Fast, Free, and Easy VPN Build in Minutes - Hak5 2022

deploying an open VPN server in minutes

with one simple script + configuring

Android clients and automating

connections on the Wi-Fi pineapple all

that and more this time on hack 5 hello

and welcome to hack 5 my name is darren

kitchen hello welcome to our show my

name is Shannon Morris it's your weekly

dose of Technol s that's right it is oh

I'm very excited about this week's

episode why is that because we're we're

taking the best of both worlds free and

easy way time we like putting them

together VPN style what right you can do

that we can do that we have the

technology ok the technology let's jump

right in because because we need to make

it to the end of the show quick I can't

wait to hear who caught an Eevee

oh wait really ah hate you so much

what are you get a squirtle said that's

Jaron ok so in recent episodes we have

been showing off open VPN server setup

in two different ways there's the

freeway and then of course there's the

easy way so the first was what I would

call the easy way it's using Open VPN

access server which has a really pretty

web interface that I personally like

very much for management but it's only

free for up to two concurrent use users

so keep that in mind I will say though

totally worth the money because it is

super simple and if that's that's your

gig you know yeah nothing wrong the pain

just make you CEO pay for it so after

which you would need to buy a license

for every single connection so the

second way was installing and

configuring the open source open VPN I

was command-line yeah that was very fun

and surprisingly it was a lot easier

than what I thought it was going to be I

thought it was going to be crazy

complicated there's a few complications

in there but for the general consensus I

would say it was quite decent we got

going about video tutorial and this

required manually setting up encryption

keys and firewall rules but doesn't have

any fees associated with it so much it's

free a little bit harder to do so today

we are going to show you the lazy way

where you can have your key cake and you

can eat it too or in my preference you

can have your Starbucks and you can eat

it too both are free and easy and it

steps up and

minutes is that a Battlestar Gallactica

reference toy bareback nuggets hmm

alright we're talking about we're

talking about an epic script here and I

gotta give Matt shout out over to NY are

over on github this here is OpenVPN -

install you might imagine by the file

name what that does and it is dubbed the

OpenVPN road warrior installer for

Debian Ubuntu and CentOS ok cent OS or

whatever you'd like so finally over at

this github address it is awesome and

what it does is well it installs with

just one command check this out and here

I'm going to go ahead and copy this

command yeah it's really simple so let

me just grab this I have a brand new

virtual private server that I have set

up right here I'm actually using this

really cool Chrome extension for SSH by

the way it's yeah here I'll show you

where it's under well it's called secure

shell beta but just want to point this

out secure shell beta yeah you can find

out more about that in the extension

repository for Chrome if you're a chrome

Puffs like myself but it has Requa

cleara placed my my go-to putty because

i have a love-hate relationship with

buddy regardless a mess has aged into

this server I'm going to go ahead and

paste this command on I did the thing I

didn't want to do okay so this is in

fact this right here is the inherent

problem with a command like this and

pasting where there's a carriage return

at the end of the command hmm so what

happened was if you just do this keep in

mind arm what here let's just dissect

this command what's really interesting

is it it's two commands separated by

ampersand ampersand oh right well so if

we take a look here what's going on is

this ampersand ampersand is kind of like

a semicolon where we can basically

string two commands together yeah rather

than just a normal semicolon which would

you know first it would run this and

then it would hit the semi cool and then

it would run that the ampersand

ampersand says if the first command is

successful then run the second command

which is really cool because if it goes

to do this and it runs this W get

command and it fails it's not going to

then try to you know run the next

and what isn't going to work because it

depends on the first one completing

successfully exactly so what this is

going to do is that first command the W

get man it's going to go ahead and grab

a file off of well in this case get dot

io / VPN which by the way awesome

address right there that tack o is going

to say will save the file and give it

this file name OpenVPN - install sh and

if that's successful what we're going to

do is run bash so our our interpreter

here the bourne-again shell space Open

VPN - installed Sh okay and what's

really cool about that is it is not

going to then require us to do a chmod

plus x which is typically what we do to

change out of operation do that like

every week right and and so save my plus

X all does is make it executable uh if

we say bash space the file name were

already we're invoking bash which is

already executable yeah and then we're

telling bash hey here's a file I want

you to run so that's the quick and dirty

way for really anything over the

Internet I don't want to just like W get

this file and then you know amp amp bash

run it uh which is cool you know it it

means that you can get this up and

running very quickly it's kind of not

cool if this is a production server and

you don't know exactly what it's going

to be downloading I mean I will say it's

a pretty trusting command we can say

it'll execute whatever you'd like I'm in

