---
- hosts:
- 127.0.0.1
become: yes
vars:
pwn_hostname: "{{ lookup('env', 'PWN_HOSTNAME') | default('pwnagotchi', true) }}"
pwn_version: "{{ lookup('env', 'PWN_VERSION') | default('master', true) }} "
bettercap_query: "assets[?contains(name, 'armv6l')].browser_download_url"
tasks:
- name: selected hostname
debug:
msg: "{{ pwn_hostname }}"
- name: build version
debug:
msg: "{{ pwn_version }}"
- name: change hostname
hostname:
name: "{{pwn_hostname}}"
- name: add hostname to /etc/hosts
lineinfile:
dest: /etc/hosts
regexp: '^127\.0\.0\.1[ \t]+localhost'
line: '127.0.0.1 localhost {{pwn_hostname}} {{pwn_hostname}}.local'
state: present
- name: Add re4son-kernel repo key
apt_key:
url: https://re4son-kernel.com/keys/http/archive-key.asc
state: present
- name: Add re4son-kernel repository
apt_repository:
repo: deb http://http.re4son-kernel.com/re4son/ kali-pi main
state: present
- name: update apt package cache
apt:
update_cache: yes
- name: remove unecessary apt packages
apt:
name: "{{ packages }}"
state: absent
purge: yes
vars:
packages:
- rasberrypi-net-mods
- dhcpcd5
- triggerhappy
- wpa_supplicant
- nfs-common
- name: upgrade apt distro
apt:
upgrade: dist
- name: install packages
apt:
name: "{{ packages }}"
state: present
vars:
packages:
- vim
- screen
- golang
- git
- build-essential
- python3-pip
- unzip
- gawk
- libopenmpi-dev
- libatlas-base-dev
- libjasper-dev
- libqtgui4
- libqt4-test
- libopenjp2-7
- tcpdump
- lsof
- libilmbase23
- libopenexr23
- libgstreamer1.0-0
- libavcodec58
- libavformat58
- libswscale5
- libpcap-dev
- libusb-1.0-0-dev
- libnetfilter-queue-dev
- dphys-swapfile
- kalipi-kernel
- kalipi-bootloader
- kalipi-re4son-firmware
- kalipi-kernel-headers
- libraspberrypi0
- libraspberrypi-dev
- libraspberrypi-doc
- libraspberrypi-bin
- fonts-dejavu
- fonts-dejavu-core
- fonts-dejavu-extra
- python3-crypto
- python3-requests
- python3-yaml
- python3-smbus
- python3-inkyphat
- python3-numpy
- python3-pil
- python3-tweepy
- python3-opencv
- python3-termcolor
- python3-astor
- python3-backports.weakref
- python3-h5py
- python3-six
- python3-protobuf
- python3-wrapt
- python3-wheel
- python3-mock
- python3-scipy
- python3-cloudpickle
- name: configure dphys-swapfile
file:
path: /etc/dphys-swapfile
content: "CONF_SWAPSIZE=1024"
- name: disable unecessary services
systemd:
name: "{{services}}"
state: stopped
enabled: no
vars:
services:
- apt-daily.timer
- apt-daily.service
- apt-daily-upgrade.timer
- apt-daily-upgrade.service
- wpa_supplicant.service
- bluetooth.service
- triggerhappy.service
- ifup@wlan0.service
- name: enable dphys-swapfile service
systemd:
name: dphys-swapfile.service
state: started
enabled: yes
- name: enable gadget serial port service
systemd:
name: getty@ttyGS0.service
state: started
enabled: yes
- name: acquire python3 pip target
command: "python3 -c 'import sys;print(sys.path.pop())'"
register: pip_target
- name: install pip packages
pip:
name: "{{ packages }}"
extra_args: "--no-deps --extra-index-url=https://www.piwheels.hostedpi.com/simple/ --prefer-binary --no-cache-dir --platform=armv6l --target={{ pip_target.stdout }}"
vars:
packages:
- inky
- smbus2
- absl-py>=0.1.6
- enum34
- gast==0.2.2
- google_pasta
- opt_einsum
- scapy
- gym
- keras_applications>=1.0.6
- keras_preprocessing>=1.0.5
- stable-baselines
- file_read_backwards
- tensorflow_estimator>=1.14.0,<1.15.0
- tensorboard>=1.13.0,<1.14.0
- name: install grpcio
command: "pip3 install --no-deps --extra-index-url=https://www.piwheels.hostedpi.com/simple/ --no-cache-dir --prefer-binary --platform=armv6l --only-binary=:all: --target={{ pip_target.stdout }} https://www.piwheels.hostedpi.com/simple/grpcio/grpcio-1.24.1-cp37-cp37m-linux_armv6l.whl"
- name: install tensorflow
command: "pip3 install --no-deps --extra-index-url=https://www.piwheels.hostedpi.com/simple/ --no-cache-dir --prefer-binary --platform=armv6l --only-binary=:all: --target={{ pip_target.stdout }} https://www.piwheels.org/simple/tensorflow/tensorflow-1.13.1-cp37-none-linux_armv6l.whl"
