Commit bcae8f6d authored by Lorenzo Faletra's avatar Lorenzo Faletra

include missing raspberry files

parent 5f3c2bc8
raspberry @ 4db2dc42
Subproject commit 4db2dc4236e54c211fb53fade416deec7afaddd7
The MIT License (MIT)
Copyright (c) 2015-2016 Niklas Fiekas <niklas.fiekas@backscattering.de>
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is furnished
to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
IN THE SOFTWARE.
net.ifnames=0 dwc_otg.lpm_enable=0 console=ttyAMA0,115200 kgdboc=ttyAMA0,115200 console=tty1 root=/dev/mmcblk0p2 rootfstype=ext4 rootwait
# For more options and information see
# http://www.raspberrypi.org/documentation/configuration/config-txt.md
# Some settings may impact device functionality. See link above for details
# uncomment if you get no picture on HDMI for a default "safe" mode
#hdmi_safe=1
# uncomment this if your display has a black border of unused pixels visible
# and your display can output without overscan
#disable_overscan=1
# uncomment the following to adjust overscan. Use positive numbers if console
# goes off screen, and negative if there is too much border
#overscan_left=16
#overscan_right=16
#overscan_top=16
#overscan_bottom=16
# uncomment to force a console size. By default it will be display's size minus
# overscan.
#framebuffer_width=1280
#framebuffer_height=720
# uncomment if hdmi display is not detected and composite is being output
hdmi_force_hotplug=1
# uncomment to force a specific HDMI mode (this will force VGA)
#hdmi_group=1
#hdmi_mode=1
# uncomment to force a HDMI mode rather than DVI. This can make audio work in
# DMT (computer monitor) modes
#hdmi_drive=2
# uncomment to increase signal to HDMI, if you have interference, blanking, or
# no display
#config_hdmi_boost=4
# uncomment for composite PAL
#sdtv_mode=2
#uncomment to overclock the arm. 700 MHz is the default.
#arm_freq=800
#!/bin/bash
SOURCEDIR=$(dirname $0)
vmdebootstrap \
--arch armhf \
--distribution stable \
--mirror http://deb.parrotsec.org/parrot \
--image `date +parrot-rpi-%Y%m%d.img` \
--size 6144M \
--bootsize 64M \
--boottype vfat \
--root-password toor \
--verbose \
--no-kernel \
--no-extlinux \
--hostname parrot \
--foreign /usr/bin/qemu-arm-static \
--debootstrapopts="keyring=$SOURCEDIR/parrotsec.gpg verbose" \
--package="gnupg2 dirmngr ca-certificates" \
--customize "$SOURCEDIR/customize.sh" \
--log-level="debug"
#!/bin/bash
set -e
SOURCEDIR=$(dirname $0)
ROOTDIR="$1"
# Do not start services during installation.
echo exit 101 > $ROOTDIR/usr/sbin/policy-rc.d
chmod +x $ROOTDIR/usr/sbin/policy-rc.d
#configure temporary networking
rm $ROOTDIR/etc/resolv.conf
echo -e "# ParrotDNS/OpenNIC
nameserver 1.1.1.1
nameserver 139.99.96.146
nameserver 37.59.40.15
nameserver 185.121.177.177
# Round Robin
options rotate" > $ROOTDIR/etc/resolv.conf
# Configure apt.
export DEBIAN_FRONTEND=noninteractive
cat $SOURCEDIR/parrotsec.gpg | chroot $ROOTDIR apt-key add -
echo > $ROOTDIR/etc/apt/sources.list
mkdir -p $ROOTDIR/etc/apt/sources.list.d/
mkdir -p $ROOTDIR/etc/apt/apt.conf.d/
echo "deb http://deb.parrotsec.org/parrot stable main contrib non-free" > $ROOTDIR/etc/apt/sources.list.d/parrot.list
chroot $ROOTDIR apt update
chroot $ROOTDIR apt -y install parrot-core
# enable for apt-cacher-ng
# echo "Acquire::http { Proxy \"http://localhost:3142\"; };" > $ROOTDIR/etc/apt/apt.conf.d/50apt-cacher-ng
cp $SOURCEDIR/etc/apt/sources.list $ROOTDIR/etc/apt/sources.list
cp $SOURCEDIR/etc/apt/apt.conf.d/50raspi $ROOTDIR/etc/apt/apt.conf.d/50raspi
chroot $ROOTDIR apt update
# Regenerate SSH host keys on first boot.
chroot $ROOTDIR apt-get install -y openssh-server rng-tools
rm -f $ROOTDIR/etc/ssh/ssh_host_*
mkdir -p $ROOTDIR/etc/systemd/system
cp $SOURCEDIR/etc/systemd/system/regen-ssh-keys.service $ROOTDIR/etc/systemd/system/regen-ssh-keys.service
chroot $ROOTDIR systemctl enable regen-ssh-keys ssh
# Configure.
cp $SOURCEDIR/boot/cmdline.txt $ROOTDIR/boot/cmdline.txt
cp $SOURCEDIR/boot/config.txt $ROOTDIR/boot/config.txt
cp -r $SOURCEDIR/etc/default $ROOTDIR/etc/default
cp $SOURCEDIR/etc/fstab $ROOTDIR/etc/fstab
cp $SOURCEDIR/etc/modules $ROOTDIR/etc/modules
cp $SOURCEDIR/etc/network/interfaces $ROOTDIR/etc/network/interfaces
FILE="$SOURCEDIR/config/authorized_keys"
if [ -f $FILE ]; then
echo "Adding authorized_keys."
