcp-range=192.168.254.100,192.168.254.200,255.255.255.0,12h
Edit /etc/sysctl.conf to allow the Raspberry Pi to act as a gateway router. Add or uncomment:
Edit /etc/squid3/squid.conf and copy the text below. This configures squid to act as a transparent proxy with no caching. It also specifies a redirect script at /etc/squid3/upsidedown.sh.
cache_mgr dustin
cachemgr_passwd dustin all
cache deny all
redirect_program /etc/squid3/upsidedown.sh
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl localnet src 192.168.254.0/24 # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow localhost
http_access deny all
http_port 3128 transparent
cache_mem 64 MB
#cache_dir ufs /var/spool/squid3 150 16 256
coredump_dir /var/spool/squid3
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
First the disclaimer: Do not do this to any sort of important computer or network, because it WILL break things. This is meant as a prank for home use only; such as confusing your brother, sister, kids, wife, etc... Doing this to a network you don't own is a felony and could result in jail time and fines!
What it does
A small device (Raspberry Pi) powered by either a battery or cell phone charger is connected to your network in front of the intended victim's computer, which will wreak havoc on your victim's internet browsing. This method does not require changing any settings on any target computers.
The instructions assume that the computer you want to prank is using a DHCP assigned IP address. If the computer is using a manually assigned IP address, the only thing that will happen is the internet will be completely cut off - which isn't very funny. If you want to be really evil, you could put it in front of your internet router, causing all the devices that use your internet to be effected.
How it works
The Raspberry Pi is configured with with a dnsmasq DHCP server which will assign downstream computers a new IP address and gateway. A squid transparent proxy is installed on the Pi where traffic is redirected using iptables. A redirection script uses mogrify to alter images and then re-hosts the images through the a web server.
Equipment and Software
* Raspberry Pi Model B with Raspbian installed
* USB Ethernet Adapter
* CAT5 Patch Cable
These instructions assume that the Raspberry Pi is accessible through SSH, and also has access to the internet. Installing and configuring Raspbian is out of the scope of this post. If you need help, here is a great place to start: http://www.raspbian.org/RaspbianInstaller
Prepare the Software
For best results, overclock the pi to 800Mhz, and set to memory split to 32 or 16MB. For some reason my raspberry pi wouldn't boot when configured with 16MB. Also make sure that eth1 is configured with static IP 192.168.254.1.
Dnsmasq
Install with:
sudo apt-get -y install dnsmasqAdd the following config to /etc/dnsmasq.conf to configure the dhcp server on eth1, which should be the USB ethernet adapter.
domain-needed
interface=eth1
domain=upside-down-ternet
dhcp-range=192.168.254.100,192.168.254.200,255.255.255.0,12h
Edit /etc/sysctl.conf to allow the Raspberry Pi to act as a gateway router. Add or uncomment:
net.ipv4.ip_forward=1
Type /etc/init.d/dnsmasq restart and then plug a laptop into the USB ethernet adapter. You should get an IP in the 192.168.254.xxx range. At this point although the gateway should be reachable, there is no NAT configuration so you won't be able to access the internet.Squid
Install squid, iptables, and imagemagick:
sudo apt-get -y install squid3 iptables imagemagick
cache_mgr dustin
cachemgr_passwd dustin all
cache deny all
redirect_program /etc/squid3/upsidedown.sh
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl localnet src 192.168.254.0/24 # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow localhost
http_access deny all
http_port 3128 transparent
cache_mem 64 MB
#cache_dir ufs /var/spool/squid3 150 16 256
coredump_dir /var/spool/squid3
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
Iptables
Create a file iptables.sh and copy the text below:
#nat
iptables -t nat -A POSTROUTING -j MASQUERADE
#squid transparent proxy
iptables -t nat -A PREROUTING -i wlan0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.254.1:3128
iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
Hit ctrl-o to save the file, then ctrl-x to exit. Now the file needs to be made executable and copied to an appropriate location.
chmod +x iptables.sh
sudo cp iptables.sh /etc/init.d/
Apply the configuration at boot:
sudo update-rc.d iptables.sh start 99
iptables -t nat -A POSTROUTING -j MASQUERADE
#squid transparent proxy
iptables -t nat -A PREROUTING -i wlan0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.254.1:3128
iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
Hit ctrl-o to save the file, then ctrl-x to exit. Now the file needs to be made executable and copied to an appropriate location.
chmod +x iptables.sh
sudo cp iptables.sh /etc/init.d/
Apply the configuration at boot:
sudo update-rc.d iptables.sh start 99
Upside Down Redirection Script
First make sure Apache and perl are installed:
sudo apt-get install apache2 perl
Create a directory for the modified images and assign permissions:
sudo mkdir /var/www/images
sudo chmod 777 /var/www/images
Create the redirection script:
sudo nano /etc/squid3/upsidedown.pl
Paste this code:
#!/usr/bin/perl
$|=1;
$count = 0;
$pid = $$;
while (<>) {
chomp $_;
if ($_ =~ /(.*\.jpg)/i) {
$url = $1;
system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.jpg", "$url");
system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.jpg");
print "http://127.0.0.1/images/$pid-$count.jpg\n";
}
elsif ($_ =~ /(.*\.gif)/i) {
$url = $1;
system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.gif", "$url");
system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.gif");
print "http://127.0.0.1/images/$pid-$count.gif\n";
}
elsif ($_ =~ /(.*\.png)/i) {
$url = $1;
system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.png", "$url");
system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.png");
print "http://127.0.0.1/images/$pid-$count.png\n";
}
elsif ($_ =~ /(.*\.jpeg)/i) {
$url = $1;
system("/usr/bin/wget", "-q", "-O","/var/www/images/$pid-$count.jpeg", "$url");
system("/usr/bin/mogrify", "-flip","/var/www/images/$pid-$count.jpeg");
print "http://127.0.0.1/images/$pid-$count.jpeg\n";
}
else {
print "$_\n";;
}
$count++;
}
Press ctrl-o to save, then ctrl-x to exit. Make the script executable:
sudo chmod +x /etc/squid3/upsidedown.pl
Reboot the raspberry pi and make sure everything starts up automatically. Most images should now be shown upside down!
No comments:
Post a Comment