pwnagotchi/builder/data/usr/bin/pwnlib

#!/usr/bin/env bash

# well ... it blinks the led
blink_led() {
  for i in $(seq 1 "$1"); do
    echo 0 >/sys/class/leds/led0/brightness
    sleep 0.3
    echo 1 >/sys/class/leds/led0/brightness
    sleep 0.3
  done
  echo 0 >/sys/class/leds/led0/brightness
  sleep 0.3
}

# starts mon0
start_monitor_interface() {
  iw phy phy0 interface add mon0 type monitor && ifconfig mon0 up
}

# stops mon0
stop_monitor_interface() {
  ifconfig mon0 down && iw dev mon0 del
}

# returns 0 if the specificed network interface is up
is_interface_up() {
  if grep -qi 'up' /sys/class/net/$1/operstate; then
    return 0
  fi
  return 1
}

# returns 0 if conditions for AUTO mode are met
is_auto_mode() {
  # check override file first
  if [ -f /root/.pwnagotchi-manual ]; then
    # remove the override file if found
    rm -rf /root/.pwnagotchi-manual
    return 1
  fi

  # check override file first
  if [ -f /root/.pwnagotchi-auto ]; then
    # remove the override file if found
    rm -rf /root/.pwnagotchi-auto
    return 0
  fi

  # if usb0 is up, we're in MANU
  if is_interface_up usb0; then
    return 1
  fi

  # if eth0 is up (for other boards), we're in MANU
  if is_interface_up eth0; then
    return 1
  fi

  # no override, but none of the interfaces is up -> AUTO
  return 0
}

# returns 0 if conditions for AUTO mode are met
is_auto_mode_no_delete() {
  # check override file first
  if [ -f /root/.pwnagotchi-manual ]; then
    return 1
  fi

  # check override file first
  if [ -f /root/.pwnagotchi-auto ]; then
    return 0
  fi

  # if usb0 is up, we're in MANU
  if is_interface_up usb0; then
    return 1
  fi

  # if eth0 is up (for other boards), we're in MANU
  if is_interface_up eth0; then
    return 1
  fi

  # no override, but none of the interfaces is up -> AUTO
  return 0
}

# check if we need to decrypt something
is_crypted_mode() {
  if [ -f /root/.pwnagotchi-crypted ]; then
    return 0
  fi
  return 1
}

# decryption loop
is_decrypted() {
  while read -r mapping container mount; do
    # mapping   = name the device or file will be mapped to
    # container = the luks encrypted device or file
    # mount     = the mountpoint

    # fail if not mounted
    if ! mountpoint -q "$mount" >/dev/null 2>&1; then
      if [ -f /tmp/.pwnagotchi-secret ]; then
        </tmp/.pwnagotchi-secret read -r SECRET
        if ! test -b /dev/disk/by-id/dm-uuid-*"$(cryptsetup luksUUID "$container" | tr -d -)"*; then
          if echo -n "$SECRET" | cryptsetup luksOpen -d- "$container" "$mapping" >/dev/null 2>&1; then
            echo "Container decrypted!"

          fi
        fi

        if mount /dev/mapper/"$mapping" "$mount" >/dev/null 2>&1; then
            echo "Mounted /dev/mapper/$mapping to $mount"
            continue
        fi
      fi

      if ! ip -4 addr show wlan0 | grep inet >/dev/null 2>&1; then
        >/dev/null 2>&1 ip addr add 192.168.0.10/24 dev wlan0
      fi

      if ! pgrep -f decryption-webserver >/dev/null 2>&1; then
        >/dev/null 2>&1 decryption-webserver &
      fi

      if ! pgrep wpa_supplicant >/dev/null 2>&1; then
        >/tmp/wpa_supplicant.conf cat <<EOF
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
ap_scan=2

network={
    ssid="DECRYPT-ME"
    mode=2
    key_mgmt=WPA-PSK
    psk="pwnagotchi"
    frequency=2437
}
EOF
        >/dev/null 2>&1 wpa_supplicant -D nl80211 -i wlan0 -c /tmp/wpa_supplicant.conf &
      fi

      if ! pgrep dnsmasq >/dev/null 2>&1; then
        >/dev/null 2>&1 dnsmasq -k -p 53 -h -O "6,192.168.0.10" -A "/#/192.168.0.10" -i wlan0 -K -F 192.168.0.50,192.168.0.60,255.255.255.0,24h &
      fi

      return 1
    fi
  done </root/.pwnagotchi-crypted

  # overwrite password
  >/tmp/.pwnagotchi-secret python3 -c 'print("A"*4096)'
  sync # flush

  pkill wpa_supplicant
  pkill dnsmasq
  kill "$(pgrep -f "decryption-webserver")"

  return 0
}