initial version

Author: tomaszklim

.gitignore

@@ -0,0 +1,3 @@
+config/*.txt
+iso/*.iso
+iso/*.img

.nobackup

@@ -0,0 +1,22 @@
+The MIT License (MIT)
+
+Copyright (c) 2020-2022 Tomasz Klim
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+

LICENSE

@@ -0,0 +1,15 @@
+# Overview
+
+This repository provides some scripts useful for deploying a large number of Drive Badger / Mobile Badger devices, having a similar configuration.
+
+It may be useful, when preparing an attack on bigger company:
+
+https://drivebadger.com/planning-the-big-attack.html
+
+
+Note that these scripts don't arm the devices. It needs to be done manually, after first boot. It allows you to customize each device separately,
+eg. load encryption keys assigned to particular device and its operator.
+
+https://drivebadger.com/installing.html#arming-the-device
+
+https://drivebadger.com/configuring-encryption-keys.html

README.md

@@ -0,0 +1,4 @@
+ata-PNY_ELITE_PSSD_D9F12345678901234567
+ata-PNY_ELITE_PSSD_DC4ABCDEF1234567890A
+ata-SanDisk_SD9SN8W2T00_19359H123456
+usb-WD_My_Passport_264F_32303333312D345678901234-0:0

config/drivebadger-devices.txt

@@ -0,0 +1 @@
+ata-Samsung_SSD_870_EVO_1TB_S61234567890ABC

config/local-drives.txt

@@ -0,0 +1 @@
+put-your-main-password-here-it-will-be-used-for-all-devices-in-key-slot-0

config/master-luks-password.txt

@@ -0,0 +1,63 @@
+#!/bin/sh
+
+PASSFILE=/opt/deployment-scripts/config/master-luks-password.txt
+DEVLIST=/opt/deployment-scripts/config/drivebadger-devices.txt
+LOCAL=/opt/deployment-scripts/config/local-drives.txt
+
+DISK=$1  # eg. ata-SanDisk_SD9SN8W2T00_19359H123456
+ARCH=$2  # eg. amd64
+IMAGE=/opt/deployment-scripts/iso/kali-linux-2021.4a-live-$ARCH.iso
+
+if [ "$2" = "" ]; then
+	echo "USAGE: $0 <disk> <architecture> [--plain]"
+	exit 1
+elif [ ! -f $IMAGE ]; then
+	echo "ERROR: $IMAGE not found (you need to download image for chosen architecture: $2)"
+	exit 1
+elif [ ! -e /dev/disk/by-id/$DISK ]; then
+	echo "ERROR: $DISK not found"
+	exit 1
+elif grep -qxF $DISK $DEVLIST; then
+	echo "ERROR: disk $DISK already configured"
+	exit 1
+elif grep -qxF $DISK $LOCAL; then
+	echo "ERROR: disk $DISK is a local drive"
+	exit 1
+fi
+
+DEVICE=`readlink -f /dev/disk/by-id/$DISK |cut -d'/' -f3`
+
+if grep -q "$DEVICE " /proc/mounts; then
+	echo "ERROR: disk $DISK is mounted (as device $DEVICE)"
+	exit 1
+fi
+
+echo "copying image $IMAGE"
+echo "to device /dev/$DEVICE"
+dd if=$IMAGE of=/dev/$DEVICE status=progress
+
+echo "adding new partition"
+parted /dev/$DEVICE --script -- mkpart primary 10GB 100%
+mkdir -p /mnt/drivebadger_setup
+
+if [ "$3" = "--plain" ]; then
+	mkfs.ext4 -m 0 -L persistence /dev/${DEVICE}3
+	mount /dev/${DEVICE}3 /mnt/drivebadger_setup
+else
+	echo "configuring LUKS encryption"
+	cat $PASSFILE |cryptsetup --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 5000 luksFormat /dev/${DEVICE}3
+	cat $PASSFILE |cryptsetup luksOpen /dev/${DEVICE}3 drivebadger_setup
+	mkfs.ext4 -m 0 -L persistence /dev/mapper/drivebadger_setup
+	mount /dev/mapper/drivebadger_setup /mnt/drivebadger_setup
+fi
+
+echo "setting up persistent filesystem contents"
+/opt/deployment-scripts/drivebadger/install.sh /mnt/drivebadger_setup
+umount /mnt/drivebadger_setup
+
+if [ "$3" != "--plain" ]; then
+	cryptsetup luksClose drivebadger_setup
+fi
+
+echo "adding $DISK to device list $DEVLIST"
+echo $DISK >>$DEVLIST

