Giters

KasperskyLab / TinyCheck

TinyCheck allows you to easily capture network communications from a smartphone or any device which can be associated to a Wi-Fi access point in order to quickly analyze them. This can be used to check if any suspect or malicious communication is outgoing from a smartphone, by using heuristics or specific Indicators of Compromise (IoCs). In order to make it working, you need a computer with a Debian-like operating system and two Wi-Fi interfaces. The best choice is to use a Raspberry Pi (2+) a Wi-Fi dongle and a small touch screen. This tiny configuration (for less than $50) allows you to tap any Wi-Fi device, anywhere.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Issues while installing TinyCheck on a fresh Ubuntu 20.04. live usb

reetuh797 opened this issue · comments

commented

Hello,

I have a couple of issues. Please help. If you can answer in detail, that would be helpful, as I'am not experienced with terminal or IT in general.

I'm using:

a mobile hotspot,
a laptop PC with an inbuilt router, that doesn't support AP mode,
and a TPLink N 300 adapter, which does support Soft-AP as the main source of internet.

Context:

After finally managing to install TinyCheck, I couldn't connect nor to the frontend nor to the backend. I tried to reinstall - I uninstalled TinyCheck, found this answer and installed by myself nodejs, and then tried reinstalling TinyCheck hoping to find instructions and follow the aforementioned advice, but now I see that a the moment the installation is building in the right directories ... I hadn't checked that before, so installing nodejs beforehand wasn't necessary as I understand now.

Anyways, I now get the following two issues A and B:

A. Deprecation warnings, before the installation proceeds. I don't remember, if I had them pop up the last time, maybe not, because nodejs was being installed properly as a part of the TinyCheck installation process.

The Warnings:
1)
"```
DEPRECATION WARNING
Node.js 14.x is no longer actively supported!You will not receive security or critical stability updates for this version.You should migrate to a supported version of Node.js as soon as possible.Use the installation script that corresponds to the version of Node.js youwish to install. e.g.* https://deb.nodesource.com/setup_16.x — Node.js 16 "Gallium"* https://deb.nodesource.com/setup_18.x — Node.js 18 LTS "Hydrogen" (recommended)* https://deb.nodesource.com/setup_19.x — Node.js 19 "Nineteen"* https://deb.nodesource.com/setup_20.x — Node.js 20 "Iron" (current)Please see https://github.com/nodejs/Release for details about whichversion may be appropriate for you.The NodeSource Node.js distributions repository containsinformation both about supported versions of Node.js and supported Linuxdistributions. To learn more about usage, see the repository:https://github.com/nodesource/distributions


2) "`SCRIPT DEPRECATION WARNING This script, located at https://deb.nodesource.com/setup_X, used toinstall Node.js is deprecated now and will eventually be made inactive.Please visit the NodeSource distributions Github and follow theinstructions to migrate your repo.https://github.com/nodesource/distributionsThe NodeSource Node.js Linux distributions GitHub repository containsinformation about which versions of Node.js and which Linux distributionsare supported and how to install it.https://github.com/nodesource/distributionsSCRIPT DEPRECATION WARNING`"

B. nmp audit warnings and fix'es , which I remember seeing the last time:

The fix'es:

