A method of running PPPwn on an OpenWRT-based router.
You can check to see if your router is supported here.
Once OpenWRT is installed, you will need to temporarily connect the router to the internet. You can do this in the LuCI web interface by following these steps:
WARNING: Ensure your br-lan
interface does not use the same subnet as your home network before joining as a client. Otherwise they will conflict.
Remote into your router through SSH
Download the project to your router:
opkg update
wget https://github.com/MODDEDWARFARE/PPPwn_WRT/raw/main/install.sh
chmod +x install.sh && . ./install.sh
Select your interface most common is br-lan
.
Select your firmware 11.00
, 10.00
or 9.00
.
You will be asked if you want to load PPPwn from the Web Interface. You should not use this option if you have limited storage space and are planning to load PPPwn on startup or with a button on the router.
You will be asked if you want to load the script on startup. If you select Y
for Yes you can edit this in future by editing the file: /etc/rc.local
.
You will be asked if you want to power down the router after loading the exploit. This feature may not work on some routers and could cause them to reboot instead. If any files do not download correctly during installation this option could also cause a boot loop.
You will be asked if you want to install nano. If you have limited storage space it's best to decline this option and use vi instead.
You can now run the script from the terminal by entering ./run.sh
or run it from the LuCI web interface by going to System > Custom Commands > PPPwn PS4 > Run.
(1-click WPS button to run "run.sh") or Triger the process killer (Hold 3 sec WPS button to run "kill.sh")
This method is a bit more involved than the previous one.
SSH into the router and navigate to cd /etc/rc.button
.
Type ls
to list available buttons.
Find a button you want to replace, e.g., wps
.
Edit the button script with:
nano wps
Look for the wps
button "released" code. It should look something like:
Delete everything inside the if
statement and replace it with the following command:
cd /root/PPPwn_WRT-main && ./run.sh
if [ "$SEEN" -ge 3 ] ; then
cd /root/PPPwn_WRT-main && ./kill.sh
else
cd /root/PPPwn_WRT-main && ./run.sh
fi
Example:
Now, when you press the wps
button, it will run the script.
If your router has LED indicators for wps
, power
, wlan
, etc., you can use them to indicate when the script is running.
Type ls /sys/class/leds/
to list available LEDs.
Choose an LED, e.g., red:info
.
Edit the script to change the LED behavior:
nano /root/PPPwn_WRT-main/run.sh
Replace green:wps
with red:info
in:
echo "heartbeat" > /sys/class/leds/green:wps/trigger
You can also change the LED behavior from heartbeat
to:
none
= offdefault-on
= always onheartbeat
= blinkingtimer
= time delay