Open neclimdul opened 2 years ago
This checks if pfSense_ngctl_attach so both older and newer versions of pfSense are supported.
I can't seem to get this to work in pfSense 2.7. Getting the error in terminal: ngctl: send msg: File exists
My 5268AC died a while back and I've got some newer modem I've yet to get it working with this project so I can't do much to help ATM.
I can't seem to get this to work in pfSense 2.7. Getting the error in terminal: ngctl: send msg: File exists
Were you able to solve this? That's where I'm at right now and am debugging
Specifically an issue when defining etf for ont... I am reading through issues and debugging now
netgraph is no longer needed and supplicant is part of pfsense now. I use this:
wpa_supplicant -s -B -Dwired -iem0 -c/root/pfatt/wpa/wpa_supplicant.conf
If you have a cert that requires an older ssl method like the BGW210 you will need to create a custom ssl.cnf with this: `openssl_conf = openssl_init
[openssl_init] ssl_conf = ssl_sect
[ssl_sect] system_default = system_default_sect
[system_default_sect] Options = UnsafeLegacyRenegotiation`
Otherwise it will keep failing with method 13 error message.
Edit: This is a one line earlyshellcmd script.
So I'm just getting back to tinkering with this, I tried to go downgrade and pull certs and seems like they block downgrades now. So I don't have the wpa_supplicant option. I can only have a tethered bypass, and the question still stands. I'll start digging into what is going on when defining etc, etc.
edit: Or am I dumb? I think the main thing throwing me is that I don't see a wpa_supplicant.conf in the repo, but I do see that wpa_supplicant allows vlan tagging now
Okay, sorry for the additional traffic, but what ended up working for me was just using the built in pfsense way of doing it now. https://docs.netgate.com/pfsense/en/latest/recipes/authbridge.html
each wpa_config is unique to the certs you extract so you would need to get that after doing the downgrade and the exploit to download them from your gateway. That guide is in another project here: https://github.com/mozzarellathicc/attcerts
After you get those decoded you need to do what I posted above to use the supplicant method to remove the gateway completely.
Support newer versions of pfSense without pfSense_ngctl_attach.
Relates to #67