scifijunkie/pwnagotchi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

support multiple passwords

Browse Source
This commit is contained in:
dadav 2020-04-15 16:05:56 +02:00
parent e53bdc46a4
commit 585b208e9e
2 changed files with 79 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
builder/data/usr/bin/decryption-webserver
View File

@ -1,35 +1,36 @@
#!/usr/bin/env python3 #!/usr/bin/env python3
from http.server import HTTPServer, BaseHTTPRequestHandler from http.server import HTTPServer, BaseHTTPRequestHandler
from urllib.parse import parse_qsl
HTML_FORM = """ _HTML_FORM_TEMPLATE = """
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<head> <head>
<title>Decryption</title> <title>Decryption</title>
<style> <style>
body { text-align: center; padding: 150px; } body {{ text-align: center; padding: 150px; }}
h1 { font-size: 50px; } h1 {{ font-size: 50px; }}
body { font: 20px Helvetica, sans-serif; color: #333; } body {{ font: 20px Helvetica, sans-serif; color: #333; }}
article { display: block; text-align: center; width: 650px; margin: 0 auto;} article {{ display: block; text-align: center; width: 650px; margin: 0 auto;}}
input { input {{
padding: 12px 20px; padding: 12px 20px;
margin: 8px 0; margin: 8px 0;
box-sizing: border-box; box-sizing: border-box;
border: 1px solid #ccc; border: 1px solid #ccc;
} }}
input[type=password] { input[type=password] {{
width: 75%; width: 75%;
font-size: 24px; font-size: 24px;
} }}
input[type=submit] { input[type=submit] {{
cursor: pointer; cursor: pointer;
width: 75%; width: 75%;
} }}
input[type=submit]:hover { input[type=submit]:hover {{
background-color: #d9d9d9; background-color: #d9d9d9;
} }}
</style> </style>
</head> </head>
<body> <body>
@ -39,7 +40,7 @@ HTML_FORM = """
<p>Please provide the decryption password.</p> <p>Please provide the decryption password.</p>
<div> <div>
<form action="/set-password" method="POST"> <form action="/set-password" method="POST">
<input type="password" id="password" name="password" value=""><br> {password_fields}
<input type="submit" value="Submit"> <input type="submit" value="Submit">
</form> </form>
</div> </div>
@ -48,6 +49,55 @@ HTML_FORM = """
</html> </html>
""" """
POST_RESPONSE = """
<!DOCTYPE html>
<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1">
<style>
/* Center the loader */
#loader {
position: absolute;
left: 50%;
top: 50%;
z-index: 1;
width: 150px;
height: 150px;
margin: -75px 0 0 -75px;
border: 16px solid #f3f3f3;
border-radius: 50%;
border-top: 16px solid #3498db;
width: 120px;
height: 120px;
-webkit-animation: spin 2s linear infinite;
animation: spin 2s linear infinite;
}
@-webkit-keyframes spin {
0% { -webkit-transform: rotate(0deg); }
100% { -webkit-transform: rotate(360deg); }
}
@keyframes spin {
0% { transform: rotate(0deg); }
100% { transform: rotate(360deg); }
}
#myDiv {
display: none;
text-align: center;
}
</style>
</head>
<body style="margin:0;">
<div id="loader"></div>
</body>
</html>
"""
HTML_FORM = None
class SimpleHTTPRequestHandler(BaseHTTPRequestHandler): class SimpleHTTPRequestHandler(BaseHTTPRequestHandler):
@ -59,13 +109,19 @@ class SimpleHTTPRequestHandler(BaseHTTPRequestHandler):
def do_POST(self): def do_POST(self):
content_length = int(self.headers['Content-Length']) content_length = int(self.headers['Content-Length'])
body = self.rfile.read(content_length) body = self.rfile.read(content_length)
for mapping, password in parse_qsl(body.decode('UTF-8')):
with open('/tmp/.pwnagotchi-secret-{}'.format(mapping), 'wt') as pwfile:
pwfile.write(password)
self.send_response(200) self.send_response(200)
self.end_headers() self.end_headers()
password = body.decode('UTF-8').split('=')[1] self.wfile.write(POST_RESPONSE.encode())
with open('/tmp/.pwnagotchi-secret', 'wt') as pwfile:
pwfile.write(password)
with open('/root/.pwnagotchi-crypted') as crypted_file:
mappings = [line.split()[0] for line in crypted_file.readlines()]
fields = ''.join(['<label for="{m}">Passphrase for {m}:</label>\n<input type="password" id="{m}" name="{m}" value=""><br>'.format(m=m)
for m in mappings])
HTML_FORM = _HTML_FORM_TEMPLATE.format(password_fields=fields)
httpd = HTTPServer(('0.0.0.0', 80), SimpleHTTPRequestHandler) httpd = HTTPServer(('0.0.0.0', 80), SimpleHTTPRequestHandler)
httpd.serve_forever() httpd.serve_forever()

11
builder/data/usr/bin/pwnlib
View File

@ -103,12 +103,11 @@ is_decrypted() {
# fail if not mounted # fail if not mounted
if ! mountpoint -q "$mount" >/dev/null 2>&1; then if ! mountpoint -q "$mount" >/dev/null 2>&1; then
if [ -f /tmp/.pwnagotchi-secret ]; then if [ -f /tmp/.pwnagotchi-secret-"$mapping" ]; then
</tmp/.pwnagotchi-secret read -r SECRET </tmp/.pwnagotchi-secret-"$mapping" read -r SECRET
if ! test -b /dev/disk/by-id/dm-uuid-*"$(cryptsetup luksUUID "$container" | tr -d -)"*; then if ! test -b /dev/disk/by-id/dm-uuid-*"$(cryptsetup luksUUID "$container" | tr -d -)"*; then
if echo -n "$SECRET" | cryptsetup luksOpen -d- "$container" "$mapping" >/dev/null 2>&1; then if echo -n "$SECRET" | cryptsetup luksOpen -d- "$container" "$mapping" >/dev/null 2>&1; then
echo "Container decrypted!" echo "Container decrypted!"
fi fi
fi fi
@ -151,8 +150,10 @@ EOF
fi fi
done </root/.pwnagotchi-crypted done </root/.pwnagotchi-crypted
# overwrite password # overwrite passwords
>/tmp/.pwnagotchi-secret python3 -c 'print("A"*4096)' python3 -c 'print("A"*4096)' | tee /tmp/.pwnagotchi-secret-* >/dev/null
# delete
rm /tmp/.pwnagotchi-secret-*
sync # flush sync # flush
pkill wpa_supplicant pkill wpa_supplicant