-
Notifications
You must be signed in to change notification settings - Fork 2
/
usb-armory-mkii.sh
executable file
·189 lines (154 loc) · 6.52 KB
/
usb-armory-mkii.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
#!/usr/bin/env bash
#
# Kali Linux ARM build-script for USB Armory MKII (32-bit)
# Source: https://gitlab.com/kalilinux/build-scripts/kali-arm
#
# This is a community script - you will need to generate your own image to use
# More information: https://www.kali.org/docs/arm/usb-armory-mkii/
#
# Hardware model
hw_model=${hw_model:-"usb-armory-mkii"}
# Architecture
architecture=${architecture:-"armhf"}
# Desktop manager (xfce, gnome, i3, kde, lxde, mate, e17 or none)
desktop=${desktop:-"xfce"}
# Load default base_image configs
source ./common.d/base_image.sh
# Network configs
basic_network
add_interface eth0
# Third stage
cat <<EOF >>"${work_dir}"/third-stage
status_stage3 'Install dhcp and vnc server'
eatmydata apt-get install -y isc-dhcp-server tightvncserver || eatmydata apt-get install -y --fix-broken
status_stage3 'Remove /etc/modules*'
rm /etc/modules
rm /etc/modules-load.d/modules.conf
status_stage3 'Add our /etc/modules-load.d/'
cat << __EOF__ > /etc/modules-load.d/modules.conf
ledtrig_heartbeat
ci_hdrc_imx
g_ether
#g_mass_storage
#g_multi
__EOF__
status_stage3 'Add our /etc/modprobe.d/'
cat << __EOF__ > /etc/modprobe.d/usbarmory.conf
options g_ether use_eem=0 dev_addr=1a:55:89:a2:69:41 host_addr=1a:55:89:a2:69:42
# To use either of the following, you should create the file /disk.img via dd
# "dd if=/dev/zero of=/disk.img bs=1M count=2048" would create a 2GB disk.img file
#options g_mass_storage file=disk.img
#options g_multi use_eem=0 dev_addr=1a:55:89:a2:69:41 host_addr=1a:55:89:a2:69:42 file=disk.img
__EOF__
status_stage3 'Add our /etc/network/interfaces.d/usb0'
cat << __EOF__ > /etc/network/interfaces.d/usb0
allow-hotplug usb0
iface usb0 inet static
address 10.0.0.1
netmask 255.255.255.0
gateway 10.0.0.2
__EOF__
status_stage3 'Add our /etc/dhcp/dhcpd.conf'
# Debian reads the config from inside /etc/dhcp
cp /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf.old
cat << __EOF__ > /etc/dhcp/dhcpd.conf
# Sample configuration file for ISC dhcpd for Debian
# Original file /etc/dhcp/dhcpd.conf.old
ddns-update-style none;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
subnet 10.0.0.0 netmask 255.255.255.0 {
range 10.0.0.2 10.0.0.2;
default-lease-time 600;
max-lease-time 7200;
}
__EOF__
status_stage3 'Only listen on usb0'
sed -i -e 's/INTERFACES.*/INTERFACES="usb0"/g' /etc/default/isc-dhcp-server
status_stage3 'Enable dhcp server'
update-rc.d isc-dhcp-server enable
status_stage3 'Fixup wireless-regdb signature'
update-alternatives --set regulatory.db /lib/firmware/regulatory.db-upstream
EOF
# Run third stage
include third_stage
# Clean system
include clean_system
# Kernel section. If you want to use a custom kernel, or configuration, replace
# them in this section
status "Kernel stuff"
git clone --depth 1 -b linux-5.15.y git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git ${work_dir}/usr/src/kernel
cd ${work_dir}/usr/src/kernel
git rev-parse HEAD >${work_dir}/usr/src/kernel-at-commit
touch .scmversion
export ARCH=arm
export CROSS_COMPILE=arm-linux-gnueabihf-
#patch -p1 --no-backup-if-mismatch < ${repo_dir}/patches/ARM-drop-cc-option-fallbacks-for-architecture-select.patch
patch -p1 --no-backup-if-mismatch <${repo_dir}/patches/kali-wifi-injection-5.15.patch
patch -p1 --no-backup-if-mismatch <${repo_dir}/patches/0001-wireless-carl9170-Enable-sniffer-mode-promisc-flag-t.patch
wget $githubraw/usbarmory/usbarmory/master/software/kernel_conf/usbarmory_linux-5.15.defconfig -O ../usbarmory_linux-5.15_defconfig
wget $githubraw/usbarmory/usbarmory/master/software/kernel_conf/mark-two/imx6ul-512M-usbarmory.dts -O arch/arm/boot/dts/imx6ul-usbarmory.dts
wget $githubraw/usbarmory/usbarmory/master/software/kernel_conf/mark-two/imx6ulz-512M-usbarmory-tzns.dts -O arch/arm/boot/dts/imx6ulz-usbarmory-tzns.dts
wget $githubraw/usbarmory/usbarmory/master/software/kernel_conf/mark-two/imx6ulz-512M-usbarmory.dts -O arch/arm/boot/dts/imx6ulz-usbarmory.dts
cp ../usbarmory_linux-5.15_defconfig arch/arm/configs/
make usbarmory_linux-5.15_defconfig
make LOADADDR=0x80000000 -j $(grep -c processor /proc/cpuinfo) uImage modules imx6ul-usbarmory.dtb imx6ulz-usbarmory-tzns.dtb imx6ulz-usbarmory.dtb
make modules_install INSTALL_MOD_PATH=${work_dir}
cp arch/arm/boot/zImage ${work_dir}/boot/
cp arch/arm/boot/dts/imx6*-usbarmory*.dtb ${work_dir}/boot/
make mrproper
# Since these aren't integrated into the kernel yet, mrproper removes them
cp ../usbarmory_linux-5.15_defconfig arch/arm/configs/
wget $githubraw/usbarmory/usbarmory/master/software/kernel_conf/mark-two/imx6ul-512M-usbarmory.dts -O arch/arm/boot/dts/imx6ul-usbarmory.dts
wget $githubraw/usbarmory/usbarmory/master/software/kernel_conf/mark-two/imx6ulz-512M-usbarmory-tzns.dts -O arch/arm/boot/dts/imx6ulz-usbarmory-tzns.dts
wget $githubraw/usbarmory/usbarmory/master/software/kernel_conf/mark-two/imx6ulz-512M-usbarmory.dts -O arch/arm/boot/dts/imx6ulz-usbarmory.dts
# Fix up the symlink for building external modules
# kernver is used so we don't need to keep track of what the current compiled
# version is
status "building external modules"
kernver=$(ls ${work_dir}/lib/modules/)
cd ${work_dir}/lib/modules/${kernver}
rm build
rm source
ln -s /usr/src/kernel build
ln -s /usr/src/kernel source
cd "${repo_dir}/"
# Calculate the space to create the image and create
make_image
# Create the disk partitions
status "Create the disk partitions"
parted -s "${image_dir}/${image_name}.img" mklabel msdos
parted -s -a minimal "${image_dir}/${image_name}.img" mkpart primary ext2 5MiB 100%
# Set the partition variables
make_loop
# Create file systems
# Force root partition ext2 filesystem
rootfstype="ext2"
mkfs_partitions
# Make fstab.
make_fstab
# Create the dirs for the partitions and mount them
status "Create the dirs for the partitions and mount them"
mkdir -p "${base_dir}"/root
if [[ $fstype == ext4 ]]; then
mount -t ext4 -o noatime,data=writeback,barrier=0 "${rootp}" "${base_dir}"/root
else
mount "${rootp}" "${base_dir}"/root
fi
status "Rsyncing rootfs into image file"
rsync -HPavz -q "${work_dir}"/ "${base_dir}"/root/
sync
status "u-Boot"
cd "${work_dir}"
wget ftp://ftp.denx.de/pub/u-boot/u-boot-2023.01.tar.bz2
tar xvf u-boot-2023.01.tar.bz2 && cd u-boot-2023.01
wget $githubraw/usbarmory/usbarmory/master/software/u-boot/0001-ARM-mx6-add-support-for-USB-armory-Mk-II-board.patch
patch -p1 --no-backup-if-mismatch <0001-ARM-mx6-add-support-for-USB-armory-Mk-II-board.patch
make distclean
make usbarmory-mark-two_config
make ARCH=arm
dd if=u-boot-dtb.imx of=${loopdevice} bs=512 seek=2 conv=fsync
cd "${repo_dir}/"
# Load default finish_image configs
include finish_image