diff --git a/.travis.yml b/.travis.yml index 145f3dde..ad7f7ca6 100644 --- a/.travis.yml +++ b/.travis.yml @@ -12,7 +12,7 @@ before_install: - sudo add-apt-repository "deb http://us-east-1.ec2.archive.ubuntu.com/ubuntu/ disco universe" - sudo apt-get update - sudo apt-get install qemu-user-static:i386 - + addons: apt: packages: @@ -20,6 +20,8 @@ addons: - aria2 - tree - python-requests + - python3 + - python3-pip script: mkdir images && sudo PATH=./node_modules/.bin:$PATH ./builder --noninteractive diff --git a/autorunonce b/autorunonce index c570d05b..ac54a949 100644 --- a/autorunonce +++ b/autorunonce @@ -65,6 +65,22 @@ enablecoralenviroboard="false" startcoralenvirodemo="false" +# pwnagotchi configuration +# start pwnagotchi: If true, starts the pwnagotchi services to attack wi-fi networks +# pwndisplay: type of dipslay for pwnagotchi to use [none, waveshare_2, waveshare_1, waveshare27inch, waveshare154inch, +# inky, papirus, oledhat, dfrobot] (default = waveshare_2) +# pwncolor: color of your display [black, blue, red, yellow] (default = black) +# pwnreport: determines what will report to pwnagotchi servers (not related to treehouses) +# [none, partial, full] (default = none) +# wifiname: Add any network you don't want pwnagotchi to attack +# Attention: When pwnagotchi is enabled, the wifi will not be available to connect to a router and therefore only "ethernet" +# network configuration will be enabled +wifiname='' +startpwnagotchi="false" +pwndisplay="waveshare_2" +pwncolor="black" +pwnreport="none" + # No need to edit below this line #----------------------------------------------------------------------------------------------------# @@ -124,6 +140,138 @@ if [ $starttor = "true" ]; then sleep 10 fi +# Configures pwnagotchi +# Creates services if pwnagotchi is enabled +if [ $startpwnagotchi = "true" ]; then + # Create bettercap service + cat < /etc/systemd/system/bettercap.service + [Unit] + Description=bettercap api.rest service. + Documentation=https://bettercap.org + Wants=network.target + After=pwngrid.service + + [Service] + Type=simple + PermissionsStartOnly=true + ExecStart=/usr/bin/bettercap-launcher + Restart=always + RestartSec=30 + + [Install] + WantedBy=multi-user.target + EOFA + + # Create bettercap launcher + cat < /usr/bin/bettercap-launcher + #!/usr/bin/env bash + /usr/bin/monstart + if [[ $(ifconfig | grep usb0 | grep RUNNING) ]] || [[ $(cat /sys/class/net/eth0/carrier) ]]; then + # if override file exists, go into auto mode + if [ -f /root/.pwnagotchi-auto ]; then + /usr/bin/bettercap -no-colors -caplet pwnagotchi-auto -iface mon0 + else + /usr/bin/bettercap -no-colors -caplet pwnagotchi-manual -iface mon0 + fi + else + /usr/bin/bettercap -no-colors -caplet pwnagotchi-auto -iface mon0 + fi + EOFB + + # Create pwngrid launcher + cat < /etc/systemd/system/pwngrid-peer.service + [Unit] + Description=pwngrid peer service. + Documentation=https://pwnagotchi.ai + Wants=network.target + + [Service] + Type=simple + PermissionsStartOnly=true + ExecStart=/usr/bin/pwngrid -keys /etc/pwnagotchi -address 127.0.0.1:8666 -client-token /root/.api-enrollment.json -wait -log /var/log/pwngrid-peer.log -iface mon0 + Restart=always + RestartSec=30 + + [Install] + WantedBy=multi-user.target + EOFC +fi +# Whitelists and excludes your home wifi network +sed 's/HomeNetwork/$wifiname/g' /boot/config.yml + +# Configures the config.txt +grep -qxF 'dtoverlay=dwc2' /boot/config.txt || echo 'dtoverlay=dwc2' >> /boot/config.txt +grep -qxF 'dtoverlay=spi1-3cs' /boot/config.txt || echo 'dtoverlay=spi1-3cs' >> /boot/config.txt +grep -qxF 'dtparam=spi=on' /boot/config.txt || echo 'dtparam=spi=on' >> /boot/config.txt +grep -qxF 'dtparam=i2c_arm=on' /boot/config.txt || echo 'dtparam=i2c_arm=on' >> /boot/config.txt +grep -qxF 'dtparam=i2c1=on' /boot/config.txt || echo 'dtparam=i2c1=on' >> /boot/config.txt +grep -qxF 'gpu_mem=16' /boot/config.txt || echo 'gpu_mem=16' >> /boot/config.txt + +# Selects the display type you have attached to your RPi +case $pwndisplay in + "none") + sed 's/displayenabled/false/g' /boot/config.yml;; + "waveshare_2") + sed 's/displayenabled/true/g' /boot/config.yml;; + sed 's/displaytype/waveshare_2/g' /boot/config.yml;; + "waveshare_1") + sed 's/displayenabled/true/g' /boot/config.yml;; + sed 's/displaytype/waveshare_1/g' /boot/config.yml;; + "waveshare27inch") + sed 's/displayenabled/true/g' /boot/config.yml;; + sed 's/displaytype/waveshare27inch/g' /boot/config.yml;; + "waveshare154inch") + sed 's/displayenabled/true/g' /boot/config.yml;; + sed 's/displaytype/waveshare154inch/g' /boot/config.yml;; + "inky") + sed 's/displayenabled/true/g' /boot/config.yml;; + sed 's/displaytype/inky/g' /boot/config.yml;; + "papirus") + sed 's/displayenabled/true/g' /boot/config.yml;; + sed 's/displaytype/papirus/g' /boot/config.yml;; + "oledhat") + sed 's/displayenabled/true/g' /boot/config.yml;; + sed 's/displaytype/oledhat/g' /boot/config.yml;; + "dfrobot") + sed 's/displayenabled/true/g' /boot/config.yml;; + sed 's/displaytype/dfrobot/g' /boot/config.yml;; + *) + echo "Unsupported configuration. Switching to no display"; + sed 's/displayenabled/false/g' /boot/config.yml;; +esac + +# Selects the color of your e-ink display +case $pwncolor in + "black") + sed 's/colortype/black/g' /boot/config.yml;; + "blue") + sed 's/colortype/blue/g' /boot/config.yml;; + "red") + sed 's/colortype/red/g' /boot/config.yml;; + "yellow") + sed 's/colortype/yellow/g' /boot/config.yml;; + *) + echo "Unsupported configuration. Switching to default color"; + sed 's/colortype/black/g' /boot/config.yml;; +esac + +# Selects the level of reporting to pwnagotchi servers +case $pwnreport in + "none") + sed 's/gridenabled/false/g' /boot/config.yml;; + sed 's/gridreport/false/g' /boot/config.yml;; + "partial") + sed 's/gridenabled/true/g' /boot/config.yml;; + sed 's/gridreport/false/g' /boot/config.yml;; + "full") + sed 's/gridenabled/true/g' /boot/config.yml;; + sed 's/gridreport/true/g' /boot/config.yml;; + *) + echo "Unsupported configuration. Switching to default reporting"; + sed 's/gridenabled/false/g' /boot/config.yml;; + sed 's/gridreport/false/g' /boot/config.yml;; +esac + # updates planet if there is an internet connection if [ $updateplanet = "true" ] && [ "$(treehouses internet)" ]; then docker pull treehouses/planet:latest diff --git a/builder b/builder index 0a90db69..1a50f643 100755 --- a/builder +++ b/builder @@ -187,6 +187,18 @@ function _count_authorized_keys_lines { echo "There are ${authorized_keys_lines} line(s) in /root/.ssh/authorized_keys" } +function _install_python37 { + echo "Installing Python 3.7.4" + apt-get install -y build-essential tk-dev libncurses5-dev libncursesw5-dev libreadline6-dev libdb5.3-dev libgdbm-dev libsqlite3-dev libssl-dev libbz2-dev libexpat1-dev liblzma-dev zlib1g-dev libffi-dev + # Install python 3.7.4 + wget https://www.python.org/ftp/python/3.7.4/Python-3.7.4.tgz + tar zxf Python-3.7.4.tgz + cd Python-3.7.4 + ./configure + make -j 4 + make altinstall +} + function _modify_image { echo "Modifying Image" @@ -258,6 +270,8 @@ function _print_tag { _print_tag +#_install_python37 + RASPBIAN_TORRENT=images/$(basename $RASPBIAN_TORRENT_URL) echo "$RASPBIAN_TORRENT" IMAGE_ZIP=${RASPBIAN_TORRENT%.torrent} diff --git a/scripts.d/16_pkg_install.sh b/scripts.d/16_pkg_install.sh index bc3029a4..503965f3 100755 --- a/scripts.d/16_pkg_install.sh +++ b/scripts.d/16_pkg_install.sh @@ -28,6 +28,9 @@ INSTALL_PACKAGES=( python3-coral-enviro # Coral environmental board bc # for memory command dnsutils + build-essential tk-dev libncurses5-dev libncursesw5-dev libreadline6-dev # pwnagotchi dependencies + libdb5.3-dev libgdbm-dev libsqlite3-dev libssl-dev libbz2-dev libexpat1-dev + liblzma-dev zlib1g-dev libffi-dev ) if [[ ${INSTALL_PACKAGES:-} ]] ; then diff --git a/scripts.d/19_pwn.sh b/scripts.d/19_pwn.sh new file mode 100755 index 00000000..8417c463 --- /dev/null +++ b/scripts.d/19_pwn.sh @@ -0,0 +1,53 @@ +#!/bin/bash + +source lib.sh + +# System variables +ROOT=mnt/img_root +PWNAGOTCHICONFIG=$ROOT/boot/config.yml + +# Install bettercap +wget "https://github.com/bettercap/bettercap/releases/download/v2.26.1/bettercap_linux_armhf_v2.26.1.zip" +unzip bettercap_linux_armhf_v2.26.1.zip +mv bettercap $ROOT/usr/bin/ +bettercap -eval "caplets.update; ui.update; quit" + +# Install pwngrid +wget "https://github.com/evilsocket/pwngrid/releases/download/v1.10.3/pwngrid_linux_armhf_v1.10.3.zip" +unzip pwngrid_linux_armhf_v1.10.3.zip +mv pwngrid $ROOT/usr/bin/ +pwngrid -generate -keys $ROOT/etc/pwnagotchi + +# Install python 3.7.4 +#wget https://www.python.org/ftp/python/3.7.0/Python-3.7.0.tgz +#tar zxf Python-3.7.0.tgz +#cd Python-3.7.0 +#./configure +#make -j 4 +#make altinstall + +# Install pwnagotchi +wget "https://github.com/evilsocket/pwnagotchi/archive/v1.4.3.zip" +unzip v1.4.3.zip +cd pwnagotchi-1.4.3 +pip-3.7 install . + +# Create configuration file for pwnagotchi +cat < $PWNAGOTCHICONFIG +main: + name: "hostname" + whitelist: + - HomeNetwork + plugins: + grid: + enabled: gridenabled + report: gridreport + exclude: + - HomeNetwork + +ui: + display: + enabled: displayenabled + type: "displaytype" + color: "colortype" +EOF