his route that could be a problem you

are in route yeah shouldn't you like

check summon or something you know the

checksum would help in that if I were

concerned about the integrity of the

file like getting corrupted in transit

so typically we do for instance the

Wi-Fi pineapple we when we download the

firmware we always recommend a five well

actually we use better than md5 we use

sha-256 means better hashing algorithm

it's the same idea ya know if the

checksum doesn't match then what we

posted and what you downloaded were

corrupt and you should download again so

are you not worried about the integrity

of this file not as much as I am and as

I'm concerned about the fact that I'm

running this on my server so if for

instance this were man in the middle

and somebody injected some malicious

commands into this bastard ripped would

be screwed thankfully it is HTTP so you

can see that it's a you know I can be

reasonably assured that it's not going

to be messed up in transit so this is

probably not something that you want to

go ahead and do on a production server

but if you just spun up a cheap virtual

private server like I did you should be

good to go and I want to just download

the file and inspect it first yeah

wow that was a very verbose way of

saying you're running something from the

Internet is route right but let's go

ahead yeah let's actually check out the

script because as soon as I ran it it

started running the script and you can

see what it does is it says welcome to

the the quick openvpn road warrior

installer and it's just going to ask us

a few questions it is a interactive you

know a little wizard thing and so it

automatically figures out the IP for

address of this server and then it's

going to say hey what port do you want

it on and it's going to default to the

the very default 1194 so I'm just going

to hit enter and it's like cool what DNS

do you want and I could sit use the

current which is the default or hey look

at this they've got Verisign Hurricane

electric Open DNS I like Google's I'm

going to choose to whatever or I could

just hit enter and then finally give us

the name you know by default it says

client I could say snubs right here

NURBS so I'm going to leave it as client

and just hit enter and it's like okay

cool that's all we need it we're good to

go you hit enter and it's doing an

apt-get update its going to installing

an open VPN server right now it's

installing the open VPN server right

then it's going to configure the

certificates for us whoo it's going to

configure the firewall doors is going to

generate the keys for us and that client

over VPN is going to put all that

together so in fact here check that out

create in our keys oh that's cool so all

of that work that we did and that show

in the previous week one script we are

building on top of each of these

episodes about Open VPN yeah that's what

I like about this is that you learn the

theory you learn all the hard ways to do

it and then you fully understand you

know the really easy ones right yeah

you're right we could have started with

this one and be like so do the thing and

then you're done but you wouldn't have

known what

and we know that in the background

what's doing is John because you want to

know what's happening

exactly haha man it is taken some time

to generate those keys too but check out

the pretty ASCII art we're getting for

it so you know it reminds me of doom to

unpacking a wad file we you know give us

a like on YouTube but that made me sense

to you oh my god sorry

and there we go as you can see

everything is done for us we've already

started the VPN service we've set up our

keys and it'll even say your client

configuration is available in tilde on

our home directory as client a VPN and

if we want we can just go ahead and run

this one more time and we'll get another

key so of ILs here you can see now I

have that client a VPN file so that's it

that's your ready to guilty you can pick

up from last week where all we have to

do now is copy this client ovp and file

to over to our device of choosing and

I'll in with it that's awesome so I

highly recommend everybody go and check

it out it's a github.com github Duncan

I'm /n y or n yr n yr yes near I also

wanted to point out that similarly if

you're not looking to do this on a

virtual private server with this script

there is another and I know that we've

been asked many times about this what

that Raspberry Pi you got sitting in

your desk drawer yes I have like four of

those sitting around with nothing set up

on them at the moment well it's time to

get one set up snubs because turns out

Raspberry Pi is a fantastic Open VPN

server and because you know it pretty

good uptime right I mean it's a pretty

stable portable very low power

requirements right and so there is a

nice little script there if you set up

newbs or raspbian or any of those that

will allow you to very much like this go

ahead and turn your Raspberry Pi into an

open VPN server as well that's awesome

yes so in fact I could it's not made for

this because I'm on x86 virtual private

server here called dance Raven props to

NSA meme generator or whatever it is NSA

well maybe we should do in generator

actually installing this honor

berry pie well we could I could also

just come over here to github.com slash

starship engineer who has the open VPN

setup and this is specifically for

Raspberry Pi but I wanted to show you

very similarly the server side all you

have to do I've already done apt-get

updates I probably already have get on

this server let's see get nope okay this

is where I would run this if I had it

installed but I don't um actually hang

on nope can't find it okay well what

that command would have done is is see

fix this up so you previously previous

