Installing kernel headers

Hy, i am following steps indicate at the following link: https://blog.salrashid.dev/articles/2022/wireguard_wireshark/
I want to run a .sh file for sniffing wireguard keys so that i can decrypt wireguard traffic captured with Wireshark. Now the problem is that, when i run the 'make' command inside the appropiate directory, it gives me the following error:
"/LIB/MODULES/5.4.194/BUILD no such file or directory"
I've found that this error occurs when the compiling process takes into account some kernel header files which are not installed. In the OpenWRT repo i can't find the packages that i need.

P.S: my OpenWRT is running into a OpenMPTCProuter system and 5.4.194 is its version. Running OpenWRT version is 21.02

You need the private keys to decrypt the data. If you own/control (or have legitimate access to) the endpoints, you will have access to the keys.

Otherwise, what you are doing would be considered hacking/cracking and is not condoned by the OpenWrt project and cannot be supported here.

Further, you're running a version of OpenWrt that is out of date, EOL, and unsupported.

Please feel free to clarify the purpose of your work.

2 Likes

You're not supposed to build Openwrt on Openwrt.

5 Likes

As described in the link that i've posted, this .sh file is a script that capture the keys exchanged between the two endpoints. I've access to both the endpoints and i can extract for each of them the public-private key couple but, in wireshark, it seems that it' requested also the ephimeral key which is used at the beginning of the wireguard tunnel setup and then it's discarded. So my purpose is substantially to obtain also this key.
Regard the legacy version of my OpenWRT system, as i mentioned, i've installed the OpenMPTCProuter image directly in my virtual machine so i can't control the version of openWRT in use. I've installed the ext4 image in the 'x86-64 (64 bits) section.

maybe i've understood uncorrectly the meaning of this repo. I think that in this repo i can find the kernel headers that i need.

great!

let us know when you do.

ok so the problem is that i can't find kernel headers for my OpenWRT version. I try to figure out this version precisely. Maybe after 21.02 is something else

... and you've already been told why.

yes, as psherman says, my OpenWRT version is old but in this repo there are packages for also legacy version. In fact, there are different OpenWRT versions listed but none of these is using the kernel version 5.4.194

because

  1. OpenMPTCProuter isn't proper openwrt
  2. Installing kernel headers - #3 by frollic
1 Like

ok so what can be the solution in this case?

as long as you're running OpenMPTCProuter, you're barking up the wrong tree.

2 Likes

ok man thank you for your support

i ask to @psherman if there's a way to decrypt wireguard traffic in wireshark using only private keys. If there's, you give me a huge help.
Thank you

Normally, you’d use wireguard to decrypt Wireguard packets. You can read though the Wireguard source code to see if there is a way to integrate that into wireshark. That is beyond the scope of these forums.

1 Like

thanks for the reply.
Related to the OpenWRT legacy version and kernel headers you can tell me something more?

You’re not actually using pure openwrt anyway, though, right?

2 Likes

exactly, i have installed on my VM the OpenMPTCProuter ext4 image

So talk to the people who maintain the openmptcprouter code. That is not openwrt.

2 Likes

i've had an idea: at present, i've this openmptcprouter installed and it is based on OpenWRT 21.02. If i try do what reported in https://github.com/openwrt/openwrt/tree/openwrt-21.02, maybe i am re-installing the OpenWRT with the kernel headers that i need. Can this work?