scifijunkie/pwnagotchi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

merge

Browse Source
This commit is contained in:
Simone Margaritelli 2019-09-27 16:18:19 +02:00
commit 0cf80ee8d5
2 changed files with 87 additions and 46 deletions

17
README.md

@ -48,13 +48,14 @@ You can use the `scripts/create_sibling.sh` script to create an - ready to flash
usage: ./scripts/create_sibling.sh [OPTIONS] usage: ./scripts/create_sibling.sh [OPTIONS]
Options: Options:
-n <name> # Name of the pwnagotchi (default: pwnagotchi) -n <name> # Name of the pwnagotchi (default: pwnagotchi)
-i <file> # Provide the path of an already downloaded raspbian image -i <file> # Provide the path of an already downloaded raspbian image
-o <file> # Name of the img-file (default: pwnagotchi.img) -o <file> # Name of the img-file (default: pwnagotchi.img)
-s <size> # Size which should be added to second partition (in Gigabyte) (default: 4) -s <size> # Size which should be added to second partition (in Gigabyte) (default: 4)
-p # Only run provisioning (assumes the image is already mounted) -v <version> # Version of raspbian (Supported: latest; default: latest)
-d # Only run dependencies checks -p # Only run provisioning (assumes the image is already mounted)
-h # Show this help -d # Only run dependencies checks
-h # Show this help
``` ```
#### Host Connection Share #### Host Connection Share
@ -81,7 +82,7 @@ The UI is available either via display if installed, or via http://pwnagotchi.lo
- `/var/log/pwnagotchi.log` is your friend. - `/var/log/pwnagotchi.log` is your friend.
- if connected to a laptop via usb data port, with internet connectivity shared, magic things will happen. - if connected to a laptop via usb data port, with internet connectivity shared, magic things will happen.
- checkout the `ui.video` section of the `config.yml` - if you don't want to use a display, you can connect to it with the browser and a cable. - checkout the `ui.video` section of the `config.yml` - if you don't want to use a display, you can connect to it with the browser and a cable.
- If you get `[FAILED] Failed to start Remount Root and Kernel File Systems.` while booting pwnagotchi, make sure - If you get `[FAILED] Failed to start Remount Root and Kernel File Systems.` while booting pwnagotchi, make sure
the `PARTUUID`s for `rootfs` and `boot` partitions are the same in `/etc/fstab`. Use `sudo blkid` to find those values when you are using `create_sibling.sh`. the `PARTUUID`s for `rootfs` and `boot` partitions are the same in `/etc/fstab`. Use `sudo blkid` to find those values when you are using `create_sibling.sh`.
## License ## License

116
scripts/create_sibling.sh

@ -16,6 +16,9 @@ PWNI_SIZE="4"
OPT_PROVISION_ONLY=0 OPT_PROVISION_ONLY=0
OPT_CHECK_DEPS_ONLY=0 OPT_CHECK_DEPS_ONLY=0
OPT_IMAGE_PROVIDED=0 OPT_IMAGE_PROVIDED=0
OPT_RASPBIAN_VERSION='latest'
SUPPORTED_RASPBIAN_VERSIONS=( 'latest' 'buster' 'stretch' )
if [[ "$EUID" -ne 0 ]]; then if [[ "$EUID" -ne 0 ]]; then
echo "Run this script as root!" echo "Run this script as root!"
@ -44,9 +47,23 @@ function check_dependencies() {
} }
function get_raspbian() { function get_raspbian() {
VERSION="$1"
case "$VERSION" in
latest)
URL="https://downloads.raspberrypi.org/raspbian_lite_latest"
;;
buster)
URL="https://downloads.raspberrypi.org/raspbian/images/raspbian-2019-07-12/2019-07-10-raspbian-buster.zip"
;;
stretch)
URL="https://downloads.raspberrypi.org/raspbian/images/raspbian-2019-04-09/2019-04-08-raspbian-stretch.zip"
;;
esac
echo "[+] Downloading raspbian.zip" echo "[+] Downloading raspbian.zip"
mkdir -p "${TMP_DIR}" mkdir -p "${TMP_DIR}"
wget --show-progress -qcO "${TMP_DIR}/raspbian.zip" "https://downloads.raspberrypi.org/raspbian_lite_latest" wget --show-progress -qcO "${TMP_DIR}/raspbian.zip" "$URL"
echo "[+] Unpacking raspbian.zip to raspbian.img" echo "[+] Unpacking raspbian.zip to raspbian.img"
gunzip -c "${TMP_DIR}/raspbian.zip" > "${TMP_DIR}/raspbian.img" gunzip -c "${TMP_DIR}/raspbian.zip" > "${TMP_DIR}/raspbian.img"
} }
@ -82,8 +99,6 @@ function setup_raspbian(){
mount --bind /sys "${MNT_DIR}/sys/" mount --bind /sys "${MNT_DIR}/sys/"
mount --bind /proc "${MNT_DIR}/proc/" mount --bind /proc "${MNT_DIR}/proc/"
mount --bind /dev/pts "${MNT_DIR}/dev/pts" mount --bind /dev/pts "${MNT_DIR}/dev/pts"
mount --bind /etc/ssl/certs "${MNT_DIR}/etc/ssl/certs"
mount --bind /etc/ca-certificates "${MNT_DIR}/etc/ca-certificates"
cp /usr/bin/qemu-arm-static "${MNT_DIR}/usr/bin" cp /usr/bin/qemu-arm-static "${MNT_DIR}/usr/bin"
} }
@ -94,12 +109,17 @@ function provision_raspbian() {
LANG=C chroot . bin/bash -x <<EOF LANG=C chroot . bin/bash -x <<EOF
set -eu set -eu
export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
uname -a
apt-get -y update apt-get -y update
apt-get -y upgrade apt-get -y upgrade
apt-get -y install git vim screen build-essential golang python3-pip apt-get -y install git vim screen build-essential golang python3-pip gawk
apt-get -y install libpcap-dev libusb-1.0-0-dev libnetfilter-queue-dev apt-get -y install libpcap-dev libusb-1.0-0-dev libnetfilter-queue-dev
apt-get -y install dphys-swapfile libopenmpi-dev libatlas-base-dev apt-get -y install dphys-swapfile libopenmpi-dev libatlas-base-dev
apt-get -y install libjasper-dev libqtgui4 libqt4-test apt-get -y install libjasper-dev libqtgui4 libqt4-test libopenjp2-7
apt-get -y install tcpdump libilmbase23 libopenexr23 libgstreamer1.0-0
apt-get -y install libavcodec58 libavformat58 libswscale5
# setup dphys-swapfile # setup dphys-swapfile
echo "CONF_SWAPSIZE=1024" >/etc/dphys-swapfile echo "CONF_SWAPSIZE=1024" >/etc/dphys-swapfile
@ -110,19 +130,32 @@ function provision_raspbian() {
git clone https://github.com/evilsocket/pwnagotchi.git git clone https://github.com/evilsocket/pwnagotchi.git
rsync -aP pwnagotchi/sdcard/boot/* /boot/ rsync -aP pwnagotchi/sdcard/boot/* /boot/
rsync -aP pwnagotchi/sdcard/rootfs/* / rsync -aP pwnagotchi/sdcard/rootfs/* /
rm -rf /tmp/pwnagotchi
# configure pwnagotchi # configure pwnagotchi
echo -e "$PWNI_NAME" > /etc/hostname echo -e "$PWNI_NAME" > /etc/hostname
sed -i "s@^127\.0\.0\.1 .*@127.0.0.1 localhost "$PWNI_NAME" "$PWNI_NAME".local@g" /etc/hosts sed -i "s@^127\.0\.0\.1 .*@127.0.0.1 localhost "$PWNI_NAME" "$PWNI_NAME".local@g" /etc/hosts
sed -i "s@pwnagotchi@$PWNI_NAME@g" /etc/motd sed -i "s@alpha@$PWNI_NAME@g" /etc/motd
chmod +x /etc/rc.local chmod +x /etc/rc.local
# need armv6l version of tensorflow and opencv-python, not armv7l
# PIP_OPTS="--upgrade --only-binary :all: --abi cp37m --platform linux_armv6l --target /usr/lib/python3.7/site-packages/"
# pip3 install \$PIP_OPTS opencv-python
# Should work for tensorflow too, but BUG: Hash mismatch; therefore:
wget -P /root/ -c https://www.piwheels.org/simple/tensorflow/tensorflow-1.13.1-cp37-none-linux_armv6l.whl
wget -P /root/ -c https://www.piwheels.org/simple/opencv-python/opencv_python-3.4.3.18-cp37-cp37m-linux_armv6l.whl
