chrissewell/pwnagotchi
1
0
Fork 0
mirror of https://github.com/jayofelony/pwnagotchi.git synced 2025-07-01 18:37:27 -04:00
Code Issues Packages Projects Releases Wiki Activity

v2.5.1

Browse Source 
Signed-off-by: Jeroen Oudshoorn <oudshoorn.jeroen@gmail.com>
This commit is contained in:
Jeroen Oudshoorn
2023-11-02 20:01:40 +01:00
parent 0627f3ed3f
commit 645fbbc054
3 changed files with 1033 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
builder/build_install_gopkg.yml Normal file
View File

@ -0,0 +1,64 @@
#
# expects to be called with
#
# item = { name: 'resulting_binary', url: 'https://github.com/foo/bar.git' }
#
- name: Check for existance of Golang in /usr/local/go
stat: path=/usr/local/go
register: big_golang
- name: Download and install golang
when: not big_golang.stat.exists
unarchive:
src: https://go.dev/dl/go1.21.1.linux-armv6l.tar.gz
dest: /usr/local
remote_src: yes
register: big_golang
- name: 'download target {{ item.name }} from github'
git:
repo: "{{ item.url }}"
dest: '/usr/local/src/{{ item.name }}'
register: big_download
- name: go mod tidy
shell: "go mod tidy -x -v"
register: result
retries: 7
delay: 60
args:
executable: /bin/bash
chdir: '/usr/local/src/{{ item.name }}'
until: result is not failed
ignore_errors: true
- name: build package
shell: "make"
register: result
args:
executable: /bin/bash
chdir: '/usr/local/src/{{ item.name }}'
- name: install pwngrid 1.10.4
shell: "make install"
register: result
args:
executable: /bin/bash
chdir: '/usr/local/src/{{ item.name }}'
- name: make bin staging dir
file:
state: directory
path: "/root/staging/bin"
- name: copy built binary to staging directory
copy:
src: '/usr/local/bin/{{ item.name }}'
dest: "/root/staging/bin/"
- name: remove build folder
file:
state: absent
path: '/usr/local/src/{{ item.name }}'

164
builder/nexmon.yml Normal file
View File

@ -0,0 +1,164 @@
#
# Install nexmon brcmfmac firmware and drivers from source as needed
#
- name: "Check for /lib/modules/{{ item.kernel }}/build to see if we can"
stat: path="/lib/modules/{{item.kernel}}/build"
register: kernel_headers
- name: "Kernel {{item.kernel}} exists; installing nexmon"
when:
- kernel_headers.stat.exists
block:
- name: "Check for staged firmware {{ item.firmware }}"
stat: path="{{ staging }}/firmware/{{ item.firmware }}"
register: firmware
- name: "Check for staged kernel module {{ item.kernel }}/brcmfmac.ko"
stat: path="{{ staging }}/modules/{{ item.kernel }}/brcmfmac.ko"
register: kmodule
- name: Build nexmon as needed
when:
- not firmware.stat.exists or not kmodule.stat.exists
block:
- name: Check for existence of nexmon repo
stat: path="/usr/local/src/nexmon"
register: nexmongit
- name: clone nexmon repository
when: not nexmongit.stat.exists
git:
repo: "https://github.com/DrSchottky/nexmon.git"
dest: /usr/local/src/nexmon
register: nexmongit
- name: prepare nexmon build tree
when: nexmongit.changed
shell: "source ./setup_env.sh && make"
args:
executable: /bin/bash
chdir: /usr/local/src/nexmon/
- name: Build firmware if needed
when: not firmware.stat.exists
environment:
QEMU_UNAME: "{{ item.kernel }}"
ARCHFLAGS: "{{ item.arch_flags }}"
block:
- name: "make firmware patch {{ item.patch }}"
shell: |
source ./setup_env.sh
cd patches/{{ item.patch }}/nexmon/
make clean
make
args:
executable: /bin/bash
chdir: /usr/local/src/nexmon/
- name: make firmware staging dir
file:
state: directory
path: "{{ staging }}/firmware"
- name: 'copy firmware {{ item.firmware }} to staging directory'
copy:
src: '/usr/local/src/nexmon/patches/{{ item.patch }}/nexmon/{{ item.firmware }}'
dest: '{{ staging }}/firmware/'
follow: true
- name: Build module as needed
when: not kmodule.stat.exists
environment:
QEMU_UNAME: "{{ item.kernel }}"
ARCHFLAGS: "{{ item.arch_flags }}"
block:
- name: "make brcmfmac.ko module {{ item.kernel }}"
when: firmware.stat.exists
# if not firmware.stat.exists, then module would have been installed above
shell: |
export QEMU_UNAME={{ item.kernel }}
uname -a
source ./setup_env.sh
cd patches/{{ item.patch }}/nexmon/
make clean
make brcmfmac.ko
args:
executable: /bin/bash
chdir: /usr/local/src/nexmon/
environment:
QEMU_UNAME: "{{ item.kernel }}"
ARCHFLAGS: "{{ item.arch_flags }}"
- name: make modules staging dir
file:
state: directory
path: "{{ staging }}/modules/{{ item.kernel }}"
- name: copy modified driver to staging
copy:
src: "/usr/local/src/nexmon/patches/driver/brcmfmac_{{ kernel.min }}.y-nexmon/brcmfmac.ko"
dest: "{{ staging }}/modules/{{ item.kernel }}/brcmfmac.ko"
follow: true
register: brcmfmac_installed
# end of nexmon build block. products should now be in staging if they were not already
# check again, just to be sure
- name: "Check for staged firmware {{ item.firmware }}"
stat: path="{{ staging }}/firmware/{{ item.firmware }}"
register: firmware
# install nexmon firmware from staging directory
- name: 'install nexmon firmware {{ item.firmware }}'
when: firmware.stat.exists
block:
- name: "Install nexmon firware in /usr/lib/firmware/brcm"
copy:
src: '{{ staging }}/firmware/{{ item.firmware }}'
dest: '/usr/lib/firmware/brcm/{{ item.firmware }}'
follow: true
- name: "Check for staged kernel module {{ item.kernel }}/brcmfmac.ko"
stat: path="{{ staging }}/modules/{{ item.kernel }}/brcmfmac.ko"
register: kmodule
- name: "Install kernel module {{ item.kernel }}/brcmfmac.ko from staging"
when: kmodule.stat.exists
block:
# remove originals, and keep track
- name: "Remove old compressed kernel module (if there)"
file:
state: absent
path: "/usr/lib/modules/{{ item.kernel }}/kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko.xz"
register: brcmfmac_ko_xz
ignore_errors: true
- name: "Remove old uncompressed kernel module (if there)"
file:
state: absent
path: "/usr/lib/modules/{{ item.kernel }}/kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko"
register: brcmfmac_ko
ignore_errors: true
- name: "install nexmon kernel driver {{item.kernel}}"
copy:
src: "{{ staging }}/modules/{{ item.kernel }}/brcmfmac.ko"
dest: "/usr/lib/modules/{{ item.kernel }}/kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko"
follow: true
register: brcmfmac_installed
- name: "xz compress driver: {{brcmfmac_ko_xz.changed}}"
when: brcmfmac_ko_xz.changed
command: xz -k brcmfmac.ko
args:
chdir: '/usr/lib/modules/{{ item.kernel }}/kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac'
- name: "remove uncompressed driver: {{brcmfmac_ko.changed}}"
when: not brcmfmac_ko.changed
file:
state: absent
path: "/usr/lib/modules/{{ item.kernel }}/kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko"
- name: update module dependencies
command: "/sbin/depmod -a {{ item.kernel }}"

805
builder/raspberrypi32.yml Normal file
View File

@ -0,0 +1,805 @@
---
- hosts:
- 127.0.0.1
gather_facts: true
become: true
vars:
boards:
- {
kernel: "6.1.21+",
name: "PiZeroW",
firmware: "brcmfmac43430-sdio.bin",
patch: "bcm43430a1/7_45_41_46",
cpu: arm1176,
arch_flags: "-arch armv6l"
}
- {
kernel: "6.1.21-v7+",
name: "PiZero2W",
firmware: "brcmfmac43436-sdio.bin",
patch: "bcm43436b0/9_88_4_65",
cpu: cortex-a53,
arch_flags: "-arch armv7l"
}
- {
kernel: "6.1.21-v7l+",
name: "Pi4b_32",
firmware: "brcmfmac43455-sdio.bin",
patch: "bcm43455c0/7_45_206",
cpu: cortex-a72,
arch_flags: "-arch armv7l"
}
kernel:
min: "6.1"
full: "6.1.21+"
full_2w: "6.1.21-v7+"
full_4b: "6.1.21-v7l+"
arch: "v6l"
pwnagotchi:
hostname: "{{ lookup('env', 'PWN_HOSTNAME') | default('pwnagotchi', true) }}"
version: "{{ lookup('env', 'PWN_VERSION') | default('pwnagotchi-torch', true) }}"
custom_plugin_dir: "/usr/local/share/pwnagotchi/custom-plugins"
system:
boot_options:
- "#### pwnagotchi additions"
- "# this pwnagotchi image is 32-bit only no v8+ headers to build nexmon for 64 bit"
- "arm_64bit=0"
- "# dwc2 for RNDIS. comment out, and remove dwc2 and g_ether from cmdline.txt for X306 usb battery hat"
- "dtoverlay=dwc2"
- "dtoverlay=spi1-3cs"
- "dtparam=i2c1=on"
- "dtparam=i2c_arm=on"
- "dtparam=spi=on"
- "gpu_mem=16"
- "#### audio out on pins 18 and 19"
- "#dtoverlay=audremap,pins_18_19"
- "#### touchscreen on waveshare touch e-paper"
- "#dtoverlay=goodix,interrupt=27,reset=22"
- "#### for PWM backlighting on pimoroni displayhatmini"
- "dtoverlay=pwm-2chan,pin=12,func=4,pin2=13,func2=4"
modules:
- "i2c-dev"
services:
enable:
- bettercap.service
- dphys-swapfile.service
- fstrim.timer
- pwnagotchi.service
- pwngrid-peer.service
disable:
- apt-daily-upgrade.service
- apt-daily-upgrade.timer
- apt-daily.service
- apt-daily.timer
- bluetooth.service
- ifup@wlan0.service
- triggerhappy.service
- wpa_supplicant.service
packages:
bettercap:
url: "https://github.com/jayofelony/bettercap.git"
ui: "https://github.com/bettercap/ui/releases/download/v1.3.0/ui.zip"
pwngrid:
url: "https://github.com/jayofelony/pwngrid.git"
torch:
wheel: "torch-2.1.0a0+gitunknown-cp39-cp39-linux_armv6l.whl"
url: "https://github.com/Sniffleupagus/Torch4Pizero/releases/download/v1.0.0/torch-2.1.0a0+gitunknown-cp39-cp39-linux_armv6l.whl"
torchvision:
wheel: "torchvision-0.16.0a0-cp39-cp39-linux_armv6l.whl"
url: "https://github.com/Sniffleupagus/Torch4Pizero/releases/download/v1.0.0/torchvision-0.16.0a0-cp39-cp39-linux_armv6l.whl"
apt:
downgrade:
# the kali .debs do not work on raspberry pi zero on raspiOS
# so install from source later. probably good idea on all platforms
#- libpcap-dev_1.9.1-4_armel.deb
#- libpcap0.8-dev_1.9.1-4_armel.deb
#- libpcap0.8_1.9.1-4_armel.deb
hold:
- firmware-atheros
- firmware-brcm80211
- firmware-libertas
- firmware-misc-nonfree
- firmware-realtek
# no longer need to be held. build from source goes in /usr/local
# Then bettercap and pwngrid are pointed at it at runtime with LD_LIBRARY_PATH
# and LD_PRELOAD
# - libpcap-dev
# - libpcap0.8
# - libpcap0.8-dev
remove:
- avahi-daemon
- nfs-common
- triggerhappy
- wpasupplicant
install:
- aircrack-ng
- autoconf
- bc
- bison
- bluez
- build-essential
- curl
- dkms
- dphys-swapfile
- espeak-ng
- evtest
- fbi
- flex
- fonts-dejavu
- fonts-dejavu-core
- fonts-dejavu-extra
- fonts-freefont-ttf
- g++
- gawk
- gcc-arm-none-eabi
- git
- libatlas-base-dev
- libavcodec58
- libavformat58
- libblas-dev
- libbz2-dev
- libc-ares-dev
- libc6-dev
- libcpuinfo-dev
- libdbus-1-dev
- libdbus-glib-1-dev
- libeigen3-dev
- libelf-dev
- libffi-dev
- libfl-dev
- libfuse-dev
- libgdbm-dev
- libgl1-mesa-glx
- libgmp3-dev
- libgstreamer1.0-0
- libhdf5-dev
- liblapack-dev
- libncursesw5-dev
- libnetfilter-queue-dev
- libopenblas-dev
- libopenjp2-7
- libopenmpi-dev
- libopenmpi3
- libpcap-dev
- libprotobuf-dev
- libraspberrypi-bin
- libraspberrypi-dev
- libraspberrypi-doc
- libraspberrypi0
- libsleef-dev
- libsqlite3-dev
- libssl-dev
- libswscale5
- libtiff5
- libtool
- libts-bin
- libusb-1.0-0-dev
- lsof
- make
- python3-flask
- python3-flask-cors
- python3-flaskext.wtf
- python3-pil
- python3-pip
- python3-protobuf
- python3-smbus
- qpdf
- raspberrypi-kernel-headers
- rsync
- screen
- tcpdump
- texinfo
- time
- tk-dev
- unzip
- vim
- wget
- wl
- xxd
- zlib1g-dev
environment:
#ARCHFLAGS: -arch armv6l
#QEMU_CPU: arm1176
QEMU_UNAME: "{{ kernel.full }}"
tasks:
- name: Create pi user
copy:
dest: /boot/userconf
content: |
pi:$6$3jNr0GA9KIyt4hmM$efeVIopdMQ8DGgEPCWWlbx3mJJNAYci1lEXGdlky0xPyjqwKNbwTL5SrCcpb4144C4IvzWjn7Iv.QjqmU7iyT/
tags:
- base
- config
- name: change hostname
lineinfile:
dest: /etc/hostname
regexp: '^raspberrypi'
line: "{{pwnagotchi.hostname}}"
state: present
when: lookup('file', '/etc/hostname') == "raspberrypi"
register: hostname
tags:
- base
- config
- name: add hostname to /etc/hosts
lineinfile:
dest: /etc/hosts
regexp: '^127\.0\.1\.1[ \t]+raspberrypi'
line: "127.0.1.1\t{{pwnagotchi.hostname}}"
state: present
when: hostname.changed
tags:
- base
- config
- name: disable sap plugin for bluetooth.service
lineinfile:
dest: /lib/systemd/system/bluetooth.service
regexp: '^ExecStart=/usr/lib(exec)?/bluetooth/bluetoothd$'
line: 'ExecStart=/usr/lib/bluetooth/bluetoothd --noplugin=sap'
state: present
tags:
- config
- base
- name: configure dphys-swapfile
lineinfile:
path: /etc/dphys-swapfile
regexp: "^CONF_SWAPSIZE=.*$"
line: "CONF_SWAPSIZE=2048"
tags:
- config
- base
- name: Create custom plugin directory
file:
path: '{{ pwnagotchi.custom_plugin_dir }}'
state: directory
tags:
- pwnagotchi
- build
- name: update apt package cache
apt:
update_cache: yes
- name: install packages
apt:
name: "{{ packages.apt.install }}"
state: present
- name: update pip3, setuptools, wheel
shell: "python3 -m pip install --upgrade pip setuptools wheel"
args:
executable: /bin/bash
chdir: /usr/local/src
###########################################
#
# libpcap v1.9 - build from source
#
###########################################
# check for presence, then it can re-run in later parts if needed
# use the "make" built in
# install libpcap before bettercap and pwngrid, so they use it
- name: clone libpcap v1.9 from github
git:
repo: 'https://github.com/the-tcpdump-group/libpcap.git'
dest: /usr/local/src/libpcap
version: libpcap-1.9
tags:
- base
- name: build and install libpcap into /usr/local/lib
shell: "./configure && make && make install"
args:
executable: /bin/bash
chdir: /usr/local/src/libpcap
tags:
- base
- name: remove libpcap build folder
file:
state: absent
path: /usr/local/src/libpcap
tags:
- base
###############################################################
# Install nexmon to fix wireless scanning (takes 2.5G of space)
###############################################################
# Install nexmon for all boards
- name: build and install nexmon as needed
include_tasks: nexmon.yml
loop: "{{ boards }}"
tags:
- base
- build_nexmon
# some pizero2w have the pizeroW wifi chip
# could this be a link instead of a copy? and force, only if not a link?
- name: copy 43430-sdio as 43436s-sdio for the special 43430/1 /2
copy:
src: /usr/lib/firmware/brcm/brcmfmac43430-sdio.bin
dest: /usr/lib/firmware/brcm/brcmfmac43436s-sdio.bin
follow: true
# delete blob files that make nexmon sad
- name: Delete the firmware blob files to avoid some nexmon crashing
file:
state: absent
path: '{{ item }}'
loop:
- /usr/lib/firmware/brcm/brcmfmac43430-sdio.clm_blob
- /usr/lib/firmware/brcm/brcmfmac43430-sdio.raspberrypi,model-zero-w.clm_blob
- /usr/lib/firmware/brcm/brcmfmac43430b0-sdio.raspberrypi,model-zero-2-w.clm_blob
- /usr/lib/firmware/brcm/brcmfmac43436-sdio.raspberrypi,model-zero-2-w.clm_blob
- /usr/lib/firmware/brcm/brcmfmac43430-sdio.raspberrypi,3-model-b.clm_blob
# To shrink the final image, remove the nexmon directory (takes 2.5G of space) post build and installation
- name: Delete nexmon content & directory
file:
state: absent
path: /usr/local/src/nexmon/
- name: make wheel staging dir
file:
state: directory
path: "{{ staging }}/wheels"
- name: clone pwnagotchi repository
git:
repo: https://github.com/Sniffleupagus/pwnagotchi-snflpgs.git
dest: /usr/local/src/pwnagotchi
register: pwnagotchigit
tags: pwnagotchi
# is this even necessary? Can't we just link from /home/pi/pwnagotchi to /usr/local/{bin,lib,etc}
# then just git update in the home dir and encourage hacking?
# make owned by pi.pi, and custom plugins.
- name: build pwnagotchi wheel
command: "python3 setup.py sdist bdist_wheel"
args:
chdir: /usr/local/src/pwnagotchi
when: (pwnagotchigit.changed) or (pip_packages['pwnagotchi'] is undefined) or (pip_packages['pwnagotchi'] != pwnagotchi_version)
tags: pwnagotchi
- name: install 32-bit pwnagotchi wheel and dependencies with 32-bit torch wheels
pip:
name:
- "{{ lookup('fileglob', '/usr/local/src/pwnagotchi/dist/pwnagotchi*.whl') }}"
- "{{ staging }}/wheels/{{ packages.torch.url | basename }}"
- "{{ staging }}/wheels/{{ packages.torchvision.url | basename }}"
- "stable-baselines3==1.8.0"
extra_args: "--no-cache-dir"
environment:
#QEMU_CPU: arm1176
QEMU_UNAME: "{{ kernel.full }}"
when: (pwnagotchigit.changed) or (pip_packages['pwnagotchi'] is undefined) or (pip_packages['pwnagotchi'] != pwnagotchi_version)
tags:
- pwnagotchi
- name: copy pwnagotchi wheel to staging dir
ansible.builtin.copy:
src: "{{ lookup('fileglob', '/usr/local/src/pwnagotchi/dist/pwnagotchi*.whl') }}"
dest: "{{ staging }}/wheels"
tags: pwnagotchi
- name: create /usr/local/share/pwnagotchi/ folder
file:
path: /usr/local/share/pwnagotchi/
state: directory
tags: pwnagotchi
- name: remove pwnagotchi folder
file:
state: absent
path: /usr/local/src/pwnagotchi
tags: pwnagotchi
##########################################
#
# pwngrid, bettercap
#
##########################################
- name: check for /usr/local/bin/bettercap
stat: path=/usr/local/bin/bettercap
register: bettercap
- block:
- name: install bettercap if missing
when: not bettercap.stat.exists
include_tasks: build_install_gopkg.yml
vars:
item:
name: bettercap
url: '{{ packages.bettercap.url }}'
environment:
GOPATH: "{{ lookup('env', 'HOME') }}/go"
PATH: "/usr/local/go/bin:{{ lookup('env', 'PATH') }}"
GOSUMDB: off
- name: check for /usr/local/bin/pwngrid
stat: path=/usr/local/bin/pwngrid
register: pwngrid
- block:
- name: install pwngrid if missing
when: not pwngrid.stat.exists
include_tasks: build_install_gopkg.yml
vars:
item:
name: pwngrid
url: '{{ packages.pwngrid.url }}'
environment:
GOPATH: "{{ lookup('env', 'HOME') }}/go"
PATH: "/usr/local/go/bin:{{ lookup('env', 'PATH') }}"
GOSUMDB: off
- name: clone bettercap caplets
git:
repo: https://github.com/jayofelony/caplets.git
dest: /tmp/caplets
register: capletsgit
- name: install bettercap caplets
make:
chdir: /tmp/caplets
target: install
when: capletsgit.changed
- name: download and install bettercap ui
unarchive:
src: "{{ packages.bettercap.ui }}"
dest: /usr/local/share/bettercap/
remote_src: yes
mode: 0755
# to always have the bettercap webui available (because why not?)
- name: copy pwnagotchi-manual over pwnagotchi-auto caplet
ansible.builtin.copy:
src: /usr/local/share/bettercap/caplets/pwnagotchi-manual.cap
dest: /usr/local/share/bettercap/caplets/pwnagotchi-auto.cap
force: true
ignore_errors: true
- name: add HDMI powersave to rc.local
blockinfile:
path: /etc/rc.local
insertbefore: "exit 0"
block: |
if ! /opt/vc/bin/tvservice -s | egrep 'HDMI|DVI'; then
/opt/vc/bin/tvservice -o
fi
- name: create /etc/pwnagotchi folder
file:
path: /etc/pwnagotchi
state: directory
tags: pwnagotchi
- name: check if user configuration exists
stat:
path: /etc/pwnagotchi/config.toml
register: user_config
tags: pwnagotchi
- name: create /etc/pwnagotchi/config.toml
tags: pwnagotchi
copy:
dest: /etc/pwnagotchi/config.toml
content: |
# Add your configuration overrides on this file any configuration changes done to default.toml will be lost!
# Example:
#
# use these to log into the web UI
ui.web.username = "changeme"
ui.web.password = "changeme"
ui.display.enabled = true
ui.display.type = "displayhatmini"
main.custom_plugins = "{{ pwnagotchi.custom_plugin_dir }}"
main.plugins.led.enabled = false
main.plugins.morse_code.enabled = true
personality.deauth = false
ui.backgroundcolor="#000000"
ui.foregroundcolor="#ffffff"
ui.colormode="RGB"
main.whitelist = [
"EXAMPLE_NETWORK",
"ANOTHER_EXAMPLE_NETWORK",
"fo:od:ba:be:fo:od",
"fo:od:ba",
]
main.plugins.rss_voice.enabled = true
main.plugins.rss_voice.path = "/root/voice_rss"
main.plugins.rss_voice.feed.wait.url = "https://www.reddit.com/r/pwnagotchi/comments.rss"
main.plugins.rss_voice.feed.bored.url = "https://www.reddit.com/r/pwnagotchi.rss"
main.plugins.rss_voice.feed.sad.url = "https://www.reddit.com/r/showerthoughts.rss"
when: not user_config.stat.exists
- name: set up pi user crontab to kick wifi.recon on bettercap
tags: pwnagotchi
copy:
dest: /tmp/pi-crontab
content: |
# Edit this file to introduce tasks to be run by cron.
#
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
#
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').
#
# Notice that tasks will be started based on the cron's system
# daemon's notion of time and timezones.
#
# Output of the crontab jobs (including errors) is sent through
# email to the user the crontab file belongs to (unless redirected).
#
# For example, you can run a backup of all your user accounts
# at 5 a.m every week with:
# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
#
# For more information see the manual pages of crontab(5) and cron(8)
#
# m h dom mon dow command
*/5 * * * * /home/pi/bin/bcinfo.py -qw >/dev/null 2>&1
- name: install pi crontab
tags: pwnagotchi
command: "crontab -u pi /tmp/pi-crontab"
args:
chdir: /tmp
register: pi-crontab
ignore_errors: true
- name: delete /tmp/pi-crontab
tags: pwnagotchi
file:
state: absent
path: /tmp/pi-crontab
- name: Delete motd 10-uname
file:
state: absent
path: /etc/update-motd.d/10-uname
- name: enable ssh on boot
file:
path: /boot/ssh
state: touch
tags: base
- name: disable wlan0 in dhcpcd.conf
lineinfile:
dest: /etc/dhcpcd.conf
insertafter: EOF
line: "denyinterfaces wlan0"
tags: base
- name: adjust /boot/config.txt
lineinfile:
dest: /boot/config.txt
insertafter: EOF
line: '{{ item }}'
with_items: "{{system.boot_options}}"
tags: pwnagotchi
- name: adjust /etc/modules
lineinfile:
dest: /etc/modules
insertafter: EOF
line: '{{ item }}'
with_items: "{{system.modules}}"
tags: pwnagotchi
- name: change root partition
replace:
dest: /boot/cmdline.txt
backup: no
regexp: "root=PARTUUID=[a-zA-Z0-9\\-]+"
replace: "root=/dev/mmcblk0p2"
tags: base
- name: configure /boot/cmdline.txt
lineinfile:
path: /boot/cmdline.txt
backrefs: True
state: present
backup: no
regexp: '(.*)$'
line: '\1 modules-load=dwc2,g_ether'
tags: pwnagotchi
- name: clone Sniffleupagus pwny utils
git:
repo: https://github.com/Sniffleupagus/pwnagotchi-utils.git
dest: /home/pi/git/pwnagotchi-utils
register: sniffleupagus_utils_fetched
tags: pwnagotchi
- name: grab list of utils
ansible.builtin.find:
paths: /home/pi/git/pwnagotchi-utils
patterns: '*.py'
recurse: no
register: sniffleupagus_utils
tags: pwnagotchi
- name: Create home bin directory
file:
path: /home/pi/bin
mode: '755'
owner: 'pi'
group: 'pi'
state: directory
tags: pwnagotchi
- name: copy to /home/pi/bin
ansible.builtin.copy:
src: '{{ item.path }}'
dest: '/home/pi/bin/'
follow: yes
mode: '755'
owner: 'pi'
group: 'pi'
with_items: '{{ sniffleupagus_utils.files }}'
tags: pwnagotchi
# evil socket plugins
- name: clone pwnagotchi community plugin repository
git:
repo: https://github.com/evilsocket/pwnagotchi-plugins-contrib.git
dest: /usr/local/src/pwnagotchi-plugins-contrib
register: evilsocket_plugins_fetched
tags: pwnagotchi
- name: grab list of plugins
ansible.builtin.find:
paths: /usr/local/src/pwnagotchi-plugins-contrib
patterns: '*.py'
recurse: no
register: evilsocket_plugins
tags: pwnagotchi
- name: copy to custom plugins
ansible.builtin.copy:
src: '{{ item.path }}'
dest: '{{ pwnagotchi.custom_plugin_dir }}'
follow: yes
with_items: '{{ evilsocket_plugins.files }}'
ignore_errors: true
tags: pwnagotchi
# MORE plugins
- name: clone Sniffleupagus plugins
git:
repo: https://github.com/Sniffleupagus/pwnagotchi_plugins.git
dest: /home/pi/git/pwnagotchi_plugins
register: sniffleupagus_plugins_fetched
tags: pwnagotchi
- name: grab list of plugins
ansible.builtin.find:
paths: /home/pi/git/pwnagotchi_plugins
patterns: '*.py'
recurse: no
register: sniffleupagus_plugins
tags: pwnagotchi
- name: copy to custom plugins
ansible.builtin.copy:
src: '{{ item.path }}'
dest: '{{ pwnagotchi.custom_plugin_dir }}'
follow: yes
with_items: '{{ sniffleupagus_plugins.files }}'
tags: pwnagotchi
- name: Add pwnlog alias
lineinfile:
dest: /home/pi/.bashrc
line: "\nalias pwnlog='tail -f -n300 /var/log/pwn*.log | sed --unbuffered \"s/,[[:digit:]]\\{3\\}\\]//g\" | cut -d \" \" -f 2-'"
insertafter: EOF
tags: pwnagotchi
- name: Add pwnver alias
lineinfile:
dest: /home/pi/.bashrc
line: "\nalias pwnver='python3 -c \"import pwnagotchi as p; print(p.__version__)\"'"
insertafter: EOF
tags: pwnagotchi
- name: Add pwnkill alias to restart pwnagotchi with a signal
lineinfile:
dest: /home/pi/.bashrc
line: "\nalias pwnkill='sudo killall -USR1 pwnagotchi'"
insertafter: EOF
tags: pwnagotchi
- name: add firmware packages to hold
dpkg_selections:
name: "{{ item }}"
selection: hold
with_items: "{{ packages.apt.hold }}"
- name: disable unnecessary services
systemd:
name: "{{ item }}"
state: stopped
enabled: no
with_items: "{{ services.disable }}"
- name: enable services
systemd:
name: "{{ item }}"
enabled: true
state: stopped
with_items: "{{ services.enable }}"
tags: pwnagotchi
- name: remove golang build libraries
file:
state: absent
path: /root/go
- name: remove pre-collected packages zip
file:
path: /root/go_pkgs.tgz
state: absent
- name: remove golang
file:
state: absent
path: /usr/local/go
- name: make /root readable, becauase that's where all the files are
file:
path: /root
mode: '755'
- name: fix permissions on /home/pi
file:
path: /home/pi
owner: pi
group: pi
recurse: true
- name: remove unnecessary apt packages
apt:
name: "{{ packages.apt.remove }}"
state: absent
purge: yes
- name: remove dependencies that are no longer required
apt:
autoremove: yes
- name: clean apt cache
apt:
autoclean: true
- name: remove apt package cache
shell: "apt clean"
args:
executable: /bin/bash
chdir: /usr/local/src
- name: remove /root/.cache (pip cache)
file:
state: absent
path: /root/.cache
handlers:
- name: reload systemd services
systemd:
daemon_reload: yes