Pwnagotchi 3 b+ / 4 Build Guide with NIC Access and Inland 3.5 TFT screen

1. *** Pwnagotchi Build Guide for Pi 3 b+ /4 connected via NIC***
2. # Description:
3. # My collective notes for building my pwnagotchi
4. #
5. # Last Updated: May 2022
6.  
7. *** Hardware: ***
8.    * Raspberry Pi 3 b+
9.    * Inland 3.5 TFT display
10.    * Anker 4000 external battery
11.    * DIYmall VK-172 USB GPS Dongle (U-blox 7)
12.    * Samsung EVO Micro SDXC 256GB (UHD, UHS-I, U3, A2, V30)
13.  
14. *** Kudos and Special Thanks: ***
15. # Reddit User "u/DigitalDangerNoodle", for their Pwnagotchi Build Guide, https://pastebin.com/bTkXiZ52. This document is based on their build with changes to allow for NIC access, essentially the changes are in STEP 6.
16. # Reddit User "u/panoptyk", for their "Guerrilla guide to Pwnagotchi [v1.5.5/2022]:
17. #   Link: https://www.reddit.com/r/pwnagotchi/comments/sl2rv1/guerrilla_guide_to_pwnagotchi_v1552022/?utm_source=share&utm_medium=web2x&context=3
18. # Reddit User "u/my_life_is_suffering" for the information (and support) on getting the Inland 3.5 TFT working
19. #  Link: https://www.reddit.com/r/pwnagotchi/comments/s92wly/after_many_weeks_of_trial_and_error_finally_a/
20. #
21. # The Pwnagotchi Reddit Community:
22. #   Link: https://www.reddit.com/r/pwnagotchi/
23. #
24. # The "Pwnagotchi Unofficial" Discord Community:
25. #   Link: https://discord.gg/8fV5Ka32
26. #
27. # GaelicThunder on GitHub, for their Exp Plugin:
28. #   Link: https://github.com/GaelicThunder/Experience-Plugin-Pwnagotchi
29. #
30. # Hanna.Diamond on GitHub, for their Age Plugin and Waveshare 3.7" e-ink display Plugin:
31. #   Link: https://github.com/hannadiamond/pwnagotchi-plugins
32.  
33. #*** Build Instructions Below: ***
34.  
35. Step 1) Download Pwnagotchi image from pwnagotchi.ai
36.  #      Note: version 1.5.5 is the latest version as of April 2022
37.  #            Many have recommended instead to flash version 1.5.3
38.  #            in order to avoid reported bugs regarding AI mode not starting.
39.  #            once installed, version 1.5.3 will automatically update to 1.5.5
40.  #            with an established internet connection (host connection sharing or bt-tether)
41.  #Download version 1.5.3 to avoid having to fix AI Mode.
42.      # Remediation guidance for v1.5.5 AI Mode bug is available from u/panoptyk on Reddit. See Link in Kudos section above.
43.  
44. Step 2) Flash pwnagotchi image to microSD.
45.  #      Note: Recommended to use "balenaEtcher" to flash the image.
46.  #            Several tutorials exist online (Google or YouTube) that
47.  #            provide instructions for flashing an image to a microSD.
48.  
49. Step 3) Build your initial config.toml
50.  #      Note: your initial config.toml will contain the baseline configuration
51.  #            for your pwnagotchi, such as the name of the device. It is recommended to avoid
52.  #            trying to configure all of your plugins at this stage, and only focus on the
53.  #            essential plugins, such as 'bt-tether'.
54.  
55. ######## start of config.toml ########
56.  
57. #Main settings
58. main.name = "pwnagotchi"
59. main.lang = "en"
60. main.custom_plugins = "/usr/local/share/pwnagotchi/custom-plugins/"
61. main.whitelist = [
62.   "Other...",
63. ]
64.  
65. #Reporting results to PwnGRID
66. main.plugins.grid.enabled = true
67. main.plugins.grid.report = true
68. main.plugins.grid.exclude = [
69.   "Other..."
70. ]
71.  
72. #Display configuration
73. ui.display.enabled = false #set to false for now
74. ui.display.type = "waveshare37inch" #"waveshare37inch" doesn't exist (yet). To be created later...
75. ui.display.color = "black"
76.  
77. #Reduce Writes to preserve SD Lifespan
78. fs.memory.enabled = true
79. fs.memory.mounts.log.enabled = true
80. fs.memory.mounts.data.enabled = true
81.  
82. #bt-tether settings
83. main.plugins.bt-tether.enabled = true
84. main.plugins.bt-tether.devices.ios-phone.enabled = true
85. main.plugins.bt-tether.devices.ios-phone.search_order = 1
86. main.plugins.bt-tether.devices.ios-phone.mac = "CH:AN:GE:XX:MM:EE" #mobile Bluetooth MAC
87. main.plugins.bt-tether.devices.ios-phone.ip = "172.20.10.6" #custom static IP for iPhone PAN
88. main.plugins.bt-tether.devices.ios-phone.netmask = 24
89. main.plugins.bt-tether.devices.ios-phone.interval = 1
90. main.plugins.bt-tether.devices.ios-phone.scantime = 10
91. main.plugins.bt-tether.devices.ios-phone.max_tries = 10
92. main.plugins.bt-tether.devices.ios-phone.share_internet = true
93. main.plugins.bt-tether.devices.ios-phone.priority = 1
94.  
95. ######## end of config.toml ########
96.  
97. Step 4) Copy config.toml to MicroSD (boot)
98.  #       Note: Insert the microSD card flashed in Step 3.
99.  Open the new drive titled "boot", and copy over your config.toml
100.  
101. Step 5) Boot pwnagotchi for the first time, connected via USB (will boot into MANU Mode).
102.  #       WARNING: BE PATIENT. The First boot will take longer than average due to key generation.
103.  #       NOTE: If you specified settings for bt-tether plugin, ensure your mobile device is
104.  #             nearby and listening for new bluetooth devices to pair.
105.  #             Ensure Internet sharing via Personal Hotspot is enabled.
106.  Your mobile device will be prompted to pair with your pwnagotchi.
107.  
108.  
109. Step 5)** Boot pwnagotchi for the first time, connected via NIC (will boot into local mode). Use local access (eg, connected monitor, and keyboard).
110.  
111. Step 6) Configure network/internet/DNS access for RPI 3 b+ / 4
112.  
113. #Comment out the entirety of the /etc/network/interfaces.d/usb0-cfg network config file.
114. sudo nano /etc/network/interfaces.d/usb0-cfg
115.  
116. #Add your eth0 configuration
117. sudo nano /etc/network/interfaces.d/eth0-cfg
118.  
119. #Add information specific to your network. My network is 10.0.0.0 and desired IP is 10.0.0.94.
120.   allow-hotplug eth0
121.   iface eth0 inet static
122.   address 10.0.0.94
123.   netmask 255.255.255.0
124.   network 10.0.0.1
125.   broadcast 10.0.0.255
126.   gateway 10.0.0.1
127.   dns-nameservers 8.8.8.8
128.  
129. # Configure DNS
130. #The resolveconf program is responsible for auto-generating the resolve.conf file during boot based on the files in /etc/network/interfaces.d/
131.  
132. sudo nano /etc/network/interfaces.d/eth0-cfg
133. # add "dns-nameservers 8.8.8.8" under the final 'Gateway' line
134. #(NOTE: This step was already completed above, I only add it here for clarity)
135.  
136. sudo nano /etc/resolv.conf
137. # modify "nameserver 127.0.0.1" to be "nameserver 8.8.8.8"
138.  
139. sudo nano /etc/dnsmasq.conf
140. # add "server=8.8.8.8@eth0"
141.  
142. sudo systemctl disable dnsmasq
143. sudo su
144. sudo chattr +i /etc/resolv.conf
145. # make file immutable
146.  
147. sudo reboot
148.  
149. ping Google.com #test for network connection
150.  
151.  
152. Step 7) Install Inland 3.5 TFT :CD Touch Screen Monitor
153. #https://www.microcenter.com/product/632693/inland-35-inch-tft-lcd-touch-screen-monitor
154. #https://community.microcenter.com/discussion/9216/how-to-enable-the-inland-3-5-tft-lcd-touchscreen-monitor-with-raspberry-pi
155. #https://www.waveshare.com/wiki/3.5inch_RPi_LCD_(A)
156.  
157. #Essentially, we are using the configuration files for the 'spotpear24inch' screen and re-writing the variables for the inland 3.5.
158. #remove existing drivers
159. sudo rm -rf LCD-show
160.  
161. #Install drivers for your device: Inland 3.5" TFT LCD Touchscreen Monitor
162. git clone https://github.com/waveshare/LCD-show.git
163. cd LCD-show/
164. chmod +x LCD35-show
165. ./LCD35-show lite
166. #Make sure you use "./LCD35-show lite" instead of "./LCD35-show"
167.  
168. #Screen config process
169. #Edit config.toml to enable external display
170. sudo nano /etc/pwnagotchi/config.toml
171. ui.display.enabled = true
172. ui.display.rotation = 180
173. ui.display.type = "spotpear24inch"
174. ui.display.color = "black"
175.  
176. ##Edit the spotpear24inch.py configuration file to match the parameters of the inland 3.5 inch tft screen
177. sudo nano /usr/local/lib/python3.7/dist-packages/pwnagotchi/ui/hw/spotpear24inch.py
178. #Remove all lines of code, replace with parameters from pastebin.com/tMuuLTx3
179.  
180. **Initialize to new display
181. sudo systemctl restart pwnagotchi.service
182.  
183. Step 8) Install custom plugins
184.  #Consider this step OPTIONAL, unless you would like these custom plugins. Otherwise, proceed to Step 10.
185.  cd ~
186.  sudo mkdir /usr/local/share/pwnagotchi/custom-plugins/
187.       #make custom-plugins directory defined in config.toml, if not done so already.
188.  
189.  Step 8.1) aircrackonly plugin
190.   sudo pwnagotchi plugins install aircrackonly
191.   sudo nano /etc/pwnagotchi/config.toml
192.        # add the following lines to config.toml:
193.          main.plugins.aircrackonly.enabled = true
194.          main.plugins.aircrackonly.face = "(>.<)"
195.        
196.  Step 8.2) Exp plugin #Generates an "experiance" level and progress bar for your pwnagotchi.
197.   #Copy exp.py from git: https://github.com/GaelicThunder/Experience-Plugin-Pwnagotchi
198.   sudo nano /usr/local/share/pwnagotchi/custom-plugins/exp.py #paste contents of exp.py from github to exp.py on your pwnagotchi.
199.   sudo nano /etc/pwnagotchi/config.toml
200.   #add the following to your config.toml:
201.     main.plugins.exp.enabled = true
202.     main.plugins.exp.lvl_x_coord = 0
203.     main.plugins.exp.lvl_y_coord = 81
204.     main.plugins.exp.exp_x_coord = 38
205.     main.plugins.exp.exp_y_coord = 81
206.  
207.  Step 8.3) Age plugin #Generates the pwnagotchi's "age" and "strength".
208.   #Copy exp.py from git: https://github.com/hannadiamond/pwnagotchi-plugins/blob/main/plugins/age.py
209.   sudo nano /usr/local/share/pwnagotchi/custom-plugins/age.py #paste contents of exp.py from github to exp.py on your pwnagotchi.
210.   sudo nano /etc/pwnagotchi/config.toml
211.   #add the following to your config.toml:
212.     main.plugins.age.enabled = true
213.     main.plugins.age.age_x_coord = 0
214.     main.plugins.age.age_y_coord = 32
215.     main.plugins.age.str_x_coord = 67
216.     main.plugins.age.str_y_coord = 32
217.  
218.   sudo systemctl restart pwnagotchi.service #reload pwnagotchi with new plugins
219.  
220. Step 9) Update everything. #OPTIONAL. I'm just obsessive about updating everything...
221.  sudo pwnagotchi plugins update
222.  sudo pwnagotchi plugins upgrade
223.  sudo apt-get update --allow-releaseinfo-change
224.       #Troubleshooting: Some repos for "re4son-kernel.com/re4son kali-pi" might present an error resembling the following: "The following signatures were invalid: EXPKEYSIG 11764EE8AC24832F Carsten Boeving <[email protected]>"
225.       wget -O - https://re4son-kernel.com/keys/http/archive-key.asc | sudo apt-key add -
226.  
227.  sudo apt-get upgrade #This will take a while (~45 minutes). Be patient.
228.       #Troubleshooting: You might encounter an error that looks similar to:
229.       # Errors were encountered while processing:
230.       #  /var/cache/apt/archives/kalipi-kernel_5.4.83-20211204_armhf.deb
231.       # E: Sub-process /usr/bin/dpkg returned an error code (1)
232.  sudo mv /boot/overlays/ overlaysbackup
233. #rename the existing overlays in /boot/. The renamed overlays can be safely deleted later
234.  sudo apt-get upgrade #attempt upgrade again.
235.  
236. Step 10) Change all the default passwords
237.  # Change "pi" password. Default "raspberry"
238.  psswd
239.  
240.  # Change "root" password:
241.  sudo su
242.  psswd
243.  
244.  # Change pwnagotchi Web UI password. Default "changeme"
245.  sudo nano /etc/pwnagotchi/config.toml
246.   # locate and update the values for:
247.     ui.web.username = "changeme"
248.     ui.web.password = "changeme"
249.  
250.  # Update bettercap password. Default "pwnagotchi"
251.  sudo nano /etc/pwnagotchi/config.toml
252.   # locate and update the values for:
253.     bettercap.username = "pwnagotchi"
254.     bettercap.password = "pwnagotchi"
255.   sudo nano /usr/local/share/bettercap/caplets/pwnagotchi-auto.cap
256.     #modify the bettercap username & password to match config.toml
257.   sudo nano /usr/local/share/bettercap/caplets/pwnagotchi-manual.cap
258.     #modify the bettercap username & password to match config.toml
259.  
260.  sudo systemctl restart pwnagotchi.service #reload pwnagotchi for config changes to apply.
261.    
262. Step 11) Back up all your hard work!
263.  Download the Backup script from Github.
264.  # Link: https://github.com/evilsocket/pwnagotchi/blob/master/scripts/backup.sh
265.  
266.  Append the "FILES_TO_BACKUP" section of the backup script to include the following additional files that have been added or modified as a result of this guide:
267.  
268.   /usr/bin/pwnlib \
269.   /etc/systemd/system/pwngrid-peer.service \
270.   /usr/local/share/pwnagotchi/custom-plugins/ \
271.   /usr/local/lib/python3.7/dist-packages/pwnagotchi/ui/hw/libs/waveshare/v37inch/ \
272.   /usr/local/lib/python3.7/dist-packages/pwnagotchi/ui/hw/waveshare37inch.py \
273.   /usr/local/lib/python3.7/dist-packages/pwnagotchi/utils.py \
274.   /usr/local/lib/python3.7/dist-packages/pwnagotchi/ui/display.py \
275.   /usr/local/lib/python3.7/dist-packages/pwnagotchi/ui/components.py \
276.   /usr/local/lib/python3.7/dist-packages/pwnagotchi/ui/hw/__init__.py
277.  
278.      # Note: The last entry in the list must include an end quotation mark. Be sure to relocate this to the end of the list before saving.
279.  
280.   sudo chmod +x backup.sh # make backup.sh executable
281.   sudo ./backup.sh
282.  
283. Step 12 - Optional) Accessing your handshakes
284. #create file to access handshakes
285. sudo nano cph.sh
286. insert these lines into the file
287.     #/bin/bash
288.     cp -r /root/handshakes/* /home/pi/handshakes/
289.     chown pi:pi /home/pi/handshakes
290.     chown pi:pi /home/pi/handshakes/*
291.  
292. sudo chmod +x cph.sh
293. #To run file, execute 'sudo cph.sh'. This will copy your handshakes into the /home/pi/handshakes directory
294.  
295. Step - Optional) May be required if you are having troubles with bluetooth
296.  
297. # We need to add something into our profile which is in our root directory, hidden.
298. sudo su
299. cd /root
300. sudo nano ~/.profile
301. #add the following at the bottom of the file.
302.     # attempt to restart bluetooth
303.     sudo systemctl restart bluetooth
304.  
305. #save using crtl + x and then hit enter.
306.  
307. #Comment out an if-else-statement.
308.  
309. sudo nano /usr/bin/btuart
310. #At the first if-else-statement you see, comment it out like you you see below.
311.     #if grep -q "raspberrypi,4" /proc/device-tree/compatible; then
312.     BDADDR=
313.     #else
314.     SERIAL='cat /proc/device-tree/serial-number | cut -c9-'
315.     B1='echo $SERIAL | cut -c3-4'
316.     B2='echo $SERIAL | cut -c5-6'
317.     B3='echo $SERIAL | cut -c7-8'
318.     BDADDR='printf b8:27:eb:%02x:%02x:%02x $((0x$B1 ^ 0xaa)) $((0x$B2 ^ 0xaa)) $((0x$B3 ^ 0xaa))'
319.     #fi
320. #save it using crtl + x and then hit enter.
321.  
322. sudo reboot
323.  
324. #### Enjoy your new Pwnagotchi, and please support the Pwnagotchi community on Reddit and Discord! ####
325.