Wireless DeadDrop

After doing the usb dead drop project i quickly thought about other deaddrop type projects. The main constraint for the usb deaddrop project was the use of having to physically plug it in. The prospect of having the ability to do this wirelessly was very intriguing. So I did a bunch of research and asked around and finally found this solution. 

The wireless deaddrop project was the solution that i was able to create for the least amount of money. There are many routers that will do this a bit easier but they cost at minimum $150. 

Why a Deaddrop?
The name comes from the old spy technique of sharing files, from wikipedia:
"A dead drop or dead letter box is a method of espionage tradecraft used to pass items between two individuals using a secret location and thus does not require them to meet directly. Using a dead drop permits a case officer and agent to exchange objects and information while maintaining operational security. The method stands in contrast to the live drop, so called because two persons meet to exchange items or information."

Deaddrop style projects seek to take information and files out of the general internet stream and make them available in a way that requires going to a physical location. This sort of file sharing is much more personable than just grabbing files from the internet. It is also a good way to share sensitive files as it can be obscured and even utilize encryption.

WARNING: This project involves flashing a router, which could break said router, and give you emotional hardship and having to learn how to telnet into a router. (FUN!) I'm not responsible for breaking your router or that you might gain experience on the linux command line that may be totally useless.

A TP-Link WR703N router
This router is a cheap little guy that has the ability to run OpenWRT. It's pretty powerful for the price. I had version 1.6 for this. 

1 USB drive
I used a 2GB one

A Computer with ssh access, i used a mac but a linux or windows would work too. 
An ethernet cable

Wifi

First off, we want to install OpenWRT to the router, openwrt is open source software that allows you to do all kinds of fun router stuff. Their site has a full run down of the WR703N. and the cool stuff you can do with it. 

Before you start, you have to download the right .bin to install onto the router, the one on the OpenWRT site is fine, but i found one with more driver support out of the box here: http://www.madox.net/blog/projects/tp-link-tl-wr703n/ (Note the file is in a .7z which will need to be unzipped)

I first installed the one from openWRT and then upgraded with madox's version above. 

To install first, plug your router into your computer's ethernet port, and make sure the router has power via usb

Then in your web browser go to 192.168.0.1 with the credentials admin/admin (it should have this info on the back of the router)

If you are lucky, it will be in english, if not (like me) it will be in chinese. You will want to click on the last menu item on the left and then the third one down in the submenu. You should see a menu like in the photo.

Pay attention to the build number, "Build 120925" means that you have a 1.7 version of the router and this tutorial will not work. 

In the file select box, select the .bin to upgrade the router. Then select the button that looks like it would be "OK" (see image notes)

if all goes well, you'll get a loading box, and the router will reset. After it fully resets, you should get to the openWRT menu at 192.168.1.1

If all went well, you should see a login menu, there is no password right now, so it will prompt you to do that. 

After you set the password, you will want to set the ip of the router to a different one so you can use it along side your home network. 

go to the network menu > click edit on the LAN interface > and set the IPv4 network to 192.168.0.1 and save those settings. This will take a bit and force you to go to 192.168.0.1 to access the router now. 

next lets enable ssh
Go to System > Adminstration
Set interface to unspecified, set the port, 22 is standard, allow ssh and allow the root user to ssh into the router.

Now go to a terminal and type 
ssh root@192.168.0.1
you should be prompted for you password and then you'll be given a command line prompt like the one below.

The storage on our little router isn't much so we can expand it. We are going to do this with a usb drive. 

First, we need to format the usb drive to ext4. you could do this with fdisk, but fdisk confuses me and makes my brain hurt so i did this using gparted. gparted is native to linux, so you all on linux have the advantage here.

For the rest of us, gparted has made a live cd which you can grab here: http://gparted.sourceforge.net/

Burn that to a disk, and then with your usb plugged in run it.

Take the first partition and leave a little extra left, i left 128mb and format that to ext4, then formate the rest to linux-swap which you can use with the router. 

Now that you have a perfect usb drive, you can transfer the root of the router to it. 

SSH into the router and run the following to make sure you have what you need installed:

opkg install kmod-fs-ext4 block-mount

(opkg is the package manager for OpenWRT)

Then you can transfer the root of the router to the usb drive with the following commands:

mkdir -p /mnt/sda1 (make a directory to mount the usb drive to)
mount /dev/sda1 /mnt/sda1 (mount the drive to that directory)
mkdir -p /tmp/cproot (make a temp directory for the root directory) 
mount --bind / /tmp/cproot (mount root to the temp directory)
tar -C /tmp/cproot -cvf - . | tar -C /mnt/sda1 -xf - (transfer the temp copy of root to the usb drive)
umount /tmp/cproot (unmount the tmp root)
umount /mnt/sda1 (unmount the usb drive)

Next, you need to change the fstab to mount the root directory when the router restarts.

open the /etc/config/fstab file and change

option target /home 

to 

option target /

and change

option enabled 0

to

option enabled 1

Then reboot the router. Once the router fully reboots, you can run df -h and if it worked, you'll see the following. If it shows you something different, then you need to follow the steps again (from the formatting) and try again

I got all my directions for this here: http://en.code-bude.net/2013/02/16/how-to-increase-storage-on-tp-link-wr703n-with-extroot/

As of right now, to login and do this, you will have needed to physically have a connection to the router via an ethernet cable. OpenWRT allows one to make a wifi network that connects to our wireless network and broadcast its own wireless network, at the same time. This will be useful for the messing with the router so you can access the internet while you are hacking away.

First lets get the router to connect to your base wifi. 

go into Network >> Wifi and click "Scan"

The router will find your wifi and you can select it from a list. Click "Join Network", enter the passkey if needed and leave all the settings the same and make sure the mode is "Client" Save and Apply those settings and you should see a number greater than one in the bit rate. To test if this is working, connect your router via ethernet, and turn off your wifi, you should be able to get to the internet. 

Next we want to create a wifi hotspot from the router. 

Go into Network >> Wifi and select "Add"
Set the ESSID, i did DEADDROP for our project, make sure the mode is "Access Point" and select network LAN

Save those settings, and you should see on your wifi scanning the network you just created. You should be able to connect to that network and get full internet access. 

Now you should have the following:
A hacked router that is broadcasting its own wireless network from which you can access the internet without connecting an ethernet cable.

The last step for our router is to enable filesharing, I decided the best way to do this was through samba, as samba is easily supported by mac, linux and windows. 

First ssh into the router and run opgk install samba, that should install all your necessary dependencies. I followed the instructions here: http://wiki.openwrt.org/doc/howto/cifs.server

Once samba is installed, you should be able to access from the web client the settings which is much easier than doing it via CLI. 
Go to Services >> Network Shares, here you define the names and the name of the shared directory. Make sure the directory you are sharing is chmod'd to 777 

After that is done, the samba share should just show up on mac. Look into how to access samba shares on windows and linux if you can't see it right away. There is also samba share apps for android, not sure about iphone. 

Now that you have a router that acts as a wireless deaddrop, you might want to find ways to make it even more wireless. My suggestion is to implement a solar charging situation that would allow one to leave the router somewhere hidden and have it be accessible to everyone.

Anyway, good luck and Happy Hacking! Please post your own projects in the comments!