-
Notifications
You must be signed in to change notification settings - Fork 70
Windows
The framework should work on any Windows versions after Windows XP, but it was only tested on Windows 10 and Windows Server 2012 R2 - feedbacks are appreciated about other versions.
Windows does not have any default TAP/TUN devices, so we need to use the OpenVPN project's one (TAP-Windows NDIS 6), that can be downloaded from here at the bottom, or you can compile it yourself after grabbing the source from here.
You need to run the tool and all commands below as Administrator.
In case you have already installed Python 2.7, pip and of course cloned the appropriate branch to your computer, then it is kind of easy to set up the tool. There are a few more steps, but do not worry at all.
Then install the requirements with pip:
# pip install -r requirements_win.txt
And finally install OpenVPN's TAP Driver (Tap-Windows NDIS 6) that can be downloaded from here: OpenVPN TAP-Windows
Enable IP forwarding as Administrator:
reg add HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /t REG_DWORD /v IPEnableRouter /d 1 /f
Next, the NAT'ing have to be set up. This has to be done differently, depending on whether you are using Windows or Windows Servers:
- Set Routing and Remote Access service's Startup type to Automatic
- Start the Routing and Remote Access service
- Go to the Network Adapter Settings
- Select the interface that has Internet access and will be used for routing packets (usually Ethernet)
- Right click, Properties, Sharing tab, and check the "Allow other network users to connect through this computer's Internet connection"
- Make sure that the interface have proper settings, the original IP address, the DNS is working and the computer still has Internet access
- Add Routing role under Remote Services (this will install a lot other things like IIS)
- Go to Administrative Tools and select Routing and Remote Access
- Right click on your server's name in the list on the left, select Configure and Enable Routing and Remote Access
- Select Network address translation (NAT)
- Select the interface that has Internet access
- DNS and DHCP: I will set up name and address services later
- Finish and it should be good to go.
After you have done the configuration below as well, you need to start the framework as Administrator in server mode as follows:
# python xfltreat.py
In client mode, there is not much to configure on the operating system, but the configuration file (xfltreat.conf) should match the configuration of the server side (module ports, authentication/encryption key etc.).
After you have done the configuration below as well, you need to start the framework as Administrator in client mode as follows:
# python xfltreat.py --client
To configure the transport, encryption and authentication modules read the Configuration article.
Unfortunately sometimes pip does not install the packages properly. In case there is an error about loading DLLs, like this:
Traceback (most recent call last):
File ".\xfltreat.py", line 322, in <module>
xfltreat.run(sys.argv[1:])
File ".\xfltreat.py", line 214, in run
interface = Interface()
File "Y:\xfltreat\interface.py", line 67, in __init__
OSFP_table[os_type][0]()
File "Y:\xfltreat\interface.py", line 473, in win_init
import win32file
ImportError: DLL load failed: The specified module could not be found.
Then the solution is to call the post install script:
python scripts\pywin32_postinstall.py -install
XFLTReaT 2017-2020 Balazs Bucsay @xoreipeip
- Home - Introduction to XFLTReaT
- The framework - The framework explained
- Installation - How to install the tool
- Configuration - How to configure the framework
- Operating System support - See the supported Operating Systems
- Transport modules - Explanation of the transport modules
- Authentication modules - Explanation of the authentication modules
- Encryption modules - Explanation of the encryption modules
- Use Cases - Examples use cases
- Development - How to develop for the framework