Pwnagotchi 2022



Pwnagotchi is a cool project that I had seen a few years back and just recent decided to finally take a look at it.

What is Pwnagotchi?

Pwnagotchi is a small "AI" device derived from the 90's toy Tamagotchi. Similar to the toy, you please your Pwnagotchi by allowing it to observe and "eat" wifi handshakes. The artificial intelligence of the Pwnagotchi allows it to analyze it's surroundings making decisions on how to best collect wifi handshakes through passive sniffing, deauthentication and association attacks. 

Pwnagotchi stores the collected handshakes as PCAP files, that can later attempt to be cracked, or collected and mapped via GPS of novelty rewards of wonder.

If you don't have any pi's around, the whole project costs about 60-70 bucks including the Waveshare ink screen, Raspberry Pi Zero and Pisugar2 power pack.



Configuration Notes:

While the project is seemingly abandoned, the documentation is still pretty relavent to complete this project. 

Image used: Build 1.5.5 to a 32gb Micro SD using Etcher.

I booted my Pi Zero before editing my config file. Once booted, Windows detected the device but did not install the correct drivers for the device to be identified as an RNDIS, I downloaded the drivers found here: https://www.factoryforward.com/wp-content/uploads/2018/01/mod-duo-rndis.zip
 
In device manager, find the device under USB devices and install the new drivers. It will then be listed under Network devices as an RNDIS device. 

Once this is complete, I went to network adapters and found my RNDIS adapter. Right click properties - Tcpip 4 and manually assigned an IP, subnet mask and DNS:

IP: 10.0.0.1
255.0.0.0
DNS: 1.1.1.1 (google)

Once this has applied, I use putty to SSH into Pwnagotchi.

pi@10.0.0.2
Pass:raspberry

At this point I was connected SSH and also able to the webgui 10.0.0.2:8080.

Under plugins I enabled Bluetooth. I then began to edit the config file with

sudo nano /etc/pwnagotchi/config.toml

Here I changed my pwnagotchi name, configured the bluetooth by adding my phones bluetooth mac address, changed the webui password, opted in on grid. Grid is a Pwnagotchi API that collects stats on your device and shares then with others, keeping track of your pwnagotchi stats.

With my Pi Zero, I did have issues auto pairing for Bluetooth. To resolved this, I used

bluetoothctl
pair xx:xx:xx:xx:xx
trust xx:xx:xx:xx:xx
exit
x marks your own mac address.

Once connected via Bluetooth, was now able to SSH into my Pwnagotchi using an Android app called Juice SSH.

I installed the Pisugar2 device drivers and pwnagotchi support plugin that basically includes the battery percentage on your pwnagotchi web and screen UI. What was cool was discovering the functions of Pisugar2.The webui for the device allows you to configure sequential button functions such as single click, double click, or long click and have it run a shell command. This is awesome for providing a proper way to shutdown, launch an service, etc.




In additional you can also schedule wakeup times which is awesome for turning on my Pwnagotchi at specific time automatically.

I was able to enable paw-gps and have my pwnagotchi map pwn'd access points through the GPS on my phone. You can view them in the webui pwnagotchiname:8080/plugins/webgpsmap. 
I ended up grabbing a U-blox 7 GPS module as I was more interested in making it standalone, rather than absolutely needing bt-teethering for geo positions.

U-blox has a piece of software called 'U-central' that I tested my unit it on prior to, but plugging it into my PI Zero I was able immediately see it with 

>lsusb



Knowing the device was detected, I used dmesg to try and be certain of its assignment:

dmesg | grep tty
I could see it was assigned ttyACM0 - so I added this to my config so it knew which device to use when a handshake is captured to mark it's coordinates.



I took my unit outside initially and gave it a few minutes to initialize and be located by GPS satellites. After a few minutes, the green LED began to flash I was receiving coordinates.
.





No comments:

Post a Comment

My Experience

  • __

  • March 2021 - Present

    Technical Consultant

    • Offering recommendations on Networking and Server requirments for prospecting customers
    • Providing technical support on installation and training
  • March 2020 - March 2021

    Currently open to opportunities!

  • 2016 - March 2020

    IT/HSE Coordinator

    • Providing effective troubleshooting solutions involving printers, desktops and mobile devices - maintaining connectivity, end user satisfaction and functionality
    • Composing various documentation providing training in I.T, HSE and standard operating procedures as to ISO 9001:2015 standardization
  • 2018 - 2019

    Network Administrator Diploma, triOS College

  • 2008 - Present (.part time)

    IT Support Specialist

    • Build and support specialized workstations and gaming pc’s, providing cost effective solutions based on customers expectations and requirements
    • Provide on-site, remote and similar managed services through Windows RDS, Quick Assist and TightVNC with secured tunneling
  • __

  • 2012 - 2016

    Technical Advisor

    • Research, design and prototype various engineered specifications utilizing additive manufacturing to iterate design concepts, potential flaws and plausibility
    • Troubleshoot PLC’s, maintaining and developing various process controls with pneumatic and hydraulic circuits
  • 2011 - 2012

    Demanufacturing Technician

    • Provide technical documentation on the identification, safety precautions and dismantling procedures of desktops, servers, monitors and televisions
    • Identify and categorize desktops, server and networking equipment for potential resale
  • 2006-2011

    IT Support Specialist

    • Compiled prospects of our search engine optimization to restore and maintain online presence resulting in streamlined control and analysis of our ranking,
    • Install horizontal runs providing clean and structuralized cable management
    • Perform scheduled backups creating archival storage of sensitive data