HackerBox 0031: the Ether

This month, HackerBox Hackers are delving into Ethernet, router operating systems, network monitoring, and network analysis. This Instructable contains information for working with HackerBox #0031, which you can pick up here while supplies last. Also, if you would like to receive a HackerBox like this right in your mailbox each month, please subscribe at HackerBoxes.com and join the revolution!

Topics and Learning Objectives for HackerBox 0031:

  • Configure the WT3020 Ethernet router
  • Install the OpenWrt operating system on the WT3020 router
  • Assemble the HackerBoxes EtherTap Kit
  • Deploy the EtherTap to passively monitor network traffic
  • Configure the Arduino IDE for use with the Arduino Nano
  • Interface an ENC28J60 Ethernet controller to the Arduino Nano
  • Transmit and receive Ethernet packets from the Arduino Nano

HackerBoxes is the monthly subscription box service for DIY electronics and computer technology. We are hobbyists, makers, and experimenters. We are the dreamers of dreams. HACK THE PLANET!

Step 1: HackerBox 0031: Box Contents

  • HackerBoxes #0031 Collectable Reference Card
  • Nexx WT3020F Ethernet Router
  • Exclusive HackerBox EtherTap Kit
  • Arduino Nano 5V, 16MHz
  • ENC28J60 Ethernet Module
  • Red Crossover Adapter Plug
  • Female-to-Female Dupont Jumpers
  • Exclusive OpenWrt Decal

Some other things that will be helpful:

  • Soldering iron, solder, and basic soldering tools
  • Computer for running software tools

Most importantly, you will need a sense of adventure, DIY spirit, and hacker curiosity. Hardcore DIY electronics is not a trivial pursuit, and HackerBoxes are not watered down. The goal is progress, not perfection. When you persist and enjoy the adventure, a great deal of satisfaction can be derived from learning new technology and hopefully getting some projects working. We suggest taking each step slowly, minding the details, and don't be afraid to ask for help.

There is a wealth of information for current, and prospective, members in the HackerBoxes FAQ.

Step 2: The Ether

"The only thing that really worried me was the ether. There is nothing in the world more helpless and irresponsible and depraved than a man in the depths of an ether binge, and I knew we'd get into that rotten stuff pretty soon." - Hunter S. Thompson, "Fear and Loathing in Las Vegas"

Ethernet (Wikipedia) is a family of computer networking technologies commonly used in local area networks (LANs). Ethernet was commercially introduced in 1980 and first standardized in 1983 and has since been refined to support higher bit rates and longer link distances. The linked "Ethernet Hacks" video, while otherwise quite good, makes the absurd claim that wired Ethernet is becoming obsolete due to wireless technologies.

The original 10BASE5 Ethernet uses big, fat coaxial cable as a shared medium. Newer Ethernet variants use twisted pair and fiber optic links in conjunction with hubs or switches. Over the course of its history, Ethernet data transfer rates have been increased from the original 2.94 Mbps to hundreds of Gbps.

Ethernet provides services including the lowest two layers of the OSI model (physical layer and data link layer). If you want to know more about the seven-layer OSI network model (you do), check out Wikipedia and/or this video.

Step 3: Nexx WT3020F Ethernet Router and OpenWrt

The Nexx WT3020 series of Ethernet Routers are based on the MediaTek MT7620N (specs). These routers include two UTP Ethernet ports and a 802.11n 300Mbps wireless interface operating on 2.4 GHz.

OpenWrt is an open source project for embedded operating system based on Linux, primarily used on embedded routers. All components have been optimized to be small enough to fit into the limited storage and memory available in home routers. OpenWrt may be configured using a command-line interface (ash shell), or a web interface (LuCI).

There are several thousand packages available for installation via the opkg package management system to extend the functionality of your device. These packages include firewalls, telephony, VPNs, storage, messaging, routing, and email services among many, many others.