- name: fetch bettercap release information
uri:
url: https://api.github.com/repos/bettercap/bettercap/releases/latest
return_content: yes
register: bettercap_release
- name: download and install bettercap
unarchive:
src: "{{ bettercap_release.content | from_json | json_query(bettercap_query) | first }}"
dest: /usr/bin
remote_src: yes
exclude:
- README.md
- LICENSE.md
mode: 0755
- name: clone bettercap caplets
git:
repo: https://github.com/bettercap/caplets.git
dest: /tmp/caplets
- name: install bettercap caplets
make:
chdir: /tmp/caplets
target: install
- name: clone pwnagotchi repository
git:
repo: https://github.com/evilsocket/pwnagotchi.git
dest: /tmp/pwnagotchi
- name: copy pwnagotchi files to final destination
copy:
src: /tmp/pwnagotchi/sdcard/rootfs/root/pwnagotchi/
dest: /root/pwnagotchi/
mode: preserve
- name: remove pwnagotchi files from temporary repository
file:
path: /tmp/pwnagotchi
state: absent
- name: create cpuusage script
copy:
dest: /usr/bin/cpuusage
mode: 0755
content: |
#!/usr/bin/env bash
while true
do
top -b -n1 | awk '/Cpu\(s\)/ { printf("%d %", $2 + $4 + 0.5) }'
sleep 3
done
- name: create memusage script
copy:
dest: /usr/bin/memusage
mode: 0755
content: |
#!/usr/bin/env bash
free -m | awk '/Mem/ { printf( "%d %", $3 / $2 * 100 + 0.5 ) }'
- name: create monstart script
copy:
dest: /usr/bin/monstart
mode: 0755
content: |
#!/usr/bin/env bash
iw phy phy0 interface add mon0 type monitor && ifconfig mon0 up
- name: create monstop script
copy:
dest: /usr/bin/monstop
mode: 0755
content: |
#!/usr/bin/env bash
ifconfig mon0 down && iw dev mon0 del
- name: configure rc.local
blockinfile:
path: /etc/rc.local
insertbefore: "exit 0"
block: |
if ! /opt/vc/bin/tvservice -s | grep HDMI; then
/opt/vc/bin/tvservice -o
fi
/root/pwnagotchi/scripts/startup.sh &
- name: configure lo interface
blockinfile:
path: /etc/network/interfaces.d/lo-cfg
create: yes
block: |
auto lo
iface lo inet loopback
- name: configure wlan interface
blockinfile:
path: /etc/network/interfaces.d/wlan0-cfg
create: yes
block: |
allow-hotplug wlan0
iface wlan0 inet static
- name: configure usb interface
blockinfile:
path: /etc/network/interfaces.d/usb0-cfg
create: yes
block: |
allow-hotplug usb0
iface usb0 inet static
address 10.0.0.2
netmask 255.255.255.0
network 10.0.0.0
broadcast 10.0.0.255
gateway 10.0.0.1
- name: configure eth0 interface (pi2/3/4)
blockinfile:
path: /etc/network/interfaces.d/eth0-cfg
create: yes
block: |
allow-hotplug eth0
iface eth0 inet dhcp
- name: enable ssh on boot
file:
path: /boot/ssh
state: touch
- name: adjust /boot/config.txt
lineinfile:
dest: /boot/config.txt
insertafter: EOF
line: '{{ item }}'
with_items:
- "dtoverlay=dwc2"
- "dtparam=spi=on"
- "dtoverlay=spi1-3cs"
- "dtoverlay=pi3-disable-bt"
- "dtparam=audio=off"
- name: change root partition
replace:
dest: /boot/cmdline.txt
backup: no
regexp: "root=PARTUUID=[a-zA-Z0-9\\-]+"
replace: "root=/dev/mmcblk0p2"
- name: configure /boot/cmdline.txt
lineinfile:
path: /boot/cmdline.txt
backrefs: True
state: present
backup: no
regexp: '(.*)$'
line: '\1 modules-load=dwc2,g_cdc'
- name: configure ssh
lineinfile:
dest: /etc/ssh/sshd_config
backup: no
regexp: '#?PermitRootLogin (.*)$'
line: 'PermitRootLogin yes'
- name: configure motd
copy:
dest: /etc/motd
content: "(◕‿‿◕) {{pwn_hostname}} (pwnagotchi-{{pwn_version}})"
- name: clean apt cache
apt:
autoclean: yes
- name: remove dependencies that are no longer required
apt:
autoremove: yes
- name: remove ssh keys
file:
state: absent
path: "{{item}}"
with_items:
- /etc/ssh/ssh_host_rsa_key
- /etc/ssh/ssh_host_rsa_key.pub
- /etc/ssh/ssh_host_dsa_key
- /etc/ssh/ssh_host_dsa_key.pub
- /etc/ssh/ssh_host/ecdsa_key
- /etc/ssh/ssh_host/ecdsa_key.pub
- /etc/ssh/ssh_host_ed25519_key
- /etc/ssh/ssh_host_ed25519_key.pub