The LAN Turtle is a $50 device that allows you to use reverse-shells to get into a LAN network. This mostly allows you to run surveillance operations from anywhere (if you have a VPS or cloud server setup) to interact with the device. I spent a lot of time today playing with this device and following some of the tutorials to set it up and work with the available modules.
Here are some links to the Hak5 Shop to purchase and some of the tutorials:
I have been really enjoying playing around with this. I have only been using it locally so I have not had a chance to actually get a shell from a remote system on the internet but I haven’t had any problems. You can actually still do a lot of interesting things locally as well. It is great for pen-testing and I see how you could do some fun things remotely that could be malicious or you could just rick roll some pretty easily with DNSMasq Spoofing.
Here are some of the modules that I have been checking out:
- NMAP – Seems to be a shrunk-down version. Network scanning for clients.
- Auto SSH – Allows the device to continually connect to your cloud server or Linux box.
- SSH Key Manager – Allows you to configure and send an SSH key to a remote server
- DNSMasq Spoof – Allows you to use your server as the DNS and serve up fake websites instead of legitimate websites to the client (connected to LAN Turtle or if you do it right possibly the whole LAN)
- SSHFS – Because logs get removed when the LAN Turtle is shut off (placed in /tmp) you can set it up to send log files over to your server. This allows you to use a remote filesystem instead of the small amount of storage on the turtle itself
- URL Snarf – Man-in-the-Middle attack that allows your server to intercept all of the webpages the client goes to
- There are many other tools but these are the ones I have had time to play around with. I will add more as I get a chance to use them.
One thing I have yet to try is to set the computer I have attached to the LAN Turtle as the gateway or DNS for multiple computers on the network. I am wondering if this will allow me to send my Index.html file to other machines on the network.
Overall, I love this tool. I haven’t had any issues with any of the modules and the tutorials Darren from Hak5 posted are pretty much foolproof.