Introduction and Prerequisites:
This manual refers to full version of Raspbian Stretch 07.09.2017 that can be downloaded from the following link: https://www.raspberrypi.org/downloads/raspbian/, installed from Windows.
Tools required for the installation are:
HPUSBDisk: (HP utility for USB drive formatting): Download Link
win32diskimager: utility to write Raspbian image to the SD card: Download Link
Hardware required:
Raspberry Pi Zero W (with built in Wi-Fi adapter)
SDCard reader
General note on task completion notification:
While running time consuming tasks in terminal via putty I was looking for a way to get notified upon task completion.
The solution is to configure putty to a Beep using the PC speaker:
And using echo -e “\a” at the end of a command.
Example:
tar xvzf file ; echo -e “\a”
Initial installation:
Format SD card with HPUSBDisk tool running it as administrator (quickformat,fat32)
Download Raspbian with desktop (not lite) from: https://www.raspberrypi.org/downloads/raspbian/
Extract the img file from downloaded archive 2017-09-07-raspbian-stretch.zip
Write it to the SD card using win32diskimager.
Open boot partition in windows file explorer.
Create empty ssh file with no extension to enable ssh server
Add Ethernet gadget module in cmdline.txt after rootwait:
modules-load=dwc2,g_ether
Add at the end of config.txt
dtoverlay=dwc2
First boot
Eject SD from the PC, put it into raspberry and boot.
If connecting Raspberry in gadget mode to the PC with USB, use micro USB port between HDMI and power micro USB port (Raspberry will appear in windows device manager as “USB Ethernet/RNDIS Gadget” under Network adapters.
Troubleshooting:
If windows doesn’t recognize RNDIS driver, update it in Device Manager choosing from compatible devices: Update, Browse. Let me pick, USB Ethernet/RNDIS driver.
If needed, Internet connection can be shared to Raspberry over USB in Windows
If mouse is connected to the Raspberry enable VNC server in Main Menu > Preferences > Raspberry PI Configuration > Interfaces tab
Resolution can be changed in Main Menu > Preferences > Raspberry PI Configuration > Set Resolution button
ssh to raspberrypi.local with pi and raspberry (user/pwd)
Change default password with:
passwd
You will need to enter old password first, which is raspberry, and then a new password twice.
Now lets make sure Internet is accessible from the raspberry:
ping 8.8.8.8
If output is as following:
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=47 time=92.2 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=47 time=96.4 ms
Press Control-C to stop and update the software using following command:
apt-get update && sudo apt-get upgrade -y && apt-get clean
/usr/bin/du –total –summarize –human-readable –one-file-system
Manual network setup to connect over USB with Windows PC:
If you are getting:
Destination Host Unreachable
Do as following:
ifconfig |grep usb0 -a1|grep inet|awk ‘{ print $2 }’
If output starts with:
192.168.137.
Then disable windows Internet sharing and enable it again
Go back to step
ping 8.8.8.8
Otherwise try refreshing the IP address on Raspberry:
sudo dhclient -v -r usb0
sudo dhclient -v usb0
Go back to
ifconfig |grep usb0 -a1|grep inet|awk ‘{ print $2 }’
If the address is still not starting with 192.168.137. set static IP on Raspberry:
sudo ifconfig usb0 192.168.137.2
sudo route add default gw 192.168.137.1
Remove and add back sharing on Wi-Fi adapter on the windows machine for windows to update routes.
Hints:
To test Internet speed run:
curl -s https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py | python
Useful commands (turn Wi-Fi down and route all via USB):
sudo ifconfig wlan0 down
sudo /sbin/dhclient -v usb0
sudo ip route add <GATEWAY> dev usb0
ping 8.8.8.8
Connecting with VNC
ENABLING VNC SERVER AT THE COMMAND LINE
You can enable VNC Server at the command line using raspi-config:
sudo raspi-config
Now, enable VNC Server by doing the following:
- Navigate to Interfacing Options.
- Scroll down and select VNC > Yes.
Connect using RealVNC Viewer (client): Download Link
Use raspberrypi.local as and address in the client.
