--- - hosts: - 127.0.0.1 become: yes vars: pwn_hostname: "{{ lookup('env', 'PWN_HOSTNAME') | default('pwnagotchi', true) }}" pwn_version: "{{ lookup('env', 'PWN_VERSION') | default('master', true) }} " bettercap_query: "assets[?contains(name, 'armv6l')].browser_download_url" tasks: - name: selected hostname debug: msg: "{{ pwn_hostname }}" - name: build version debug: msg: "{{ pwn_version }}" - name: change hostname hostname: name: "{{pwn_hostname}}" - name: add hostname to /etc/hosts lineinfile: dest: /etc/hosts regexp: '^127\.0\.0\.1[ \t]+localhost' line: '127.0.0.1 localhost {{pwn_hostname}} {{pwn_hostname}}.local' state: present - name: Add re4son-kernel repo key apt_key: url: https://re4son-kernel.com/keys/http/archive-key.asc state: present - name: Add re4son-kernel repository apt_repository: repo: deb http://http.re4son-kernel.com/re4son/ kali-pi main state: present - name: update apt package cache apt: update_cache: yes - name: upgrade apt distro apt: upgrade: dist - name: install packages apt: name: "{{ packages }}" state: present vars: packages: - vim - screen - golang - git - build-essential - python3-pip - unzip - gawk - libopenmpi-dev - libatlas-base-dev - libjasper-dev - libqtgui4 - libqt4-test - libopenjp2-7 - tcpdump - lsof - libilmbase23 - libopenexr23 - libgstreamer1.0-0 - libavcodec58 - libavformat58 - libswscale5 - libpcap-dev - libusb-1.0-0-dev - libnetfilter-queue-dev - dphys-swapfile - kalipi-kernel - kalipi-bootloader - kalipi-re4son-firmware - kalipi-kernel-headers - libraspberrypi0 - libraspberrypi-dev - libraspberrypi-doc - libraspberrypi-bin - fonts-dejavu - fonts-dejavu-core - fonts-dejavu-extra - python3-crypto - python3-requests - python3-yaml - python3-smbus - python3-inkyphat - python3-numpy - python3-pil - python3-tweepy - python3-opencv - python3-termcolor - python3-astor - python3-backports.weakref - python3-keras-applications - python3-keras-preprocessing - python3-six - python3-protobuf - python3-wrapt - python3-wheel - python3-mock - name: configure dphys-swapfile file: path: /etc/dphys-swapfile content: "CONF_SWAPSIZE=1024" - name: disable unecessary services systemd: name: "{{services}}" state: stopped enabled: no vars: services: - apt-daily.timer - apt-daily.service - apt-daily-upgrade.timer - apt-daily-upgrade.service - bluetooth.service - triggerhappy.service - name: enable dphys-swapfile service systemd: name: dphys-swapfile.service state: started enabled: yes - name: acquire python3 pip target command: "python3 -c 'import sys;print(sys.path.pop())'" register: pip_target - name: install pip packages that are not architecture tied pip: name: "{{ packages }}" extra_args: "--no-deps --extra-index-url=https://www.piwheels.hostedpi.com/simple/ --prefer-binary --no-cache-dir --platform=armv6l --target={{ pip_target.stdout }}" vars: packages: - absl-py - enum34 - gast - google_pasta - opt_einsum - tensorboard - scapy - gym - stable-baselines - file_read_backwards - tensorflow_estimator - name: install grpcio command: "pip3 install --no-deps --extra-index-url=https://www.piwheels.hostedpi.com/simple/ --no-cache-dir --prefer-binary --platform=armv6l --only-binary=:all: --target={{ pip_target.stdout }} https://www.piwheels.hostedpi.com/simple/grpcio/grpcio-1.24.1-cp37-cp37m-linux_armv6l.whl" - name: install tensorflow command: "pip3 install --no-deps --extra-index-url=https://www.piwheels.hostedpi.com/simple/ --no-cache-dir --prefer-binary --platform=armv6l --only-binary=:all: --target={{ pip_target.stdout }} https://storage.googleapis.com/tensorflow/raspberrypi/tensorflow-1.14.0-cp34-none-linux_armv6l.whl" - name: fetch bettercap release information uri: url: https://api.github.com/repos/bettercap/bettercap/releases/latest return_content: yes register: bettercap_release - name: download and install bettercap unarchive: src: "{{ bettercap_release.content | from_json | json_query(bettercap_query) | first }}" dest: /usr/bin remote_src: yes exclude: - README.md - LICENSE.md mode: 0755 - name: clone bettercap caplets git: repo: https://github.com/bettercap/caplets.git dest: /tmp/caplets - name: install bettercap caplets make: chdir: /tmp/caplets target: install - name: clone pwnagotchi repository git: repo: https://github.com/evilsocket/pwnagotchi.git dest: /tmp/pwnagotchi - name: copy pwnagotchi files to final destination copy: src: /tmp/pwnagotchi/sdcard/rootfs/root/pwnagotchi/ dest: /root/pwnagotchi/ mode: preserve - name: remove pwnagotchi files from temporary repository file: path: /tmp/pwnagotchi state: absent - name: create cpuusage script copy: dest: /usr/bin/cpuusage mode: 0755 content: | #!/usr/bin/env bash while true do top -b -n1 | awk '/Cpu\(s\)/ { printf("%d %", $2 + $4 + 0.5) }' sleep 3 done - name: create memusage script copy: dest: /usr/bin/memusage mode: 0755 content: | #!/usr/bin/env bash free -m | awk '/Mem/ { printf( "%d %", $3 / $2 * 100 + 0.5 ) }' - name: create monstart script copy: dest: /usr/bin/monstart mode: 0755 content: | #!/usr/bin/env bash iw phy phy0 interface add mon0 type monitor && ifconfig mon0 up - name: create monstop script copy: dest: /usr/bin/monstop mode: 0755 content: | #!/usr/bin/env bash ifconfig mon0 down && iw dev mon0 del - name: configure rc.local blockinfile: path: /etc/rc.local insertbefore: "exit 0" block: | if ! /opt/vc/bin/tvservice -s | grep HDMI; then /opt/vc/bin/tvservice -o fi /root/pwnagotchi/scripts/startup.sh & - name: configure lo interface blockinfile: path: /etc/network/interfaces.d/lo-cfg create: yes block: | auto lo iface lo inet loopback - name: configure wlan interface blockinfile: path: /etc/network/interfaces.d/wlan0-cfg create: yes block: | allow-hotplug wlan0 iface wlan0 inet static - name: configure usb interface blockinfile: path: /etc/network/interfaces.d/usb0-cfg create: yes block: | allow-hotplug usb0 iface usb0 inet static address 10.0.0.2 netmask 255.255.255.0 network 10.0.0.0 broadcast 10.0.0.255 gateway 10.0.0.1 - name: configure eth0 interface (pi2/3/4) blockinfile: path: /etc/network/interfaces.d/eth0-cfg create: yes block: | allow-hotplug eth0 iface eth0 inet dhcp - name: enable ssh on boot file: path: /boot/ssh state: touch - name: adjust /boot/config.txt lineinfile: dest: /boot/config.txt insertafter: EOF line: '{{ item }}' with_items: - "dtoverlay=dwc2" - "dtparam=spi=on" - "dtoverlay=spi1-3cs" - "dtoverlay=pi3-disable-bt" - "dtparam=audio=off" - name: change root partition replace: dest: /boot/cmdline.txt backup: no regexp: "root=PARTUUID=[a-zA-Z0-9\\-]+" replace: "root=/dev/mmcblk0p2" - name: configure /boot/cmdline.txt lineinfile: path: /boot/cmdline.txt backrefs: True state: present backup: no regexp: '(.*)$' line: '\1 modules-load=dwc2,g_ether' - name: configure ssh lineinfile: dest: /etc/ssh/sshd_config backup: no regexp: '#?PermitRootLogin (.*)$' line: 'PermitRootLogin yes' - name: configure motd copy: dest: /etc/motd content: "(◕‿‿◕) {{pwn_hostname}} (pwnagotchi-{{pwn_version}})" - name: clean apt cache apt: autoclean: yes - name: remove dependencies that are no longer required apt: autoremove: yes - name: remove ssh keys file: state: absent path: "{{item}}" with_items: - /etc/ssh/ssh_host_rsa_key - /etc/ssh/ssh_host_rsa_key.pub - /etc/ssh/ssh_host_dsa_key - /etc/ssh/ssh_host_dsa_key.pub - /etc/ssh/ssh_host/ecdsa_key - /etc/ssh/ssh_host/ecdsa_key.pub - /etc/ssh/ssh_host_ed25519_key - /etc/ssh/ssh_host_ed25519_key.pub