This OpenWrt Wiki entry covers installing OpenWrt onto the WT3020 router. Under the "Installation" heading there is a table of binaries. Don’t use these. Instead, click on the link for “LEDE firmware download” just under that table. These are the latest versions. Here is a nice tutorial on flashing the routers firmware. The OpenWrt HOWTOs can be quite helpful as well.

Step 4: EtherTap Kit

The EtherTap is a passive Ethernet tap. It is "passive" in that the EtherTap looks just like a piece of Ethernet cable to the network where it is deployed. The pass-through ports are connected inline within the Ethernet connection to be monitored. The two channels of the pass-through (one going in each direction) are physically "tapped" in the traced of PCB. The tapped signals are coupled out to the two tap ports. The two tap ports only have their receive channels wired up. According to this safety mechanism, neither of the tap ports can transmit into the pass-through.

The EtherTap Kit includes:

  • Exclusive HackerBoxes EtherTap PCB
  • Two Black RJ45 Jacks
  • Two Yellow RJ45 Jacks
  • Two 220pF Ceramic Capacitors

Assembly of the EtherTap Kit is fairly straightforward. The two differently colored RJ45 jacks are actually identical and can be placed anyway you like. We generally place the black RJ45 jacks on the pass-through ports and the yellow jacks on the tap ports. The two capacitors are not polarized and can been inserted either way.

Operation of the EtherTap involves hooking up the pass-through and then connecting one of the tap ports (depending upon which direction of traffic you are monitoring) to a computer running a packet capture/analysis program like Wireshark.

Shout Out: The EtherTap was inspired by Michael Ossmann's Throwing Star LAN Tap, so there are a lot of relevant details and history over at his site Great Scott Gadgets. Michael makes some other very cool toys worth checking out while you are there.

Step 5: Arduino Nano Microcontroller Platform

The included Arduino Nano module comes with header pins, but they are not soldered to the module. Leave the pins off for now. Perform these initial tests of the Arduino Nano module separately from the BioSense Board and PRIOR to soldering the header pins the Arduino Nano. All that is needed for the next couple of steps is a microUSB cable and the Nano module just as it comes out of the bag.

The Arduino Nano is a surface-mount, breadboard-friendly, miniaturized Arduino board with integrated USB. It is amazingly full-featured and easy to hack.

Features:

  • Microcontroller: Atmel ATmega328P
  • Voltage: 5V
  • Digital I/O Pins: 14 (6 PWM)
  • Analog Input Pins: 8
  • DC Current per I/O Pin: 40 mA
  • Flash Memory: 32 KB (2KB for bootloader)
  • SRAM: 2 KB
  • EEPROM: 1 KB
  • Clock Speed: 16 MHz
  • Dimensions: 17mm x 43mm

This particular variant of the Arduino Nano is the black Robotdyn design. The interface is by an on-board MicroUSB port that is compatible with the same MicroUSB cables used with many mobile phones and tablets.

Arduino Nanos feature a built-in USB/Serial bridge chip. On this particular variant, the bridge chip is the CH340G. Note that there are various other types of USB/Serial bridge chips used on the various types of Arduino boards. These chips allow you computer's USB port to communicate with the serial interface on the Arduino's processor chip.

A computer's operating system requires a Device Driver to communicate with the USB/Serial chip. The driver allows the IDE to communicate with the Arduino board. The specific device driver that is needed depends upon both the OS version and also the type of USB/Serial chip. For the CH340 USB/Serial chips, there are drivers available for many operating systems (UNIX, Mac OS X, or Windows). The maker of the CH340 supplies those drivers here.

When you first plug the Arduino Nano into a USB port of your computer, the green power light should come on and shortly after the blue LED should start to blink slowly. This happens because the Nano is pre-loaded with the BLINK program, which is running on the brand new Arduino Nano.

Step 6: Arduino Integrated Development Environment (IDE)

If you do not yet have the Arduino IDE installed, you can download it from Arduino.cc

If you would like additional introductory information for working in the Arduino ecosystem, we suggest checking out the instructions for the HackerBoxes Starter Workshop.

