Showing only posts tagged C. Show all posts.

Using Freedome with any OpenVPN client

How to use Freedome VPN without the official client on Android, Windows, Linux, FreeBSD, anything basically you can run OpenVPN on.

Preparation

Prerequisites you must download and install:

  1. Have Windows and the official client
  2. Download Wireshark and install it
  3. Download RawCap and install it
  4. Save the code below into openvpn.c and compile it for Windows ("MinGW" worked for me) and make sure to change the path to something you like

First steps

  1. Run Freedome, log in with your account
  2. Start RawCap with RawCap.exe 127.0.0.1 capture.pcap
  3. Reconnect and disconnect from the VPN
  4. Stop RawCap - capture.pcap file will now contain the password for your user's key, store it somewhere safe [![password screenshot]]
  5. Copy the openvpn.c file you compiled as openvpn.exe to C:Program Files (x86)F-SecureFreedomeFreedome1x64` and `C:Program Files (x86)F-SecureFreedomeFreedome1`, you might also want to back up previous `openvpn.exe
  6. Reconnect and disconnect from the VPN
  7. The folder specified in openvpn.c now contains the openvpn configuration file
  8. Get the keys in C:ProgramDataF-SecureFreedomekeys

Creating the configuration file

  1. You have to remove STX characters from the captured output
  2. Find the second </connection> tag and delete everything after it
  3. Remove empty lines before </ca>
  4. Remove all lines that start with management
  5. Remove block-outside-dns
  6. Replace cert [path] with where your client.crt is
  7. Place your password in a file of your choosing and add the line askpass [your file's name] to have it autologin to the VPN (You might also want to chmod 600 the file

Summary

In your OpenVPN folder you should have an openvpn configuration file, your client.crt and your password in a file.

Make sure the remote address (freedome-fi-gw.freedome-vpn.net) and the port (2745) is what you want to use, you can also see that in the TCP stream. If you don't want to use the Finnish gateway then feel free to sniff out other gateways, I suspect changing the two-letter code is enough...

openvpn.c

Take this code and put it inside the main function

char ch;
          FILE * fp = fopen("openvpn.cfg", "w");

          while(read(STDIN_FILENO, &ch, 1) > 0) {
              fwrite(ch, 1, sizeof(ch), fp);
          }

          fclose(fp);

Example configuration

If you have your private key, password, the CA cert already and the gateway you wish then you can replace values here .. code-block:

<ca>PLACE THE CA CERT HERE!!!!!!</ca>
          <key>PLACE YOUR KEY HERE!!!!!!!</key>
          cert client.crt
          askpass client.pass
          verb 4
          client
          dev tun
          suppress-timestamps
          preresolve
          route-delay 0 12
          push-peer-info
          setenv UV_CLP peerid:2
          replay-window 512 15
          tcp-queue-limit 128
          nobind
          float
          resolv-retry 20
          server-poll-timeout 10
          persist-key
          mute-replay-warnings
          ns-cert-type server
          comp-lzo
          cipher AES-256-CBC
          auth SHA256
          route-nopull
          pull-filter ignore redirect-gateway
          <connection>
          fragment 1400
          remote PLACE THE GATEWAY DOMAIN NAME HERE PORT udp
          proto udp
          explicit-exit-notify 1
          </connection>
          <connection>
          remote PLACE THE SECOND GATEWAY DOMAIN NAME HERE AND SECOND PORT tcp
          proto tcp-client
          </connection>