search

RoganDawes / P4wnP1_aloa

P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming and physical engagements ... or into "A Little Offensive Appliance".
GNU General Public License v3.0
3.75k stars 499 forks source link

WiFi / Trigger actions / SSH #238

Open TheStorm135 opened 4 years ago

TheStorm135 commented 4 years ago

This is for V0.1.1-beta

Trigger actions / WiFi: whenever i make one and reboot the PI it deletes my action

WiFi: what is the file name so i can edit the WiFi permanently so i don have to connect to it load my WiFi settings disconnect and connect again. i want to change it so it in permanently the same name. i made a trigger action to do that for me but then it gets deleted

SSH: This is what i type sudo ssh 172.24.0.1 this is the output if you know how to change the IDENTIFICATION key please tell me @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the ECDSA key sent by the remote host is SHA256: i dont think i should show this idk. Please contact your system administrator. Add correct host key in /root/.ssh/known_hosts to get rid of this message. Offending ECDSA key in /root/.ssh/known_hosts:1 remove with: ssh-keygen -f "/root/.ssh/known_hosts" -R "172.24.0.1" ECDSA host key for 172.24.0.1 has changed and you have requested strict checking. Host key verification failed.

thecoder-001 commented 4 years ago

For the SSH issue:

It looks like you have changed ssh keys of kali and the system thinks that you are contacting to someone else or the warning is legitimate and someone is really performing a man in middle on your system. For being on the safer side you should change your SSH keys and then remove the warning. Here's the steps:

1> Goto directory $ cd /etc/ssh/ 2> Backup existing keys $ mkdir default_kali_keys $ mv ssh_host_* default_kali_keys/ 3> Now, regenerate the keys $ dpkg-reconfigure openssh-server (as we are working on an rpi zero here, the key generation would take a lot of time. Don't interrupt the process (eg-power off) to prevent key corruption; if that happens, repeat the process). It would give output like this: Creating SSH2 RSA key; this may take some time ... 2048 SHA256:mvAt52noMi7BU4/TWj9pkKYOGvF+Jd8iDA54fEn3HrY root@kali (RSA) Creating SSH2 ECDSA key; this may take some time ... 256 SHA256:sn2iKR20fLJshc9pU222VSk7ipMdWtg/k6qTcFiMvRU root@kali (ECDSA) Creating SSH2 ED25519 key; this may take some time ... 256 SHA256:l63L+2A0qbYBABs4kDeVZxr2WgLyK5zLmZt/S8SMlKw root@kali (ED25519) insserv: warning: current start runlevel(s) (empty) of scriptsshoverrides LSB defaults (2 3 4 5). insserv: warning: current stop runlevel(s) (2 3 4 5) of scriptsshoverrides LSB defaults (empty). You can safely ignore the last two errors. Now safely reset the SSH key:

Just edit ~/.ssh/known_hosts and delete line 1, as the message pointed you:

Offending ECDSA key in /root/.ssh/known_hosts:1

or simply use ssh-keygen to delete the invalid key: ssh-keygen -R "you server hostname or ip"

thecoder-001 commented 4 years ago

For added clarification, the steps 1, 2 and 3 are to be performed on pi and the last editing step on your pc. PS: You took the correct decision to not publish your keys, that would have been very bad.