Plug the Nano into the MicroUSB cable and the other end of the cable into a USB port on the computer, launch the Arduino IDE software, select the appropriate USB port in the IDE under tools>port (likely a name with "wchusb" in it). Also select "Arduino Nano" in the IDE under tools>board.

Finally, load up a piece of example code:

File->Examples->Basics->Blink

This is actually the code that was preloaded onto the Nano and should be running right now to slowly blink the blue LED. Accordingly, if we load this example code, nothing will change. Instead, let's modify the code a little bit.

Looking closely, you can see that the program turns the LED on, waits 1000 milliseconds (one second), turns the LED off, waits another second, and then does it all again - forever.

Modify the code by changing both of the "delay(1000)" statements to "delay(100)". This modification will cause the LED to blink ten times faster, right?

Let's load the modified code into the Nano by clicking the UPLOAD button (the arrow icon) just above your modified code. Watch below the code for the status info: "compiling" and then "uploading". Eventually, the IDE should indicate "Uploading Complete" and your LED should be blinking faster.

If so, congratulations! You have just hacked your first piece of embedded code.

Once your fast-blink version is loaded and running, why not see if you can you change the code again to cause the LED to blink fast twice and then wait a couple of seconds before repeating? Give it a try! How about some other patterns? Once you succeed at visualizing a desired outcome, coding it, and observing it to work as planned, you have taken an enormous step toward becoming a competent hardware hacker.

Step 7: Arduino Nano Header Pins

Now that your development computer has been configured to load code to the Arduino Nano and the Nano has been tested, disconnect the USB cable from the Nano and get ready to solder.

If you new to soldering, there are a lot of great guides and videos online about soldering. Here is one example. If you feel that you need additional assistance, try to find a local makers group or hacker space in your area. Also, amateur radio clubs are always excellent sources of electronics experience.

Solder the two single row headers (fifteen pins each) to the Arduino Nano module. The six pin ICSP (in-circuit serial programming) connector will not be used in this project, so just leave those pins off.

Once the soldering is complete, check carefully for solder bridges and/or cold solder joints. Finally, hook the Arduino Nano back up to the USB cable and verify that everything still works properly.

Step 8: ENC28J60 Ethernet Module

The ENC28J60 (datasheet) is an Ethernet controller chip. Thanks to its SPI interface, it is reasonably easy to use with even the simplest microcontrollers.

Note that some versions of this module have an LDO voltage regulator allowing them to be driven by 5V even though the ENC28J60 chip is 3.3V. This version of the module DOES NOT have a voltage regulator and needs to be supplied with 3.3V externally.

The EtherCard Arduino Library performs low-level interfacing from your Arduino code to the network. The library comes with several examples. A nice one to start with is backSoon.ino which will let you access the sketch on the Arduino Nano from any web browser on the same LAN.

Step 9: Crossover Adapter Plug

An Ethernet crossover (Wikipedia) is a cable or adapter plug used to connect computing devices together directly. It is most often used to connect two devices of the same type, e.g. two computers (via their network interface controllers) or two switches to each other. By contrast, patch cables or straight through cables are used to connect devices of different types, such as a computer to a network switch or Ethernet hub.

Wiring within the crossover is intentionally crossed to connect the transmit signals at one end to the receive signals at the other end and vice versa.

Step 10: HACK THE PLANET

If you have enjoyed this Instrucable and would like to have a box of electronics and computer tech projects like this delivered right to your mailbox each month, please join the HackerBox revolution by SUBSCRIBING HERE.

Reach out and share your success in the comments below or on the HackerBoxes Facebook Page. Certainly let us know if you have any questions or need some help with anything. Thank you for being part of HackerBoxes. Please keep your suggestions and feedback coming. HackerBoxes are YOUR boxes. Let's make something great!

Share

    Recommendations

    • Toys Contest

      Toys Contest
    • PCB Contest

      PCB Contest
    • Make it Glow Contest 2018

      Make it Glow Contest 2018

    17 Discussions

    0
    None
    TonyP110

    Question 3 months ago on Step 10

    So I assembled and soldered the ether tap. The pass through seems to work as I get internet connectivity to the computer the tap is connected to and from the router, but when I tap my Kali machine into it, wireshark is only picking up DHCP broadcasts and ICMP stuff from my Kali box on eth0 and nothing between the other computer and router. Do I need to change a network setting in my Kali box, or in wireshark?

    0
    None
    MichelleT161

    5 months ago

    After installing the new firmware for the router (http://downloads.lede-project.org/releases/17.01.4/targets/ramips/mt7620/lede-17.01.4-ramips-mt7620-wt3020-8M-squashfs-factory.bin) I have no new SSID and no response from http://192.168.8.1 at all. No ping, no webpage. Everything worked as expected in above procedure up until it stayed on the "rebooting" page for about 15 minutes. Powering it on and off results in blue LED but no observable activity. It's like it's bricked. What next?

    5 replies
    0
    None
    MichelleT161MichelleT161

    Reply 5 months ago

    did a 30-30-30 factory reset and no SSID and no response at 192.168.8.1

    Screenshot 2018-06-18 15.18.49.png
    0
    None
    usdjs6MichelleT161

    Reply 3 months ago

    MichelleT161 - When you install the open WRT software it changes your IP address for you. That's nice huh? So connect your router to your PC on the Lan port so it gives you an IP via DHCP.

    -hit the windows button and type CMD

    -type in IPCONFIG /ALL

    -scroll down till you see your ethernet connection and look for gateway (192.168.1.1) probably.

    This is the new address and the default user name will be root and password is blank.

    0
    None
    MichelleT161HackerBoxes

    Reply 5 months ago

    Thanks for the reply.

    Where is the configuration page, linked above, accessed? There is no response from 192.168.8.1

    The instructions seemed to indicate that an SSID would appear after the reboot, and that’s why we were supposed to write down the SSID before flashing the firmware, but if it’s disabled, then obviously it won’t be appearing. :)

    0
    None
    MichelleT161MichelleT161

    Reply 5 months ago

    coffee really helps figure things out.

    There’s another router here active at 192.168.1.1

    Turned it off, and got the right configuration page. We are back in action! Crisis averted.

    0
    None
    MatthewG210

    Question 5 months ago

    Can anyone give more in depth instructions on the backSoon code? Not sure how to access the webpage that's supposed to be brought up.

    1 answer
    0
    None
    eburmanMatthewG210

    Answer 4 months ago

    I really don't have a clear idea what I'm doing or why it worked, but here is how I got my webpage to show up. You will need to have a USB link between your nano and your computer to get the initial information. Open the Arduino IDE serial monitor. Set the baud rate to 57600. You should see a statement show up that says "[backSoon]" and then below that will be a list of your IP, GW, DNS addresses. Copy the IP address exactly as shown into your browser address bar. You should see this comment show up on an otherwise blank page:

    "This service is currently unavailable

    The main server is currently off-line.
    Please try again later."

    If you see that then you have been successful. You can go back into the code and change the text in the html section so that the webpage says whatever you like.

    0
    None
    jordemann

    6 months ago

    My First Hackerbox, 0031 Ether...I started this project feeling good. I read everything here, then started assembly. I was relieved in the beginning to see such explicit directions and information provided for things like Soldering (for which my skill level is 'very good ') So I began to expect there would be sufficient directions throughout this project. Now I am sitting here with everything soldered and connected and code downloaded, and I have NO IDEA what to do with it all... I keep looking for a button to the Next Page of this article or a link to putting the whole thing together in some useful manner, but to no avail. What am I missing here?

    2 replies
    1
    None
    HackerBoxesjordemann

    Reply 6 months ago

    There are two things in HackerBox 0031 that explicitly involve soldering and we're not sure which one you are wondering about, so a word about each...

    After soldering the EtherTap (Step 4), you can use it to monitor packets on any wired Ethernet link, which is useful for debugging or just learning more about the protocols running on the network. Wireshark is a useful tool to use for such monitoring.

    After soldering the Arduino pins and connecting the ENC28J60 module, there are several examples to play around with in the EtherCard library discussed in Step 8.

    If you are trying to use all the box items at the same time, here is a multi-step demo/experiment: Set up an Arduino sketch using the ENC28J60 (e.g., use one of the EtherCard example sketches) and then establish connection (according to whichever example you are running) over ENC28J60 Ethernet link from a computer (may require crossover adapter). Once that is working, plug the ENC28J60 Ethernet port up to one of the Ethernet ports on the WT3020, connect via WiFi from the computer to the WT3020, and now you should be able to access the Arduino sketch over a network including a wired and wireless link mediated by the WT3020. Finally, "open" the wired connection between the ENC28J60 module and the WT3020 and put the EtherTap inline allowing you to monitor exactly how the exchange is happening.

    0
    None
    Racer1TNHackerBoxes

    Reply 5 months ago

    Where can I find the pinouts to go from the ethernet ENC28J60 to the Nano? The pinouts listed on the EtherCard website are for an Arduino UNO.

    0
    None
    geoffreyspi

    5 months ago

    Does anybody know how to set up the WiFi connection to act as the WAN for the router? I am trying to create 3 connections & hopefully familiarity with known hotspots for internet:

    * WAN connection, but using the WiFi (connecting to another router's SSID, of course),
    * LAN connection also using WiFi (using my own SSID),
    * LAN wired connection on the LAN port, (easy & default, but here for completeness),
    * If the device is capable of this, does anyone know how to get it to automatically connect to familiar WiFi hotspots for the WAN connection, too?

    Basically, it's just what it looks like. I want to have a standard network setup, but use other WiFi hotspots for internet access.

    I kept thinking I was getting close by trying to setup 2 network connections on the radio. One connection for devices to connect to, which is easy. But, another connection for the router to use to connect to other routers, so it can use their internet connection. I'm wondering now if the router (the hardware, not the software side) is NOT capable of using the radio for more than one network at a time. If that is the case, I can just use another device to provide the WAN connection. But, it would be nice to use one router for all 3 connections.

    I've always been the figure-it-out-as-you-go type with networking. I usually keep trying until I get it to work, find another solution, or give up. So, if I sound like I don't know what I'm talking about, it's probably because I don't. :-)

    1 reply
    0
    None
    zal42geoffreyspi

    Reply 5 months ago

    The router can do what you want, with the caveat that the total bandwidth the radio is capable of will be divided between the two subnets. This is a decent guide for how to set it up: https://medium.com/openwrt-iot/openwrt-multiple-s...

    Although that covers configuring things through the command line, you can also set it up through the web interface.

    Note that both the subnets will work over the same WiFi channel, but they are logically separated by the router into two subnets (with two SSIDs).

    For extra fun, you can also use the QoS features to ensure that the subnet devoted to your internet feed never gets starved for bandwidth by someone doing something heavy on the other radio subnet.

    0
    None
    ibyte8bits

    6 months ago

    The Ether Card Library Readme on their webpage gives the wrong pin on the Nano for the CS on the Ether Card. The README.md in the library stipulates to use pin 10 instead of pin 8.

    0
    None
    TimGTech

    6 months ago

    Great box this month! Ironically I was thinking I needed to put a little kit like this together. Working in IT I am often times wearing the network engineer hat and this is the perfect compliment to Wireshark. Got the OpenWRT loaded. I wonder if DD-WRT will work on it? I have loaded that on many routers and just explodes the features and capabilites of a cheap router. More like what you would pay hundreds of dollas for.