Username pi, password is empty (no password).
Useful programs
sudo apt-get install -y genisoimage cellwriter matchbox-keyboard shellinabox transmission transmission-daemon davfs2 wicd-curses wicd wicd-gtk wavemon htop samba samba-common-bin proftpd omxplayer aircrack-ng tcpdump mc discover
Press YES on accept unauthorized user to access DAV shares.
Short description:
cellwriter and matchbox-keyboard: on screen keyboards, useful with touch screen, or when only have mouse connected
shellinabox: client-less terminal accessed from web browser
transmission and transmission-daemon: torrent client with web interface
davfs2: allows mapping cloud accounts as local folders
wicd-curses: menue interface for Wi-Fi connection from terminal
wavemon: terminal interface for Wi-Fi monitoring
htop: task manager
samba: making predifined Raspberry Pi folder accessible via network (network share)
proftpd: FTP server
omxplayer: optimized for Raspberry Pi video player
aircrack-ng and tcpdump: useful network tools
mc: midnight commander, powerful file manager
discover: shows all recognized devices (like lsusb)
Shellinabox
Shellinabox is terminal that runs in a web browser. No client needs to be installed on PC to access Raspbery Pi
To run automatically on each boot:
sudo crontab -e
Press Enter to select nano.
Add at the end
@reboot sleep 5 && /usr/bin/shellinaboxd –disable-ssl –port 8888
Exit with Control+x , then Y , Enter and Enter:
no crontab for root – using an empty one
Select an editor. To change later, run ‘select-editor’.
1. /bin/ed
2. /bin/nano <—- easiest
3. /usr/bin/mcedit
4. /usr/bin/vim.tinyChoose 1-4 [2]:
crontab: installing new crontab
To access in local network or over USB, use following link:
Alternatively use Raspberry IP instead of raspberrypi.local
Webmin
Webmin is web based administration framework.
Install prerequisites:
sudo apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python -y
Download and install webmin package:
wget http://prdownloads.sourceforge.net/webadmin/webmin_1.860_all.deb
sudo dpkg -i webmin_1.860_all.deb
If you don’t need the installation package it can be deleted:
rm webmin_1.860_all.deb
Access from PC on:
To verify webmin is running:
systemctl status webmin |grep Active| awk ‘{print $2,$3}’
output should be:
active (running)
Troubleshooting:
If you getting This site is not secure page press Details and then Go on to the webpage (Not recommended), or Continue Anyway, depends on your web browser
KWEB installation
KWEB is fast web browser optimized for Raspberry Pi.
It comes together with omxplayer GUI
To install:
wget http://steinerdatenbank.de/software/kweb-1.7.9.8.tar.gz
tar -xzf kweb-1.7.9.8.tar.gz
cd kweb-1.7.9.8
./debinstall
Wi_Fi terminal commands
Scan available Wi-Fi networks with:
sudo iwlist wlan0 scan | grep SSID
Connect to required network:
sudo su
wpa_passphrase SSID password >> /etc/wpa_supplicant/wpa_supplicant.conf
nano /etc/wpa_supplicant/wpa_supplicant.conf
Remove line starting with #psk=
Alternatively, copy manually output of:
sudo wpa_passphrase “SSID” “password”
network={
ssid=”SSID”
#psk=”password”
psk=2f6a0beddf2f0588ee426b0c3a0e3d9a523bb07a05cb857f85d826da80fa75c4
}
into:
/etc/wpa_supplicant/wpa_supplicant.conf
To edit wpa_supplicant.conf
sudo nano /etc/wpa_supplicant/wpa_supplicant.conf
Hint: To connect to Wi-Fi automatically upon boot:
sudo crontab -e
Add at the end:
@reboot sleep 5 && /sbin/wpa_supplicant -B -iwlan0 -c /etc/wpa_supplicant/wpa_supplicant.conf -d
Optional: DHCP and rout rule for wifi before switching from usb0 to wlan0
@reboot sleep 5 && /sbin/dhclient -v -r wlan0
@reboot sleep 5 $$ /sbin/route add default gw 10.100.102.1
To route all traffic via specific interface:
sudo ip route add 10.100.102.1 dev wlan0
To connect two wifi adapters create two wpa_supplicant.conf files:
sudo cp /etc/wpa_supplicant/wpa_supplicant.conf /etc/wpa_supplicant/wpa_supplicant_wlan0.conf
cp /etc/wpa_supplicant/wpa_supplicant.conf /etc/wpa_supplicant/wpa_supplicant_wlan1
.conf
Add both in crontab:
@reboot sleep 5 && /sbin/wpa_supplicant -B -iwlan0 -c /etc/wpa_supplicant/wpa_supplicant_wlan0.conf -d
@reboot sleep 5 && /sbin/wpa_supplicant -B -iwlan1 -c /etc/wpa_supplicant/wpa_supplicant_wlan1.conf -d
To connect to wifi network manually:
sudo wpa_supplicant -c /etc/wpa_supplicant/wpa_supplicant.con f -i wlan0
samba (SMB) server
Allowing network share to predefined directory.
sudo apt-get install samba samba-common-bin
sudo mkdir -m 1777 /home/pi/sharecp /etc/samba/smb.conf /etc/samba/smb.conf_backup
sudo sugrep -v -E “^#|^;” /etc/samba/smb.conf_backup | grep . > /etc/samba/smb.conf
nano /etc/samba/smb.conf
Add at the end of the file:
[homes]
comment = Home Directories
browseable = no
read only = no
create mask = 0700
directory mask = 0700
valid users = %S
Optional for sharing custom directory, or USB drive add in the end of the same file
path=/media/pi/
Set password and reboot the SMB service (user remains pi)
sudo smbpasswd -a pi
sudo systemctl restart smbd
net rpc share list -U pi
To connect from Windows computer:
net use * “\\raspberrypi.local\pi\share” /persistent:no /user:pi *
Hint:
To get access to your Raspberry home directory use following path:
net use * “\\raspberrypi.local\pi” /persistent:no /user:pi *
Alternatively get replace raspberrypi.local with IP (can be found with ping raspberrypi.local)
Do not map with net use from elevated command prompt (do not run as administrator), otherwise it will not be accessible in file explorer
To disconnect:
net use z: /delete
To troubleshoot view log (type q to exit):
less /var/log/samba/log.smbd
DAV mount with yandex.disk and box.com examples
sudo dpkg-reconfigure davfs2
Select Yes when prompted
sudo mkdir -m 1777 /home/pi/share/yandex.disk
sudo mount -t davfs https://webdav.yandex.ru /home/pi/share/yandex.disk/
Enter your username and password when prompted.
Check that resource is mapped by getting free space on resource:
df -h /home/pi/share/yandex.disk/
Output should be as following:
Filesystem Size Used Avail Use% Mounted on
https://webdav.yandex.ru 42G 34G 8.1G 81% /home/pi/share/yandex.disk
Same action with box.com
sudo mkdir -m 1777 /home/pi/share/box.com
sudo mount -t davfs https://dav.box.com/dav /home/pi/share/box.com/
Enter your username (email) and password when prompted.
df -h /home/pi/share/box.com/
OPTIONAL
sudo chown -R pi:pi /home/pi/share/yandex.disk
sudo chown -R pi:pi /home/pi/share/box.com
Add pi user to davfs2 group
sudo adduser pi davfs2
sudo gpasswd -a pi davfs2
sudo nano /etc/davfs2/davfs2.conf
Add at the end of the file
use_locks 0
Automating DAV mounting process:
sudo nano /etc/davfs2/secrets
Add at the end of file replacing username and password with your credentials:
https://dav.box.com/dav username(email) password
https://webdav.yandex.ru username password
systemd automount:
DAV resourcces will mount automatically upon request and disconnect after idling 60 seconds
cat << EOF | sudo tee /etc/systemd/system/home-pi-share-yandex.disk.mount
[[Unit]
Description=Mount yandex.disk WebDAV
After=network-online.target
Wants=network-online.target[Mount]
What=https://webdav.yandex.ru/
Where=/home/pi/share/yandex.disk/
Options=noauto,user,uid=pi,gid=pi
Type=davfs
TimeoutSec=60
[Install]
WantedBy=remote-fs.target
EOF
Same for Box.com
cat << EOF | sudo tee /etc/systemd/system/home-pi-share-box.com.mount
[Unit]
Description=Mount box.com WebDAV
After=network-online.target
Wants=network-online.target[Mount]
What=https://dav.box.com/dav/
Where=/home/pi/share/box.com/
Options=noauto,user,uid=pi,gid=pi
Type=davfs
TimeoutSec=60[Install]
WantedBy=remote-fs.target
EOF
cat << EOF | sudo tee /etc/systemd/system/home-pi-share-yandex.disk.automount
[Unit]
Description=Mount yandex.disk WebDAV automount
After=network-online.target
Wants=network-online.target[Automount]
Where=/home/pi/share/yandex.disk/
TimeoutIdleSec=300[Install]
WantedBy=remote-fs.target
EOF
cat << EOF | sudo tee /etc/systemd/system/home-pi-share-box.com.automount
[Unit]
Description=Mount box.com WebDAV automount
After=network-online.target
Wants=network-online.target[Automount]
Where=/home/pi/share/box.com/
TimeoutIdleSec=300[Install]
WantedBy=remote-fs.target
EOF
Lets restart daemon
sudo systemctl daemon-reload
Now automount can be started:
sudo systemctl enable home-pi-share-yandex.disk.automount
sudo systemctl start home-pi-share-yandex.disk.automount
sudo systemctl enable home-pi-share-box.com.automount
sudo systemctl start home-pi-share-box.com.automount
Other useful options for managing DAV mount daemon:
sudo systemctl
sudo systemctl stop home-pi-share-box.com.automount
sudo systemctl status home-pi-share-box.com.automount
Transmission daemon (torrent client)
run transmission (not transmission-daemon) and configure web interface
VNC > Main menu > Internet > Transmission > Agree > Edit > Preferences > Remote > Allow Remote Access > Use Authentication
Set your desired username and password for Web access.
Uncheck Only allow these IP addresses
Close Preferences menu and Transmission
sudo nano ~/.config/transmission/settings.json
Find and change following lines:
“rpc-whitelist”: “*.*.*.*”,
“rpc-whitelist-enabled”: true,
transmission-daemon configuration for automated start without graphical interface
transmission-daemon
sudo killall transmission-daemon
cp ~/.config/transmission/settings.json ~/.config/transmission-daemon/settings.json
OPTIONAL:
sudo chmod 777 /home/pi/.config/transmission-daemon/settings.json
Check whitelist parameters are still correct
cat ~/.config/transmission-daemon/settings.json|grep whitelist
Output:
“rpc-whitelist”: “*.*.*.*”,
“rpc-whitelist-enabled”: true,
If not, change as following:
sudo nano ~/.config/transmission-daemon/settings.json
“rpc-whitelist”: “*.*.*.*”,
“rpc-whitelist-enabled”: true,
Run transmission daemon manually:
transmission-daemon
To start transmission-daemon on boot:
sudo crontab -e
Add at the end
@reboot sleep 5 && transmission-daemon
To access press on the link below:
http://raspberrypi.local:9091/
P4wnP1 package for security checks
sudo apt-get -y install git
cd /home/pi
git clone –recursive https://github.com/mame82/P4wnP1
cd P4wnP1
./install.sh
Nextcloud (web based file server)
sudo curl -sSL https://raw.githubusercontent.com/nextcloud/nextcloudpi/master/install.sh | bash
Update re4son kernel (kali drivers) – WARNING – Disables built in Wi-Fi
Make sure /boot is mounted:
mount |grep boot
