RedPill: setup

What's RedPill?  follow that link http://counterinception.com/redpill

How to set it up? You need:

write the unzipped raspbian iso file from http://downloads.raspberrypi.org/raspbian_latest on the microSD

assemble the lot, plug the raspberry ethernet into your home router, so it will show up on your home LAN, we will assume its IP is 192.168.0.9 for the demonstration but you will have a different IP.

from your desktop (not the raspberry box) execute the following:

#get some config files
git clone https://github.com/quentinsence/redpill/etc
#generate keys to access the raspberry pi
ssh-keygen -P "" -t rsa -f mitm
ssh-copy-id -i mitm pi@192.168.0.9
#copy various config files
scp -r -i mitm etc pi@192.168.0.9:~/
ssh -i mitm pi@192.168.0.9 'sudo cp /home/pi/etc/interfaces /etc/network/'
ssh -i mitm pi@192.168.0.9 'sudo cp /home/pi/etc/sshd_config /etc/ssh/'
ssh -i mitm pi@192.168.0.9 'sudo /etc/init.d/ssh restart'

now log on your raspberry:

sudo raspi-config
#choose menu 1 expand partition
#choose menu 8 -> A3, set GPU memory to 16#reboot
sudo apt-get update && sudo apt-get -y upgrade
#setup wireless Access Point
sudo apt-get -y install hostapd dnsmasq
#install hostapd
wget https://github.com/jenssegers/RTL8188-hostapd/archive/v2.0.tar.gz
tar -zxvf v2.0.tar.gz
cd RTL8188-hostapd-2.0/hostapd
make
sudo make install
sudo service hostapd restart
sudo cp /home/pi/etc/hostapd.conf /etc/hostapd/
sudo cp /home/pi/etc/dnsmasq.conf /etc/dnsmasq.conf
sudo cp /home/pi/etc/iptables.ipv4.nat /etc/
sudo cp /home/pi/etc/hostapd /etc/default/
sudo cp /home/pi/etc/hostapd.edimax /usr/sbin/
sudo mv /usr/sbin/hostapd /usr/sbin/hostapd.bak
sudo ln -s /usr/sbin/hostapd.edimax /usr/sbin/hostapd
sudo chmod +x /usr/sbin/hostapd.edimax
sudo sh -c "echo net.ipv4.ip_forward=1 >> /etc/sysctl.conf"
sudo update-rc.d hostapd enable
sudo update-rc.d dnsmasq enable
#prerequisites for mitmproxy and extras
sudo apt-get install python2.7-dev libxslt1-dev libxml2-dev python-pip libffi-dev libtool automake tcpdump tshark dnsutils screen python-simplejson python-imaging sqlite3
sudo pip install mitmproxy

#allow wireshark capture for users
sudo chmod +s /usr/bin/dumpcap

#setup seafile
wget https://github.com/haiwen/seafile-rpi/releases/download/v4.1.2/seafile-server_4.1.2_pi.tar.gz
tar zxvf seafile-server_4.1.2_pi.tar.gz
cd seafile-server_4.1.2_pi
./setup-seafile.sh
./seafile.sh start
./seahub.sh start

crontab -e
#paste these 3 lines in your crontab
@reboot /usr/bin/screen -dmS mitm /home/pi/bin/mitm.sh 2>&1
@reboot /home/pi/seafile/seafile-server-latest/seafile.sh start
@reboot /home/pi/seafile/seafile-server-latest/seahub.sh start

#automatically reattach the screen session after ssh
echo "screen -r" >> /home/pi/.profile
sudo shutdown -r now

Now when you ssh in the raspberry pi, it opens directly the mitmproxy interface

Set your smartphone to join the "MitM" access point. In order to decrypt encrypted traffic, you need to install the mitmproxy certificate, once you logged on the "MitM" AP, you can find it at the local address: http://mitm.it

more details:

http://mitmproxy.org/doc/certinstall.html

Rating: 
No votes yet

Add new comment

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
By submitting this form, you accept the Mollom privacy policy.