---
- hosts:
- 127.0.0.1
become: yes
vars:
pwnagotchi:
hostname: "{{ lookup('env', 'PWN_HOSTNAME') | default('pwnagotchi', true) }}"
version: "{{ lookup('env', 'PWN_VERSION') | default('master', true) }}"
system:
boot_options:
- "dtoverlay=dwc2"
- "dtparam=spi=on"
- "dtoverlay=spi1-3cs"
services:
enable:
- dphys-swapfile.service
- pwnagotchi.service
- bettercap.service
disable:
- apt-daily.timer
- apt-daily.service
- apt-daily-upgrade.timer
- apt-daily-upgrade.service
- wpa_supplicant.service
- bluetooth.service
- triggerhappy.service
- ifup@wlan0.service
packages:
bettercap:
url: "https://github.com/bettercap/bettercap/releases/download/v2.25/bettercap_linux_armv6l_2.25.zip"
apt:
remove:
- rasberrypi-net-mods
- dhcpcd5
- triggerhappy
- wpa_supplicant
- nfs-common
install:
- vim
- screen
- golang
- git
- build-essential
- python3-pip
- python3-mpi4py
- unzip
- gawk
- libopenmpi-dev
- libatlas-base-dev
- libjasper-dev
- libqtgui4
- libqt4-test
- libopenjp2-7
- libtiff5
- tcpdump
- lsof
- libilmbase23
- libopenexr23
- libgstreamer1.0-0
- libavcodec58
- libavformat58
- libswscale5
- libpcap-dev
- libusb-1.0-0-dev
- libnetfilter-queue-dev
- libopenmpi3
- dphys-swapfile
- kalipi-kernel
- kalipi-bootloader
- kalipi-re4son-firmware
- kalipi-kernel-headers
- libraspberrypi0
- libraspberrypi-dev
- libraspberrypi-doc
- libraspberrypi-bin
- fonts-dejavu
- fonts-dejavu-core
- fonts-dejavu-extra
- python3-pil
tasks:
- name: selected hostname
debug:
msg: "{{ pwnagotchi.hostname }}"
- name: build version
debug:
msg: "{{ pwnagotchi.version }}"
- name: change hostname
hostname:
name: "{{pwnagotchi.hostname}}"
- name: add hostname to /etc/hosts
lineinfile:
dest: /etc/hosts
regexp: '^127\.0\.0\.1[ \t]+localhost'
line: '127.0.0.1 localhost {{pwnagotchi.hostname}} {{pwnagotchi.hostname}}.local'
state: present
- name: Add re4son-kernel repo key
apt_key:
url: https://re4son-kernel.com/keys/http/archive-key.asc
state: present
- name: Add re4son-kernel repository
apt_repository:
repo: deb http://http.re4son-kernel.com/re4son/ kali-pi main
state: present
- name: update apt package cache
apt:
update_cache: yes
- name: remove unecessary apt packages
apt:
name: "{{ packages.apt.remove }}"
state: absent
purge: yes
- name: upgrade apt distro
apt:
upgrade: dist
- name: install packages
apt:
name: "{{ packages.apt.install }}"
state: present
- name: configure dphys-swapfile
file:
path: /etc/dphys-swapfile
content: "CONF_SWAPSIZE=1024"
- name: acquire python3 pip target
command: "python3 -c 'import sys;print(sys.path.pop())'"
register: pip_target
- name: clone pwnagotchi repository
git:
repo: https://github.com/evilsocket/pwnagotchi.git
dest: /usr/local/src/pwnagotchi
- name: build pwnagotchi wheel
command: "python3 setup.py sdist bdist_wheel"
args:
chdir: /usr/local/src/pwnagotchi
- name: install opencv-python
pip:
name: "https://www.piwheels.hostedpi.com/simple/opencv-python/opencv_python-3.4.3.18-cp37-cp37m-linux_armv6l.whl"
extra_args: "--no-deps --no-cache-dir --platform=linux_armv6l --only-binary=:all: --target={{ pip_target.stdout }}"
- name: install tensorflow
pip:
name: "https://www.piwheels.hostedpi.com/simple/tensorflow/tensorflow-1.13.1-cp37-none-linux_armv6l.whl"
extra_args: "--no-deps --no-cache-dir --platform=linux_armv6l --only-binary=:all: --target={{ pip_target.stdout }}"
- name: install pwnagotchi wheel and dependencies
pip:
name: "{{ lookup('fileglob', '/usr/local/src/pwnagotchi/dist/pwnagotchi*.whl') }}"
extra_args: "--no-cache-dir"
- name: download and install bettercap
unarchive:
src: "{{ packages.bettercap.url }}"
dest: /usr/bin
remote_src: yes
exclude:
- README.md
- LICENSE.md
mode: 0755
- name: clone bettercap caplets
git:
repo: https://github.com/bettercap/caplets.git
dest: /tmp/caplets
- name: install bettercap caplets
make:
chdir: /tmp/caplets
target: install
- name: install bettercap http ui
command: "/usr/bin/bettercap -eval 'caplets.update; ui.update; q'"
- name: create cpuusage script
copy:
dest: /usr/bin/cpuusage
mode: 0755
content: |
#!/usr/bin/env bash
while true
do
top -b -n1 | awk '/Cpu\(s\)/ { printf("%d %", $2 + $4 + 0.5) }'
sleep 3
done
- name: create memusage script
copy:
dest: /usr/bin/memusage
mode: 0755
content: |
#!/usr/bin/env bash
free -m | awk '/Mem/ { printf( "%d %", $3 / $2 * 100 + 0.5 ) }'
- name: create bootblink script
copy:
dest: /usr/bin/bootblink
mode: 0755
content: |
#!/usr/bin/env bash
for i in $(seq 1 "$1");
do
echo 0 >/sys/class/leds/led0/brightness
sleep 0.3
echo 1 >/sys/class/leds/led0/brightness
sleep 0.3
done
echo 0 >/sys/class/leds/led0/brightness
sleep 0.3
- name: create pwnagotchi-launcher script
copy:
dest: /usr/bin/pwnagotchi-launcher
mode: 0755
content: |
#!/usr/bin/env bash
# blink 10 times to signal ready state
/usr/bin/bootblink 10 &
# start a detached screen session with bettercap
if ifconfig | grep usb0 | grep RUNNING; then
# if override file exists, go into auto mode
if [ -f /root/.pwnagotchi-auto ]; then
rm /root/.pwnagotchi-auto
/usr/local/bin/pwnagotchi
else
/usr/local/bin/pwnagotchi --manual
fi
else
/usr/local/bin/pwnagotchi
fi
- name: create bettercap-launcher script
copy:
dest: /usr/bin/bettercap-launcher
mode: 0755
content: |
#!/usr/bin/env bash
# blink 10 times to signal ready state
/usr/bin/bootblink 10 &
if ifconfig | grep usb0 | grep RUNNING; then
# if override file exists, go into auto mode
if [ -f /root/.pwnagotchi-auto ]; then
rm /root/.pwnagotchi-auto
/usr/bin/bettercap -no-colors -caplet pwnagotchi-auto
else
/usr/bin/bettercap -no-colors -caplet pwnagotchi-manual
fi
else
/usr/bin/bettercap -no-colors -caplet pwnagotchi-auto
fi
- name: create monstart script
copy:
dest: /usr/bin/monstart
mode: 0755
content: |
#!/usr/bin/env bash
iw phy phy0 interface add mon0 type monitor && ifconfig mon0 up
- name: create monstop script
copy:
dest: /usr/bin/monstop
mode: 0755
content: |
#!/usr/bin/env bash
ifconfig mon0 down && iw dev mon0 del
- name: create hdmion script
copy:
dest: /usr/bin/hdmion
mode: 0755
content: |
#!/usr/bin/env bash
sudo /opt/vc/bin/tvservice -p
- name: create hdmioff script
copy:
dest: /usr/bin/hdmioff
mode: 0755
content: |
#!/usr/bin/env bash
sudo /opt/vc/bin/tvservice -o
- name: add HDMI powersave to rc.local
blockinfile:
path: /etc/rc.local
insertbefore: "exit 0"
block: |
if ! /opt/vc/bin/tvservice -s | grep HDMI; then
/opt/vc/bin/tvservice -o
fi
- name: create /etc/pwnagotchi/config.yml
blockinfile:
path: /etc/pwnagotchi/config.yml
create: yes
block: |
# put here your custom configuration overrides
- name: configure lo interface
blockinfile:
path: /etc/network/interfaces.d/lo-cfg
create: yes
block: |
auto lo
iface lo inet loopback
- name: configure wlan interface
blockinfile:
path: /etc/network/interfaces.d/wlan0-cfg
create: yes
block: |
allow-hotplug wlan0
iface wlan0 inet static
- name: configure usb interface
blockinfile:
path: /etc/network/interfaces.d/usb0-cfg
create: yes
block: |
allow-hotplug usb0
iface usb0 inet static
address 10.0.0.2
netmask 255.255.255.0
network 10.0.0.0
broadcast 10.0.0.255
gateway 10.0.0.1
- name: configure eth0 interface (pi2/3/4)
blockinfile:
path: /etc/network/interfaces.d/eth0-cfg
create: yes
block: |
allow-hotplug eth0
iface eth0 inet dhcp
- name: enable ssh on boot
file:
path: /boot/ssh
state: touch
- name: adjust /boot/config.txt
lineinfile:
dest: /boot/config.txt
insertafter: EOF
line: '{{ item }}'
with_items:
- "{{system.boot_options}}"
- name: change root partition
replace:
dest: /boot/cmdline.txt
backup: no
regexp: "root=PARTUUID=[a-zA-Z0-9\\-]+"
replace: "root=/dev/mmcblk0p2"
- name: configure /boot/cmdline.txt
lineinfile:
path: /boot/cmdline.txt
backrefs: True
state: present
backup: no
regexp: '(.*)$'
line: '\1 modules-load=dwc2,g_ether'
- name: configure motd
copy:
dest: /etc/motd
content: "(◕‿‿◕) {{pwnagotchi.hostname}} (pwnagotchi-{{pwnagotchi.version}})"
- name: clean apt cache
apt:
autoclean: yes
- name: remove dependencies that are no longer required
apt:
autoremove: yes
- name: add bettercap service to systemd
copy:
dest: /etc/systemd/system/bettercap.service
content: |
[Unit]
Description=bettercap api.rest service.
Documentation=https://bettercap.org
Wants=network.target
After=network.target
[Service]
Type=simple
PermissionsStartOnly=true
ExecStart=/usr/local/bin/bettercap-launcher
Restart=always
RestartSec=30
[Install]
WantedBy=multi-user.target
notify:
- reload systemd services
- name: add pwnagotchi service to systemd
copy:
dest: /etc/systemd/system/pwnagotchi.service
content: |
[Unit]
Description=pwnagotchi Deep Reinforcement Learning instrumenting bettercap for WiFI pwning.
Documentation=https://pwnagotchi.ai
Wants=network.target
After=bettercap.service
[Service]
Type=simple
PermissionsStartOnly=true
ExecStart=/usr/bin/pwnagotchi-launcher
Restart=always
RestartSec=30
[Install]
WantedBy=multi-user.target
notify:
- reload systemd services
- name: enable services
systemd:
name: "{{ item }}"
state: started
enabled: yes
with_items: "{{ services.enable }}"
- name: disable unecessary services
systemd:
name: "{{ item }}"
state: stopped
enabled: no
with_items: "{{ services.disable }}"
- name: remove ssh keys
file:
state: absent
path: "{{item}}"
with_fileglob:
- "/etc/ssh/ssh_host*_key*"
handlers:
- name: reload systemd services
systemd:
daemon_reload: yes