"```
found 198 vulnerabilities (2 low, 89 moderate, 83 high, 24 critical)
  run `npm audit fix` to fix them, or `npm audit` for details
npm WARN deprecated @babel/plugin-proposal-class-properties@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-class-properties instead.
npm WARN deprecated chokidar@2.1.8: Chokidar 2 does not receive security updates since 2019. Upgrade to chokidar 3 with 15x fewer dependencies
npm WARN deprecated fsevents@1.2.13: The v1 package contains DANGEROUS / INSECURE binaries. Upgrade to safe fsevents v2
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@^1.2.7 (node_modules/webpack-dev-server/node_modules/chokidar/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN @babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining@7.23.3 requires a peer of @babel/core@^7.13.0 but none is installed. You must install peer dependencies yourself
npm WARN @babel/plugin-transform-class-static-block@7.23.4 requires a peer of @babel/core@^7.12.0 but none is installed. You must install peer dependencies yourself.
npm WARN @kaspersky/tinycheck-backend@0.1.0 No repository field.
npm WARN @kaspersky/tinycheck-backend@0.1.0 No license field.
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/watchpack-chokidar2/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
```"

  [....] ```
"╭────────────────────────────────────────────────────────────────╮
   │                                                                │
   │      New major version of npm available! 6.14.18 → 10.2.5      │
   │   Changelog: https://github.com/npm/cli/releases/tag/v10.2.5   │
   │               Run npm install -g npm to update!                │
   │                                                                │
   ╰────────────────────────────────────────────────────────────────╯

> @kaspersky/tinycheck-backend@0.1.0 build /usr/share/tinycheck/app/backend
> vue-cli-service build

"
[...]

The same npm warnings are displayed while building the frontend.

Here, I also think that the outdated npm is due to me installing nodejs by myself, so that's on me, but I suspect that the connection problem might e related to the issues detected during npm audit. Might that be true?

(Sorry if I'm writing non-sense).

Current state:
Otherwise all of the boxes were checked green during the installation. And the system reboots.

I will update.

UPDATE:

http://tinycheck.local and https://tinycheck.local as well as IP are still unable to connect. (The last time I had at least goten to entering my username and password for the backend...)

Tried updating, got:

'cd /usr/share/tinycheck/ && sudo bash update.sh
[+] Cloning the current repository to /tmp/
Cloning into 'tinycheck'...
fatal: unable to access 'https://github.com/KasperskyLab/tinycheck/': gnutls_handshake() failed: The TLS connection was non-properly terminated.
update.sh: line 11: cd: /tmp/tinycheck: No such file or directory'

Tried stpping/starting frontend, got:

tinycheck-frontend.service - TinyCheck frontend service
     Loaded: loaded (/lib/systemd/system/tinycheck-frontend.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Sun 2023-12-10 12:55:44 EET; 3h 50min ago
    Process: 1888 ExecStart=/usr/bin/python3 /usr/share/tinycheck/server/frontend/main.py (code=exited, status=1/FAILURE)
   Main PID: 1888 (code=exited, status=1/FAILURE)

Tried stopping/starting backend, got notifications about conflict of flask dependencies.
Had to reinstall in the following order:

pip install flask==2.0.3 --force-reinstall
pip install werkzeug==2.0.3 --force-reinstall
pip install itsdangerous==3.0.3 --force-reinstall

Then the backend connected, it offered it's own IP address, not the ones mentioned in the wiki, but based on my hotspot's device's IP.

Then I stopped/started the frontend in a second terminal, it gave out an error message, but also offered a server IP and connected.

Error:
`/bin/sh: 1: nft: not found
/bin/sh: 1: nft: not found
/bin/sh: 1: nft: not found
/bin/sh: 1: nft: not found
/bin/sh: 1: nft: not found

  • Serving Flask app 'main' (lazy loading)
  • Environment: production
    WARNING: This is a development server. Do not use it in a production deployment.
    Use a production WSGI server instead.
    `
commented

I managed to get up until connecting to the ephemeral network. When it gets created my internet connection disappears and my WIFI icon turns green. When I scan the QR code after some time my computer gets back online, the connected phone stays offline. One time the program even started the analysis, but then the phone went offline.

I think the problem is that the program is reading my inbuilt router s the wireless interface and my usb adapter as the internet interface and it may need to be the other way around, because the inbuilt router doesn't support AP, while as it turns out it does support master mode.

@EvgenyAblesov, you have been active here recently, so if I may ask, perhaps you know how to change the devices? Or what the issue might be here? (Backend doesn't allow me to choose anything else for the WiFi interface than my inbuilt router).
Sorry to be bothersome. I really need help.

commented
commented

@EvgenyAblesov
Huge thanks for answering my question! I will be happy for any help you have time for.

It is only thanks to the answers here and in the ubuntu community, I only had to struggle through pasting the code and hoping for the best.
I understand that the program wasn't made for these devices. But there isn't another option available. Except maybe the MVT, which I haven't tried yet.

Best regards,
ReeTuh