# we need to install these on first raspberry start...
sed -i '/startup\.sh/i pip3 install --no-deps --force-reinstall --upgrade /root/tensorflow-1.13.1-cp37-none-linux_armv6l.whl /root/opencv_python-3.4.3.18-cp37-cp37m-linux_armv6l.whl && rm /root/tensorflow-1.13.1-cp37-none-linux_armv6l.whl /root/opencv_python-3.4.3.18-cp37-cp37m-linux_armv6l.whl && sed -i "/tensorflow/d" /etc/rc.local' /etc/rc.local
# newer version is broken
pip3 install gast==0.2.2
</root/pwnagotchi/scripts/requirements.txt xargs -I{} --max-args=1 --max-procs="$(nproc)"\ </root/pwnagotchi/scripts/requirements.txt xargs -I{} --max-args=1 --max-procs="$(nproc)"\
pip3 install --trusted-host www.piwheels.org {} >/dev/null 2>&1 pip3 install {} >/dev/null 2>&1
# waveshare # waveshare
pip3 install --trusted-host www.piwheels.org spidev RPi.GPIO pip3 install spidev RPi.GPIO
# install bettercap # install bettercap
export GOPATH=/root/go export GOPATH=/root/go
@ -134,33 +167,32 @@ function provision_raspbian() {
git clone https://github.com/bettercap/caplets.git git clone https://github.com/bettercap/caplets.git
cd caplets cd caplets
make install make install
rm -rf /tmp/caplets
# monstart + monstop
cat <<"STOP" > /usr/bin/monstop
#!/bin/bash
interface=mon0
ifconfig \${interface} down
sleep 1
iw dev \${interface} del
STOP
cat <<"STOP" > /usr/bin/monstart
interface=mon0
echo "Bring up monitor mode interface \${interface}"
iw phy phy0 interface add \${interface} type monitor
ifconfig \${interface} up
if [ \$? -eq 0 ]; then
echo "started monitor interface on \${interface}"
fi
STOP
chmod +x /usr/bin/{monstart,monstop}
# Re4son-Kernel # Re4son-Kernel
echo "deb http://http.re4son-kernel.com/re4son/ kali-pi main" > /etc/apt/sources.list.d/re4son.list echo "deb http://http.re4son-kernel.com/re4son/ kali-pi main" > /etc/apt/sources.list.d/re4son.list
wget -O - https://re4son-kernel.com/keys/http/archive-key.asc | apt-key add - wget -O - https://re4son-kernel.com/keys/http/archive-key.asc | apt-key add -
apt update apt update
apt install -y kalipi-kernel kalipi-bootloader kalipi-re4son-firmware kalipi-kernel-headers libraspberrypi0 libraspberrypi-dev libraspberrypi-doc libraspberrypi-bin apt install -y kalipi-kernel kalipi-bootloader kalipi-re4son-firmware kalipi-kernel-headers libraspberrypi0 libraspberrypi-dev libraspberrypi-doc libraspberrypi-bin
# Fix PARTUUID
PUUID_ROOT="\$(blkid "\$(df / --output=source | tail -1)" | grep -Po 'PARTUUID="\K[^"]+')"
PUUID_BOOT="\$(blkid "\$(df /boot --output=source | tail -1)" | grep -Po 'PARTUUID="\K[^"]+')"
# sed regex info: search for line containing / followed by whitespace or /boot (second sed)
# in this line, search for PARTUUID= followed by letters, numbers or "-"
# replace that match with the new PARTUUID
sed -i "/\/[ ]\+/s/PARTUUID=[A-Za-z0-9-]\+/PARTUUID=\$PUUID_ROOT/g" /etc/fstab
sed -i "/\/boot/s/PARTUUID=[A-Za-z0-9-]\+/PARTUUID=\$PUUID_BOOT/g" /etc/fstab
sed -i "s/root=[^ ]\+/root=PARTUUID=\${PUUID_ROOT}/g" /boot/cmdline.txt
# delete keys
find /etc/ssh/ -name "ssh_host_*key*" -delete
# slows down boot
systemctl disable apt-daily.timer apt-daily.service apt-daily-upgrade.timer apt-daily-upgrade.service
EOF EOF
sed -i'' 's/^#//g' etc/ld.so.preload sed -i'' 's/^#//g' etc/ld.so.preload
cd "${REPO_DIR}" cd "${REPO_DIR}"
@ -175,20 +207,21 @@ function usage() {
usage: $0 [OPTIONS] usage: $0 [OPTIONS]
Options: Options:
-n <name> # Name of the pwnagotchi (default: pwnagotchi) -n <name> # Name of the pwnagotchi (default: pwnagotchi)
-i <file> # Provide the path of an already downloaded raspbian image -i <file> # Provide the path of an already downloaded raspbian image
-o <file> # Name of the img-file (default: pwnagotchi.img) -o <file> # Name of the img-file (default: pwnagotchi.img)
-s <size> # Size which should be added to second partition (in Gigabyte) (default: 4) -s <size> # Size which should be added to second partition (in Gigabyte) (default: 4)
-p # Only run provisioning (assumes the image is already mounted) -v <version> # Version of raspbian (Supported: $SUPPORTED_RASPBIAN_VERSIONS; default: latest)
-d # Only run dependencies checks -p # Only run provisioning (assumes the image is already mounted)
-h # Show this help -d # Only run dependencies checks
-h # Show this help
EOF EOF
exit 0 exit 0
} }
while getopts ":n:i:o:s:dph" o; do while getopts ":n:i:o:s:v:dph" o; do
case "${o}" in case "${o}" in
n) n)
PWNI_NAME="${OPTARG}" PWNI_NAME="${OPTARG}"
@ -209,6 +242,13 @@ while getopts ":n:i:o:s:dph" o; do
d) d)
OPT_CHECK_DEPS_ONLY=1 OPT_CHECK_DEPS_ONLY=1
;; ;;
v)
if [[ "${SUPPORTED_RASPBIAN_VERSIONS[*]}" =~ ${OPTARG} ]]; then
OPT_RASPBIAN_VERSION="${OPTARG}"
else
usage
fi
;;
h) h)
usage usage
;; ;;
@ -232,7 +272,7 @@ check_dependencies
if [[ "$OPT_IMAGE_PROVIDED" -eq 1 ]]; then if [[ "$OPT_IMAGE_PROVIDED" -eq 1 ]]; then
provide_raspbian provide_raspbian
else else
get_raspbian get_raspbian "$OPT_RASPBIAN_VERSION"
fi fi
setup_raspbian setup_raspbian