episodes about that command that fixes

things okay so now that I have git

I can come back over here and basically

all you have to do is clone this guy's

repository which is awesome so let's do

that and then CD over to it and you'll

see that I need to make this mm-hmm

cueball yep executable but now if I run

Open VPN setup that Sh I'm great check

that out it's a pretty little venue like

the land turtle yes and I can go ahead

and choose like okay let's set up our

server and it's like yeah and of course

it's going to be referencing the

Raspberry Pi I'm not on one bill let's

just do some imagination here we'll

continue and let's keep our version of

grub because that could be bad on this

VPS and then we give it our local IP and

you know what I don't even know what

that is but we're going to go ahead and

just give it the public IP we'll give it

the public IP again and then we're going

to use 2048-bit encryption and then it's

going to be like okay we're ready to go

press enter and that's it and as you

might imagine it's doing very similar to

that previous script and it's generating

those keys and it's going to set

everything up for you and when you're

ready to create your clients you just

run this script again choose create a

client and it walks you through the

whole thing so I just wanted to point

that out I don't have a Raspberry Pi

right here on the desk but do some

imagination that it's exactly the same

process that's so very yeah so that's

just another props to another awesome

github project and you can find that

over at github comm slash star

ship engineer nice so yes so what's next

okay well when we get back we're going

to be talking about getting open VPN

client setup on Android and configuring

your Wi-Fi pineapple to dial in on boot

first a quick word from our sponsors

might not building your own open VPN

server is an awesome idea and you know

what else is an awesome the idea given

it a suite domain name like the best

open VPN server on the internet calm you

can probably get that over at domain.com

that's where Shannon and I shop because

they have an awesome domain discovery

system that makes it super easy to find

the right domain for you and their

checkout process is super simple meaning

your website's going to be up and

running and online in no time and get

this the guys over at domain comm huge

fans of hack 5 so they've got the hook

up just for you 20% off that's right all

you have to do is use the coupon code

hak5 that spells hack 5 do that at

checkout and save yourself a bundle over

at domain.com and you know what you

should tweet them at domain.com and say

hey thanks for supporting hack 5 all

these years when you think domain names

think domain.com we're back and we have

a few of your OpenVPN questions first up

in no attribution of this one since it

comes from like everybody but

essentially how do you set up an open

VPN client on Android awesome question

I'm glad you asked and this is something

they should absolutely be doing yeah and

that we will be doing as we do think

okay it's because she wants to

play pokemon go well she's at DEFCON I

do all your time opponent I really want

to play Pokemon go at DEFCON to see what

kind of like desert Pokemon are

available is one of the reasons why we

use something like I don't know signal

for messaging at a hostile environment

that is DEFCON but yes there's there you

should always be in whether you're using

Wi-Fi or LTE you should be protecting

traffic regardless and so we love open

VPN and if you're following along this

long you probably do as well and you

probably wondering how do I make my

Android do that the same way mawatha

high on Apple does I don't know why we

can play pokemon go yes so let's just

check it out - I am I am so this is my

phone's screen mirrored over here and so

you can see in the Play Store you will

find the there's two there's open VP

and connect by actual openvpn it's got

like 10 million downloads this one's

pretty robust so I actually have that

over here let me go ahead and open that

guy up and you'll see that what you need

to do is you need to transfer your

openvpn config file that client to OU

VPN over to here to the open VPN client

go to more and then import and then

import the profile from sd card then

scroll all the way down to wherever you

have saved it and find your client 2 or

VPN that's the same one that we just

created in the previous block or segment

and then hit select ok ok and then we

can go ahead and hit connect and there

we go we're connected and we can see

duration of our connection how many

packets received and sent and now all of

our traffic is going through that VPN

that's so cool I want to point out some

preference stuff here that there is a

battery saver mode where you can

actually pause the VPN when the screen

is blank I don't really recommend that I

also recommend you know setting it up so

that it will reconnect every time you

boot you want to make it seamless so

that you know it'll block any internet

traffic that isn't going through the VPN

and the very first time you do this you

will get a pop-up from Android saying

like hey there's a new service that

wants to register as a VPN provider oh

ok yeah so this is actually hooking into

some very low level stuff with an

Android allowing it to do this so you

don't need a rooted phone you don't need

iptables engine kernel or anything weird

like that it has gotten so much better

over these years so I didn't just want

to point that out it's that simple

as far as actually transferring your

Open VPN connection you know that the OU

VPN files securely from say your server

in the cloud or be it your raspberry pi

yeah the best way to do that you could

do it like thumb drive you know and

sneakernet the thing over but I just

wanted to point out that there's a

pretty good app here that I like called

and FTP so and FTP I have it set up

right here and I already have a SCP

connection but as you might imagine you

hit new you type in the details of your

server and then it has a couple of

protocols that it supports including SCP

and as you guys know SCP is

just copying over SSH so as long as we

can SSH into our server and that's what

I have over here so I'll go ahead and

click through to SCP over to this server

and then I go ahead and authenticate

alright and as you can see here I'm

currently looking at slash root and

there is not only my Ovi Open VPN

install SH but you'll notice that client

VPN file so all I have to do is select

that and hit download and it's going to

go ahead and download that over SSH to

my phone so there you go that's a secure

way to transfer that client a VPN file

to your phone that's so cool I'm very

excited about it yeah I am too and we

also got a question from Alberto who

writes hi Darren love the show I have a

question can you show us or me how to

make the Wi-Fi pineapple Nano connect to

an open VPN on boot making a boot script

great question this follows up with one

of our first segments on setting up Open

VPN as specifically when we used a Wi-Fi

pineapple in this case a nano or you

could use a tetra really any open wrt

based device and the idea here was that

and you should go back and watch this

episode if you haven't it's pretty cool

of creating a VPN access point so that

anything connected to in this case Wi-Fi

pineapple uh anything connected to this

other Wi-Fi

exactly so you don't have to worry about

having a client on your Android and a

client on your Kindle you're not going

to find a Kindle client and a client on

all of the esoteric different devices

everything going through the Wi-Fi and

on in this case the Wi-Fi pineapple is

going to go through that VPN the

question about setting this on startup

very important because it was manual

process that we showed yeah and you if

you want to redo it every single time

right exactly in fact this is what I do

I can't emphasize this enough t-mobile

is awesome at least here in the San

Francisco Bay Area with their LTE

getting like 40 megabits a second which

is fantastic way better than any DSL

that I could get

however they throttle certain packets if

they know what the packet is which is

why I've gone ahead and done this

because I use an old cell phone tethered

to a Wi-Fi pineapple at my house as a

way to connect to the internet because

I'm

I don't want to spend way too much money

with 80 on a DSL service that's crap

so that notwithstanding anyway I just

got tired of t-mobile throttling my

stuff might as well run it through a VPN

but I do want to make sure that if I

unplug and replug my Wi-Fi pineapple my

home access point that that VPN

reestablishes so let me show you what I

did and it's just as simple as opening

up an SSH connection here just as you

normally would to your Wi-Fi pineapple

all right and so I'm connected I can LS

and I see I've got my client a VPN file

right there in slash root and let's go

ahead and edit this file in slash Etsy

/r c local i'll go ahead and talk a

little bit about this basically when a

modern machine boots up right there's a

number of processes that it goes through

to everything in the working order that

you know and love yeah you've got you

know your BIOS and then there's a

bootloader and it'll initialize a kernel

which will set up a file system which

will spin up all of the background

processes so usually when we talk about

starting up a user land program and that

is to say a program that runs outside of

the operating system you know not like a

driver or something as part of the

kernel but rather like running Skype or

something yeah Skype Photoshop steam all

of those are user land applications and

so is this open VPN

well then you know we want it to run

after all of those other services have

started so in Windows you may be

familiar with there's a startup folder

and anything that you put in there is

going to go ahead and start up whether

it's a program or a shortcut to a

program and it's going to start up after

Windows completes loading everything

right and you get the hourglass of hell

and we've all been there on Linux it's a

little different it really depends on

the version you have so I'm on Ubuntu

1604 and I have system D right and

system D is one of the many rewrites

over the history of Linux finding the

perfect initialization routine the Wi-Fi

pineapple in particular it runs not a

boon to but rather open wrt which is a

flavor of embedded linux and it has a

boot process very similar to any other

modern PC cool bootloader execute the

kernel about the file system kicks off

punch scripts okay so in the case

Wi-Fi pineapple we're not using systemd

but rather if we take a look at /x c /r

c d will notice that we have a bunch of

these different scripts okay so

basically what we're going to have here

are scripts that begin with an S and

scripts that begin with a k okay all

right and so well the s scripts are your

startup scripts in case for kill okay is

for kill yes that makes complete sense

right and so on boot it's going to go

ahead and actually just execute all of

those s or startup scripts in numerical

order so let me go ahead and LS those

again and you can see I'll do an LS tack

la that's it USSR CD so you can see them

in the nice little list these are

actually symlinks and there are some

links to different indie scripts right

so you can see that it begins with for

existence you know is setting up booed

and setting up systems firewall setting

up the network and then USB setting up

the FS tab for the file system setting a

PHP and SS A to D and all of those other

things and you can see that when it gets

to you know when it's almost done when

it's pretty much done I don't 95 done s

95 done right so so done will actually

reference another file and that is

called our C dot local so that's that

one that I was talking about that's kind

of like you know if you're an old dos

guy it's sort of like an autoexec.bat

from back in the day I don't know what

that is okay well you would just you

know make autoexec.bat do a ten prints

NURBS is the derp derp and 20 go to 10

ah you basic so basically what you want

to do is put anything you would like in

the RC dot local file ok so check this

out if I go over to or I don't have to

go anywhere if I just nano that slash

Etsy sauce arcielo Cal file you'll

notice it says put your command above

this line as long as it ends with that X

is 0 we're all good yeah so as you might

remember I have this client over VPN

file in slash route so if I now say Open

VPN and then slash I think I just say

open VPN service actually you just say

you just pass it / whether the the file

so in this case less routes a client to

VPN and then so that the first thing

it's going to do on boot after it

finishes all of those other things these

gets s95 done it's going to run the

script which is going to run open VPN

and that's going to start the service

yep run that in the background and then

the next thing I'm going to do is those

IP tables and I cheat sheet and just

keep them right here so that I can just

paste them in and boom there we go we

just really cool save that file close it

out and now every time you boot it's

going to execute those scripts it's so

cool it's gonna you know do all of that

for you like we had done in that

previous episode so that is kind of the

hacky way to do this that makes it just

start up automatically every time you're

working on the Wi-Fi pineapple exactly

and that's the same way that you can do

anything that you want to happen on boot

on any machine that uses this

initialization scheme so check your

slash Etsy for an RC local file and I

would say that the proper way just so I

don't get bunch emails is to actually

add the firewall rules to your /ot

config firewall configuration script our

file and then go ahead and you know use

the the proper D script for Open VPN to

start it as a service and enable it so

that it starts up on boot but listen if

you just take the commands that we did

from the previous week and pop them into

this file it's gonna get the job done

it's so cool yes that was so well I feel

like we know how to do this in every way

possible I think the only thing we're

missing is I devices iOS are we gonna

bring one of those on hack 5 good yeah

sure I mean let us guys know do you want

do you wanna do some iOS stuff we could

um he's just like uh

I mean if you actually can I really I

can't I can't be hater I'm right I'm

rocking a Windows box right yeah that's

you know like what if I everybody gives

you a wrap for that I know I'll switch

to a Chromebook run yeah all right so we

have some put you over to come back over

here oh no I'll get a netbook I know I

know get over here we're not done yet we

have some dates popular that's my thing

uh we have some dates to announce first

off we have a pen test with hack five

coming up in September it's September

16th through the 18th it's three days

hands-on training with the guys and

ladies at hack five we're going to go

over everything special yeah pineapple

duck turtle Metasploit and putting them

all together in a story-driven

environment that is very much theatrical

and immersive and fun

so it's unlike any InfoSec training

you've ever heard of I don't want to

spoil it by giving too much away other

than saying it's a real delight so check

that out pen test with hack five comm we

love doing it and also we're going to

Def Con stuff con 24 this year and we

will be there with a booth selling the

things and we're going to be there with

some of our friends we have a special

guest this year oh very exciting yes we

tell them yeah Brian brushwood from you

know scam stuff and BB live and

everything

knocking the system all scam school all

of us shampoo all the good stuff going

to be there in force at our booth so

that's cool too super exciting I don't

know what to expect I have no idea what

he's bringing but I'm sure it'll be an

awesome bag of tricks so check that out

it's going to be joining us as well so

it's going to be good fun we hope to see

you at Def Con yes and if you can make

it check out hack 5 org for details on a

possible meetup to go to the movies

because there's a special movie we would

like to see with you yeah I believe this

episode is releasing a few days before

the new born 5 movies so hashtag fake

Def Con on that that's all I'm gonna say

that's all I'm going to say about yeah I

once had pink hair oh man

so good I can't wait to talk about that

so anyway yes good stuff

feedback at hak5 org is how you can

contact us directly otherwise

us a comment below find all of our other

shows as well as our products and the

events that we're doing over at our

homepage hak5 org I love your guys's

support of this show for over a decade

especially if you want to get some of

the tools that we develop and use here

like the Wi-Fi pineapple the land turtle

the USB rubber ducky you can find all of

those over our very own store hack shop

that's H a K shop comm thank you so much

for your support on that and with that

i'm darren kitchen i'm shanley trust

your technology

go to catch up oh good mom

i want me to see that the very best like

no one ever was dude dude don't to catch

them is my real test to train them is my

cause I will travel across the land

searching far and wide each Pokemon add

some Sun the power that's inside Pokemon

gotta catch them all ok we're down here

alright ok