Output:
/dev/mmcblk0p1 on /boot type vfat (rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,errors=remount-ro)
Troubleshooting:
To mount boot manually:
sudo bash mount /dev/mmcblk0p1 /boot
Download re4son kernel
cd /usr/local/src
sudo wget -O re4son-kernel_current.tar.xz https://whitedome.com.au/re4son/downloads/11299/
sudo tar -xJf re4son-kernel_current.tar.xz
cd re4son-kernel_4*
sudo ./install.sh
Press “Y” when prompted to install Bluetooth and Wi-Fi drivers , to enable Bluetooth services and to reboot at the end of the process
Nexmon drivers (supporting monitoring mode)
Taken from: https://github.com/seemoo-lab/nexmon
Make sure the following commands are executed as root:
sudo su
Upgrade your Raspbian installation:
apt-get update && apt-get upgrade
Install the kernel headers to build the driver and some dependencies:
sudo apt install raspberrypi-kernel-headers git libgmp3-dev gawk qpdf bison flex make
Clone our repository:
git clone https://github.com/seemoo-lab/nexmon.git
Go into the root directory of our repository:
cd nexmon
Check if /usr/lib/arm-linux-gnueabihf/libisl.so.10 exists,
ls /usr/lib/arm-linux-gnueabihf/libisl.so.*
if there is no libisl.so.10 in the list, compile it from source:
cd buildtools/isl-0.10
./configure
make
make install
ln -s /usr/local/lib/libisl.so /usr/lib/arm-linux-gnueabihf/libisl.so.10
Then you can setup the build environment for compiling firmware patches
Setup the build environment:
cd /home/pi/nexmon/
source setup_env.sh
Compile some build tools and extract the ucode and flashpatches from the original firmware files:
make
Go to the patches folder for the bcm43430a1 chipset:
cd patches/bcm43430a1/7_45_41_46/nexmon/
Compile a patched firmware:
make
Generate a backup of your original firmware file stored as /lib/firmware/brcm/brcmfmac43430-sdio.bin.orig
make backup-firmware
mkdir /lib/modules/4.9.41-Re4son+/build
Install the patched firmware on your RPI0W:
make install-firmware
Install nexutil: from the root directory of our repository switch to the nexutil folder:
cd utilities/nexutil/
Compile and install nexutil:
make && make install
Optional: remove wpa_supplicant for better control over the WiFi interface:
apt-get remove wpasupplicant
Note: To connect to regular access points you have to execute
nexutil -m0 first
Using the Monitor Mode patch
Thanks to the prior work of Mame82, you can setup a new monitor mode interface by executing
iw phy phy1 interface add mon0 type monitor
phy1 is chosen according to the wiphy index after executing
iw dev wlan0 info
To activate monitor mode in the firmware, simply set the interface up:
ifconfig mon0 up
At this point, monitor mode is active. There is no need to call airmon-ng.
The interface already set the Radiotap header, therefore, tools like tcpdump or airodump-ng can be used out of the box:
tcpdump -i mon0
Optional: To make the RPI3 load the modified driver after reboot:
Find the path of the default driver at reboot:
modinfo brcmfmac #the first line should be the full path
Backup the original driver:
mv “<PATH TO THE DRIVER>/brcmfmac.ko” “<PATH TO THE DRIVER>/brcmfmac.ko.orig”
Copy the modified driver:
cp /home/pi/nexmon/patches/bcm43430a1/7_45_41_46/nexmon/brcmfmac_kernel49/brcmfmac.ko “<PATH TO THE DRIVER>/”
Probe all modules and generate new dependency:
depmod -a
The new driver should be loaded by default after reboot: reboot * Note: It is possible to connect to an access point or run your own access point in parallel to the monitor mode interface on the wlan0 interface.
Optional Nexmon Drivers
The nexmon drivers enable monitor mode and frame injection for the build in wifi chips of the Pi3 and Pi0W. The re4son kernel includes the compiled nexmon drivers and firmware with -m6 and -m7 support. To install, reboot after installing a new kernel and run:
cd /usr/local/src/re4son-kernel_4*
sudo ./install.sh -x
If you have any problems with the drivers and wish to rollback to to original ones, just run:
cd /usr/local/src/re4son-kernel_4*
sudo ./install.sh -o
Head over to the nexmon project for details: https://github.com/seemoo-lab/nexmon