mkdir -p $ROOTDIR/root/.ssh/
cp $FILE $ROOTDIR/root/.ssh/
else
echo "No authorized_keys, allowing root login with password on SSH."
sed -i "s/.*PermitRootLogin.*/PermitRootLogin yes/" $ROOTDIR/etc/ssh/sshd_config
fi
# Install kernel.
mkdir -p $ROOTDIR/lib/modules
chroot $ROOTDIR apt install -y ca-certificates curl binutils git-core kmod
wget https://raw.github.com/Hexxeh/rpi-update/master/rpi-update -O $ROOTDIR/usr/local/sbin/rpi-update
chmod a+x $ROOTDIR/usr/local/sbin/rpi-update
SKIP_WARNING=1 SKIP_BACKUP=1 ROOT_PATH=$ROOTDIR BOOT_PATH=$ROOTDIR/boot $ROOTDIR/usr/local/sbin/rpi-update
# Install extra packages.
chroot $ROOTDIR apt install -y apt-utils nano whiptail netbase less iputils-ping net-tools isc-dhcp-client parrot-core anacron fake-hwclock ntp fail2ban needrestart sudo
chroot $ROOTDIR apt install -y parrot-interface parrot-mate parrot-pico geany bleachbit
# Clean some shit.
chroot $ROOTDIR apt -y purge firejail samba
#create user
chroot $ROOTDIR bash useradd -m -p $(mkpasswd -m sha-512 parrot) -s /bin/bash parrot
chroot $ROOTDIR adduser parrot audio cdrom dip floppy video plugdev netdev powerdev scanner bluetooth sudo fuse dialout
#configure networking
chroot $ROOTDIR apt-get update
chroot $ROOTDIR apt-get -y install resolvconf
chroot $ROOTDIR systemctl enable resolvconf
chroot $ROOTDIR systemctl start resolvconf
chroot $ROOTDIR rm /etc/resolv.conf
echo -e "
# ParrotDNS/OpenNIC
nameserver 139.99.96.146
nameserver 37.59.40.15
nameserver 185.121.177.177
# Round Robin
options rotate" > $ROOTDIR/etc/resolvconf/resolv.conf.d/tail
ln -s /etc/resolvconf/run/resolv.conf $ROOTDIR/etc/resolv.conf
# Create a swapfile.
dd if=/dev/zero of=$ROOTDIR/var/swapfile bs=1M count=128
chroot $ROOTDIR mkswap /var/swapfile
echo /var/swapfile none swap sw 0 0 >> $ROOTDIR/etc/fstab
# Done.
rm $ROOTDIR/usr/sbin/policy-rc.d
echo "cleaning the system with bleachbit"
chroot $ROOTDIR bleachbit -c system.localizations apt.autoclean apt.autoremove apt.package_lists deepscan.backup deepscan.ds_store deepscan.thumbs_db deepscan.tmp system.cache system.rotated_logs thumbnails.cache &> /dev/null && echo "done"
#rm $ROOTDIR/etc/apt/apt.conf.d/50apt-cacher-ng
--2018-09-02 21:24:43-- http://deb.parrotsec.org/parrot/dists/stable/InRelease
Resolving deb.parrotsec.org (deb.parrotsec.org)...
\ No newline at end of file
# Never use pdiffs. Current implementation is very slow on low-powered devices.
Acquire::PDiffs "0";
deb http://deb.parrotsec.org/parrot parrot main contrib non-free
/dev/mmcblk0p1 /boot vfat defaults 0 0
/dev/mmcblk0p2 / ext4 noatime,nodiratime,relatime,discard 0 0
proc /proc proc defaults 0 0
tmpfs /tmp tmpfs defaults,size=100M 0 0
vchiq
snd_bcm2835
bcm2708-rng
btrfs
xfs
auto lo
iface lo inet loopback
auto eth0
allow-hotplug eth0
iface eth0 inet dhcp
iface eth0 inet6 auto
[Unit]
Description=OpenSSH Server Key Generation
# Do not run if keys already exist
ConditionPathExistsGlob=!/etc/ssh/ssh_host_*_key
# This service requires rng-tools to feed the random number generator,
# otherwise we may generate predictable keys without noticing it.
Requires=rng-tools.service
After=rng-tools.service
# sshd needs this service to be run and finished before starting
PartOf=ssh.service ssh.socket
Before=ssh.service ssh.socket
[Install]
# sshd needs this service to be run and finished before starting
WantedBy=ssh.service ssh.socket
[Service]
EnvironmentFile=-/etc/sysconfig/sshd
ExecStart=/usr/bin/ssh-keygen -A
Type=oneshot
RemainAfterExit=yes
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment