From e0ddd0de57fb1ec8749f71e33c260fa03c749310 Mon Sep 17 00:00:00 2001 From: Cassiano Aquino Date: Wed, 2 Oct 2019 17:26:29 +0100 Subject: [PATCH 01/12] new builder system based on packer/ansible --- .travis.yml | 16 ++- Makefile | 22 +++ builder/pwnagotchi.json | 26 ++++ builder/pwnagotchi.yml | 289 ++++++++++++++++++++++++++++++++++++++++ 4 files changed, 348 insertions(+), 5 deletions(-) create mode 100644 Makefile create mode 100644 builder/pwnagotchi.json create mode 100644 builder/pwnagotchi.yml diff --git a/.travis.yml b/.travis.yml index a62fa934..9d1a1880 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,23 +1,29 @@ dist: bionic -language: generic +language: go + +go: + - 1.x + env: global: - LANG=C - LC_ALL=C + before_cache: - mountpoint -q $TRAVIS_BUILD_DIR/tmp/mnt && sudo umount -R $TRAVIS_BUILD_DIR/tmp/mnt - sudo find $TRAVIS_BUILD_DIR/tmp/ -name '*.img' -delete + cache: apt: true directories: - tmp/ + before_script: - sudo apt-get -y update -- sudo apt-get -y install qemu-user-static binfmt-support qemu bmap-tools +- sudo apt-get -y install qemu-user-static binfmt-support qemu kpartx - sudo update-binfmts --display -- unset GOROOT + script: -- sudo ./scripts/create_sibling.sh -n pwnagotchi -o pwnagotchi.img -- zip -s 2g pwnagotchi.zip pwnagotchi.img +- sudo -E env "PATH=$PATH" make -e PWN_HOSTNAME="pwnagotchi" VERSION="$TRAVIS_TAG" # TODO: deploy! diff --git a/Makefile b/Makefile new file mode 100644 index 00000000..b81990b2 --- /dev/null +++ b/Makefile @@ -0,0 +1,22 @@ +PWN_HOSTNAME="pwnagotchi" +PWN_VERSION="master" + +all: install image clean + +install: + @curl https://releases.hashicorp.com/packer/1.3.5/packer_1.3.5_linux_amd64.zip -o /tmp/packer.zip + @unzip /tmp/packer.zip -d /tmp + @mv /tmp/packer /usr/bin/packer + @git clone https://github.com/solo-io/packer-builder-arm-image /tmp/packer-builder-arm-image + @cd /tmp/packer-builder-arm-image && go get -d ./... && go build + @cp /tmp/packer-builder-arm-image/packer-builder-arm-image /usr/bin + +image: + @cd builder && sudo packer build pwnagotchi.json + @mv builder/output-pwnagotchi/image pwnagotchi-raspbian-lite-$(PWN_VERSION).img + @zip pwnagotchi-raspbian-lite-$(PWN_VERSION).zip pwnagotchi-raspbian-lite-$(PWN_VERSION).img + +clean: + @rm -rf /tmp/packer-builder-arm-image + @rm -f pwnagotchi-raspbian-lite.img + @rm -rf builder/output-pwnagotchi builder/packer_cache diff --git a/builder/pwnagotchi.json b/builder/pwnagotchi.json new file mode 100644 index 00000000..c78629eb --- /dev/null +++ b/builder/pwnagotchi.json @@ -0,0 +1,26 @@ +{ + "variables": { + "home": "{{env `HOME`}}" + }, + "builders": [{ + "name": "pwnagotchi", + "type": "arm-image", + "iso_url" : "https://downloads.raspberrypi.org/raspbian_lite/images/raspbian_lite-2019-07-12/2019-07-10-raspbian-buster-lite.zip", + "iso_checksum_type":"sha256", + "iso_checksum":"9e5cf24ce483bb96e7736ea75ca422e3560e7b455eee63dd28f66fa1825db70e", + "last_partition_extra_size" : 3221225472 + }], + "provisioners": [ + { + "type": "shell", + "inline": [ + "apt-get -y update", + "apt-get install -y ansible" + ] + }, + { + "type":"ansible-local", + "playbook_file": "pwnagotchi.yml" + } + ] +} diff --git a/builder/pwnagotchi.yml b/builder/pwnagotchi.yml new file mode 100644 index 00000000..06720028 --- /dev/null +++ b/builder/pwnagotchi.yml @@ -0,0 +1,289 @@ +--- +- hosts: + - 127.0.0.1 + become: yes + vars: + pwn_hostname: "pwnagotchi" + pwn_version: "master" + + tasks: + + - name: selected hostname + debug: + msg: "{{ pwn_hostname }}" + + - name: build version + debug: + msg: "{{ pwn_version }}" + + - name: change hostname + hostname: + name: "{{pwn_hostname}}" + + - name: add hostname to /etc/hosts + lineinfile: + dest: /etc/hosts + regexp: '^127\.0\.0\.1[ \t]+localhost' + line: '127.0.0.1 localhost {{pwn_hostname}} {{pwn_hostname}}.local' + state: present + + - name: Add re4son-kernel repo key + apt_key: + url: https://re4son-kernel.com/keys/http/archive-key.asc + state: present + + - name: Add re4son-kernel repository + apt_repository: + repo: deb http://http.re4son-kernel.com/re4son/ kali-pi main + state: present + + - name: update apt package cache + apt: + update_cache: yes + + - name: upgrade apt distro + apt: + upgrade: dist + + - name: install packages + apt: + name: "{{ packages }}" + state: present + vars: + packages: + - vim + - screen + - golang + - git + - build-essential + - python3-pip + - gawk + - libopenmpi-dev + - libatlas-base-dev + - libjasper-dev + - libqtgui4 + - libqt4-test + - libopenjp2-7 + - tcpdump + - lsof + - libilmbase23 + - libopenexr23 + - libgstreamer1.0-0 + - libavcodec58 + - libavformat58 + - libswscale5 + - libpcap-dev + - libusb-1.0-0-dev + - libnetfilter-queue-dev + - dphys-swapfile + - kalipi-kernel + - kalipi-bootloader + - kalipi-re4son-firmware + - kalipi-kernel-headers + - libraspberrypi0 + - libraspberrypi-dev + - libraspberrypi-doc + - libraspberrypi-bin + - fonts-dejavu + - fonts-dejavu-core + - fonts-dejavu-extra + + - name: configure dphys-swapfile + file: + path: /etc/dphys-swapfile + content: "CONF_SWAPSIZE=1024" + + - name: disable unecessary services + systemd: + name: "{{services}}" + state: stopped + enabled: no + vars: + services: + - apt-daily.timer + - apt-daily.service + - apt-daily-upgrade.timer + - apt-daily-upgrade.service + - bluetooth.service + - triggerhappy.service + + - name: enable dphys-swapfile service + systemd: + name: dphys-swapfile.service + state: started + enabled: yes + + - name: build bettercap + command: go get -u github.com/bettercap/bettercap + environment: + GOPATH: /root/go + + - name: install bettercap + copy: + src: /root/go/bin/bettercap + dest: /usr/bin/bettercap + mode: 0755 + + - name: clone bettercap caplets + git: + repo: https://github.com/bettercap/caplets.git + dest: /tmp/caplets + + - name: install bettercap caplets + make: + chdir: /tmp/caplets + target: install + + - name: clone pwnagotchi repository + git: + repo: https://github.com/evilsocket/pwnagotchi.git + dest: /tmp/pwnagotchi + + - name: copy pwnagotchi files to final destination + copy: + src: /tmp/pwnagotchi/sdcard/rootfs/root/pwnagotchi/ + dest: /root/pwnagotchi/ + mode: preserve + + - name: remove pwnagotchi files from temporary repository + file: + path: /tmp/pwnagotchi + state: absent + + - name: install python modules + pip: + requirements: /root/pwnagotchi/scripts/requirements.txt + + - name: create cpuusage script + copy: + dest: /usr/bin/cpuusage + mode: 0755 + content: | + #!/usr/bin/env bash + while true + do + top -b -n1 | awk '/Cpu\(s\)/ { printf("%d %", $2 + $4 + 0.5) }' + sleep 3 + done + + - name: create memusage script + copy: + dest: /usr/bin/memusage + mode: 0755 + content: | + #!/usr/bin/env + free -m | awk '/Mem/ { printf( "%d %", $3 / $2 * 100 + 0.5 ) }' + + - name: create monstart script + copy: + dest: /usr/bin/monstart + mode: 0755 + content: | + #!/usr/bin/env bash + iw phy phy0 interface add mon0 type monitor && ifconfig mon0 up + + - name: create monstop script + copy: + dest: /usr/bin/monstop + mode: 0755 + content: | + #!/usr/bin/env bash + ifconfig mon0 down && iw dev mon0 del + + - name: configure rc.local + blockinfile: + path: /etc/rc.local + insertbefore: "exit 0" + block: | + if ! /opt/vc/bin/tvservice -s | grep HDMI; then + /opt/vc/bin/tvservice -o + fi + /root/pwnagotchi/scripts/startup.sh & + + - name: configure usb interface + blockinfile: + path: /etc/network/interfaces.d/usb0.cfg + create: yes + block: | + allow-hotplug usb0 + iface usb0 inet static + address 10.0.0.2 + netmask 255.255.255.0 + network 10.0.0.0 + broadcast 10.0.0.255 + gateway 10.0.0.1 + + - name: configure eth0 interface (pi2/3/4) + blockinfile: + path: /etc/network/interfaces.d/eth0.cfg + create: yes + block: | + allow-hotplug eth0 + iface eth0 inet dhcp + + - name: enable ssh on boot + file: + path: /boot/ssh + state: touch + + - name: adjust /boot/config.txt + lineinfile: + dest: /boot/config.txt + insertafter: EOF + line: '{{ item }}' + with_items: + - "dtoverlay=dwc2" + - "dtparam=spi=on" + - "dtoverlay=spi1-3cs" + - "dtoverlay=pi3-disable-bt" + - "dtparam=audio=off" + + - name: change root partition + replace: + dest: /boot/cmdline.txt + backup: no + regexp: "root=PARTUUID=[a-zA-Z0-9\\-]+" + replace: "root=/dev/mmcblk0p2" + + - name: configure /boot/cmdline.txt + lineinfile: + path: /boot/cmdline.txt + backrefs: True + state: present + backup: no + regexp: '(.*)$' + line: '\1 modules-load=dwc2,g_ether' + + - name: configure ssh + lineinfile: + dest: /etc/ssh/sshd_config + backup: no + regexp: '#?PermitRootLogin (.*)$' + line: 'PermitRootLogin yes' + + - name: configure motd + copy: + dest: /etc/motd + content: "(◕‿‿◕) {{pwn_hostname}} (pwnagotchi-{{pwn_version}})" + + - name: clean apt cache + apt: + autoclean: yes + + - name: remove dependencies that are no longer required + apt: + autoremove: yes + + - name: remove ssh keys + file: + state: absent + path: "{{item}}" + with_items: + - /etc/ssh/ssh_host_rsa_key + - /etc/ssh/ssh_host_rsa_key.pub + - /etc/ssh/ssh_host_dsa_key + - /etc/ssh/ssh_host_dsa_key.pub + - /etc/ssh/ssh_host/ecdsa_key + - /etc/ssh/ssh_host/ecdsa_key.pub + - /etc/ssh/ssh_host_ed25519_key + - /etc/ssh/ssh_host_ed25519_key.pub From 956b8c7a67384c31a2a0ccd807a5b36b20015284 Mon Sep 17 00:00:00 2001 From: Cassiano Aquino Date: Wed, 2 Oct 2019 17:30:40 +0100 Subject: [PATCH 02/12] add output to makefile --- Makefile | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/Makefile b/Makefile index b81990b2..4e1b3110 100644 --- a/Makefile +++ b/Makefile @@ -4,19 +4,19 @@ PWN_VERSION="master" all: install image clean install: - @curl https://releases.hashicorp.com/packer/1.3.5/packer_1.3.5_linux_amd64.zip -o /tmp/packer.zip - @unzip /tmp/packer.zip -d /tmp - @mv /tmp/packer /usr/bin/packer - @git clone https://github.com/solo-io/packer-builder-arm-image /tmp/packer-builder-arm-image - @cd /tmp/packer-builder-arm-image && go get -d ./... && go build - @cp /tmp/packer-builder-arm-image/packer-builder-arm-image /usr/bin + curl https://releases.hashicorp.com/packer/1.3.5/packer_1.3.5_linux_amd64.zip -o /tmp/packer.zip + unzip /tmp/packer.zip -d /tmp + mv /tmp/packer /usr/bin/packer + git clone https://github.com/solo-io/packer-builder-arm-image /tmp/packer-builder-arm-image + cd /tmp/packer-builder-arm-image && go get -d ./... && go build + cp /tmp/packer-builder-arm-image/packer-builder-arm-image /usr/bin image: - @cd builder && sudo packer build pwnagotchi.json - @mv builder/output-pwnagotchi/image pwnagotchi-raspbian-lite-$(PWN_VERSION).img - @zip pwnagotchi-raspbian-lite-$(PWN_VERSION).zip pwnagotchi-raspbian-lite-$(PWN_VERSION).img + cd builder && sudo packer build pwnagotchi.json + mv builder/output-pwnagotchi/image pwnagotchi-raspbian-lite-$(PWN_VERSION).img + zip pwnagotchi-raspbian-lite-$(PWN_VERSION).zip pwnagotchi-raspbian-lite-$(PWN_VERSION).img clean: - @rm -rf /tmp/packer-builder-arm-image - @rm -f pwnagotchi-raspbian-lite.img - @rm -rf builder/output-pwnagotchi builder/packer_cache + rm -rf /tmp/packer-builder-arm-image + rm -f pwnagotchi-raspbian-lite.img + rm -rf builder/output-pwnagotchi builder/packer_cache From 9471d722afc39e0ed3e7e2ae6678f4d2f41f1f30 Mon Sep 17 00:00:00 2001 From: Cassiano Aquino Date: Wed, 2 Oct 2019 17:36:25 +0100 Subject: [PATCH 03/12] specify full path for packer --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 4e1b3110..75ec0d17 100644 --- a/Makefile +++ b/Makefile @@ -12,7 +12,7 @@ install: cp /tmp/packer-builder-arm-image/packer-builder-arm-image /usr/bin image: - cd builder && sudo packer build pwnagotchi.json + cd builder && sudo /usr/bin/packer build pwnagotchi.json mv builder/output-pwnagotchi/image pwnagotchi-raspbian-lite-$(PWN_VERSION).img zip pwnagotchi-raspbian-lite-$(PWN_VERSION).zip pwnagotchi-raspbian-lite-$(PWN_VERSION).img From fffa3df3ad2a607a6760ff2fd3cf41ba477f68c6 Mon Sep 17 00:00:00 2001 From: Cassiano Aquino Date: Wed, 2 Oct 2019 18:05:32 +0100 Subject: [PATCH 04/12] override goroot --- .travis.yml | 3 ++- builder/pwnagotchi.yml | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 9d1a1880..cd74215f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -20,8 +20,9 @@ cache: before_script: - sudo apt-get -y update -- sudo apt-get -y install qemu-user-static binfmt-support qemu kpartx +- sudo apt-get -y install qemu-user-static binfmt-support qemu gcc-arm-linux-gnueabihf libc6-dev-armhf-cross qemu-arm-static kpartx - sudo update-binfmts --display +- cat /etc/ld.so.preload script: - sudo -E env "PATH=$PATH" make -e PWN_HOSTNAME="pwnagotchi" VERSION="$TRAVIS_TAG" diff --git a/builder/pwnagotchi.yml b/builder/pwnagotchi.yml index 06720028..4d086bcb 100644 --- a/builder/pwnagotchi.yml +++ b/builder/pwnagotchi.yml @@ -117,6 +117,7 @@ command: go get -u github.com/bettercap/bettercap environment: GOPATH: /root/go + GOROOT: /usr/lib/go - name: install bettercap copy: From 2abf3f21fdec12e5cbbad8bbee5b8c349dddb72e Mon Sep 17 00:00:00 2001 From: Cassiano Aquino Date: Wed, 2 Oct 2019 18:09:02 +0100 Subject: [PATCH 05/12] remove packages --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index cd74215f..76c5bfa6 100644 --- a/.travis.yml +++ b/.travis.yml @@ -20,7 +20,7 @@ cache: before_script: - sudo apt-get -y update -- sudo apt-get -y install qemu-user-static binfmt-support qemu gcc-arm-linux-gnueabihf libc6-dev-armhf-cross qemu-arm-static kpartx +- sudo apt-get -y install qemu-user-static binfmt-support qemu bmap-tools kpartx - sudo update-binfmts --display - cat /etc/ld.so.preload From 4986950ffb5cf010f0b99028a450f0198c3938c2 Mon Sep 17 00:00:00 2001 From: Cassiano Aquino Date: Wed, 2 Oct 2019 18:12:05 +0100 Subject: [PATCH 06/12] remove debug for ld.so.preload --- .travis.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 76c5bfa6..edfa3a65 100644 --- a/.travis.yml +++ b/.travis.yml @@ -22,7 +22,6 @@ before_script: - sudo apt-get -y update - sudo apt-get -y install qemu-user-static binfmt-support qemu bmap-tools kpartx - sudo update-binfmts --display -- cat /etc/ld.so.preload script: - sudo -E env "PATH=$PATH" make -e PWN_HOSTNAME="pwnagotchi" VERSION="$TRAVIS_TAG" From 760a94a0fef60a8e8c9cd2caa40c6aff01e1792b Mon Sep 17 00:00:00 2001 From: Cassiano Aquino Date: Wed, 2 Oct 2019 18:46:08 +0100 Subject: [PATCH 07/12] move env only to install --- .travis.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index edfa3a65..ba17f32c 100644 --- a/.travis.yml +++ b/.travis.yml @@ -22,8 +22,9 @@ before_script: - sudo apt-get -y update - sudo apt-get -y install qemu-user-static binfmt-support qemu bmap-tools kpartx - sudo update-binfmts --display +- sudo -E env "PATH=$PATH" make install script: -- sudo -E env "PATH=$PATH" make -e PWN_HOSTNAME="pwnagotchi" VERSION="$TRAVIS_TAG" +- sudo make -e PWN_HOSTNAME="pwnagotchi" VERSION="$TRAVIS_TAG" # TODO: deploy! From 00725ae9c7b56869a06ba5b0e860b71e2e878b82 Mon Sep 17 00:00:00 2001 From: Cassiano Aquino Date: Wed, 2 Oct 2019 18:49:12 +0100 Subject: [PATCH 08/12] add make clean --- .travis.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.travis.yml b/.travis.yml index ba17f32c..21c8fdac 100644 --- a/.travis.yml +++ b/.travis.yml @@ -22,6 +22,7 @@ before_script: - sudo apt-get -y update - sudo apt-get -y install qemu-user-static binfmt-support qemu bmap-tools kpartx - sudo update-binfmts --display +- sudo -E env "PATH=$PATH" make clean - sudo -E env "PATH=$PATH" make install script: From 01ed7c417c9e82a68c2f996ce579bd149e5f1129 Mon Sep 17 00:00:00 2001 From: Cassiano Aquino Date: Wed, 2 Oct 2019 18:53:29 +0100 Subject: [PATCH 09/12] change make stage --- .travis.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index 21c8fdac..0e357f52 100644 --- a/.travis.yml +++ b/.travis.yml @@ -22,10 +22,10 @@ before_script: - sudo apt-get -y update - sudo apt-get -y install qemu-user-static binfmt-support qemu bmap-tools kpartx - sudo update-binfmts --display -- sudo -E env "PATH=$PATH" make clean -- sudo -E env "PATH=$PATH" make install script: +- sudo -E env "PATH=$PATH" make clean +- sudo -E env "PATH=$PATH" make install - sudo make -e PWN_HOSTNAME="pwnagotchi" VERSION="$TRAVIS_TAG" # TODO: deploy! From 3ada1f875d0db2b8d335b2971992f9df70b3d1c2 Mon Sep 17 00:00:00 2001 From: Cassiano Aquino Date: Wed, 2 Oct 2019 18:58:26 +0100 Subject: [PATCH 10/12] fix make commands --- .travis.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index 0e357f52..a366cb19 100644 --- a/.travis.yml +++ b/.travis.yml @@ -24,8 +24,8 @@ before_script: - sudo update-binfmts --display script: -- sudo -E env "PATH=$PATH" make clean +- sudo make clean - sudo -E env "PATH=$PATH" make install -- sudo make -e PWN_HOSTNAME="pwnagotchi" VERSION="$TRAVIS_TAG" +- sudo make image -e PWN_HOSTNAME="pwnagotchi" VERSION="$TRAVIS_TAG" # TODO: deploy! From dcc5fd9027dde7c7419f787ed0903de59b5839cc Mon Sep 17 00:00:00 2001 From: Cassiano Aquino Date: Wed, 2 Oct 2019 19:41:49 +0100 Subject: [PATCH 11/12] disable library during build --- builder/pwnagotchi.json | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/builder/pwnagotchi.json b/builder/pwnagotchi.json index c78629eb..beac17b7 100644 --- a/builder/pwnagotchi.json +++ b/builder/pwnagotchi.json @@ -14,6 +14,7 @@ { "type": "shell", "inline": [ + "sed -i 's/^\\([^#]\\)/#\\1/g' /etc/ld.so.preload", "apt-get -y update", "apt-get install -y ansible" ] @@ -21,6 +22,12 @@ { "type":"ansible-local", "playbook_file": "pwnagotchi.yml" + }, + { + "type": "shell", + "inline": [ + "sed -i 's/^#\\(.+\\)/\\1/g' /etc/ld.so.preload" + ] } ] } From 59bbc2299530e66e4a7c15fc9ef23bdfc18ec27c Mon Sep 17 00:00:00 2001 From: Cassiano Aquino Date: Wed, 2 Oct 2019 20:25:56 +0100 Subject: [PATCH 12/12] remove quotes from variables --- .travis.yml | 2 +- Makefile | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index a366cb19..6c250519 100644 --- a/.travis.yml +++ b/.travis.yml @@ -26,6 +26,6 @@ before_script: script: - sudo make clean - sudo -E env "PATH=$PATH" make install -- sudo make image -e PWN_HOSTNAME="pwnagotchi" VERSION="$TRAVIS_TAG" +- sudo make image -e PWN_HOSTNAME=pwnagotchi VERSION=$TRAVIS_TAG # TODO: deploy! diff --git a/Makefile b/Makefile index 75ec0d17..0d898ddb 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ -PWN_HOSTNAME="pwnagotchi" -PWN_VERSION="master" +PWN_HOSTNAME=pwnagotchi +PWN_VERSION=master all: install image clean