drivebadger/configure-new-device.sh

@@ -0,0 +1,5 @@
+#!/bin/sh
+
+DISK=$1  # ata-SanDisk_SD9SN8W2T00_19359H123456
+
+echo $DISK |cut -d'-' -f2- |cut -d'_' -f1 |tr '[:upper:]' '[:lower:]'

drivebadger/get-label.sh

@@ -0,0 +1,39 @@
+#!/bin/sh
+
+BASE=$1
+
+if [ "$BASE" = "" ] || [ ! -d $BASE ]; then
+	echo "usage: $0 <directory>"
+	exit 0
+fi
+
+echo "/ union" >$BASE/persistence.conf
+touch $BASE/.nobackup
+mkdir -p $BASE/.files/.data $BASE/rw/opt
+
+git clone https://github.com/pisecurity/mc-black           $BASE/rw/opt/mc-black
+git clone https://github.com/drivebadger/drivebadger       $BASE/rw/opt/drivebadger
+git clone https://github.com/drivebadger/hook-wcxftp       $BASE/rw/opt/drivebadger/hooks/hook-wcxftp
+git clone https://github.com/drivebadger/hook-fstab        $BASE/rw/opt/drivebadger/hooks/hook-fstab
+git clone https://github.com/drivebadger/exclude-windows   $BASE/rw/opt/drivebadger/config/exclude-windows
+git clone https://github.com/drivebadger/exclude-macos     $BASE/rw/opt/drivebadger/config/exclude-macos
+git clone https://github.com/drivebadger/exclude-linux     $BASE/rw/opt/drivebadger/config/exclude-linux
+git clone https://github.com/drivebadger/exclude-antivirus $BASE/rw/opt/drivebadger/config/exclude-antivirus
+git clone https://github.com/drivebadger/exclude-software  $BASE/rw/opt/drivebadger/config/exclude-software
+git clone https://github.com/drivebadger/exclude-devel     $BASE/rw/opt/drivebadger/config/exclude-devel
+git clone https://github.com/drivebadger/exclude-user      $BASE/rw/opt/drivebadger/config/exclude-user
+git clone https://github.com/drivebadger/exclude-erp       $BASE/rw/opt/drivebadger/config/exclude-erp
+git clone https://github.com/drivebadger/compat            $BASE/rw/opt/drivebadger/external/compat
+git clone https://github.com/drivebadger/ext-veracrypt     $BASE/rw/opt/drivebadger/external/ext-veracrypt
+
+
+# Here you should add your own repositories:
+# - lists of drive encryption keys; example: https://github.com/drivebadger/keys-bitlocker-demo
+# - any custom hooks, injectors and other functional extensions (if you have any)
+#
+# See https://drivebadger.com/installing.html for more details.
+
+
+# This command should be executed after first start of Kali Linux Live:
+#
+# cd /opt/drivebadger/setup/2020.3 && ./install.sh

drivebadger/install.sh

@@ -0,0 +1,9 @@
+#!/bin/sh
+
+DEVLIST=/opt/deployment-scripts/config/drivebadger-devices.txt
+
+for D in `cat $DEVLIST`; do
+	if [ -e /dev/disk/by-id/$D ]; then
+		echo $D
+	fi
+done

drivebadger/list-connected-devices.sh

@@ -0,0 +1,9 @@
+#!/bin/sh
+
+DEVLIST=/opt/deployment-scripts/config/drivebadger-devices.txt
+
+for D in `cat $DEVLIST`; do
+	if [ ! -e /dev/disk/by-id/$D ]; then
+		echo $D
+	fi
+done

drivebadger/list-disconnected-devices.sh

@@ -0,0 +1,11 @@
+#!/bin/sh
+
+ls /dev/disk/by-id/ata-* /dev/disk/by-id/usb-* 2>/dev/null \
+	|grep -v -- -part \
+	|grep -v VBOX \
+	|grep -v QEMU \
+	|grep -v VMware \
+	|grep -v CF_CARD \
+	|cut -d'/' -f 5 \
+	|grep -vixFf /opt/deployment-scripts/config/drivebadger-devices.txt \
+	|grep -vixFf /opt/deployment-scripts/config/local-drives.txt

drivebadger/list-unregistered-devices.sh

@@ -0,0 +1,6 @@
+#!/bin/sh
+
+for D in `/opt/deployment-scripts/drivebadger/list-connected-devices.sh`; do
+	echo "### attempting to mount $D"
+	/opt/deployment-scripts/drivebadger/mount.sh $D 3
+done

drivebadger/mount-all-connected-devices.sh

@@ -0,0 +1,30 @@
+#!/bin/sh
+
+PASSFILE=/opt/deployment-scripts/config/master-luks-password.txt
+
+DISK=$1  # ata-SanDisk_SD9SN8W2T00_19359H123456
+PART=$2  # 3
+
+LABEL=`/opt/deployment-scripts/drivebadger/get-label.sh $DISK`
+PARTITION=`readlink -f /dev/disk/by-id/$DISK-part$PART |cut -d'/' -f3`
+
+mountpoint=/mnt/${LABEL}_${PARTITION}
+mkdir -p $mountpoint
+
+if grep -q " $mountpoint " /proc/mounts; then
+	echo "$mountpoint already mounted"
+	exit 0
+fi
+
+
+if [ "`blkid /dev/$PARTITION |grep crypto_LUKS`" = "" ]; then
+	mount /dev/$PARTITION $mountpoint
+else
+	cat $PASSFILE |cryptsetup -q luksOpen /dev/$PARTITION luks_$PARTITION
+	if [ -e /dev/mapper/luks_$PARTITION ]; then
+		mount /dev/mapper/luks_$PARTITION $mountpoint
+		echo "mounted in $mountpoint"
+	else
+		exit 1
+	fi
+fi

drivebadger/mount.sh

@@ -0,0 +1,20 @@
+#!/bin/sh
+
+DISK=$1  # ata-SanDisk_SD9SN8W2T00_19359H123456
+PART=$2  # 3
+
+LABEL=`/opt/deployment-scripts/drivebadger/get-label.sh $DISK`
+PARTITION=`readlink -f /dev/disk/by-id/$DISK-part$PART |cut -d'/' -f3`
+
+mountpoint=/mnt/${LABEL}_${PARTITION}
+
+if ! grep -q " $mountpoint " /proc/mounts; then
+	echo "$mountpoint not mounted"
+	exit 0
+fi
+
+umount $mountpoint
+
+if [ -e /dev/mapper/luks_$PARTITION ]; then
+	cryptsetup luksClose luks_$PARTITION
+fi

drivebadger/umount.sh

@@ -0,0 +1,5 @@
+#!/bin/sh
+
+wget https://cdimage.kali.org/kali-2021.4a/kali-linux-2021.4a-live-amd64.iso
+wget https://cdimage.kali.org/kali-2021.4a/kali-linux-2021.4a-live-i386.iso
+wget https://cdimage.kali.org/kali-2021.4a/kali-linux-2021.4a-live-arm64.iso

iso/kali.sh

@@ -0,0 +1,13 @@
+#!/bin/sh
+
+# well tested version
+FILE=2021-05-07-raspios-buster-armhf-lite.zip
+wget https://downloads.raspberrypi.org/raspios_lite_armhf/images/raspios_lite_armhf-2021-05-28/$FILE
+unzip -b $FILE
+rm -f $FILE
+
+# latest available version
+FILE=2021-10-30-raspios-bullseye-armhf-lite.zip
+wget https://downloads.raspberrypi.org/raspios_lite_armhf/images/raspios_lite_armhf-2021-11-08/$FILE
+unzip -b $FILE
+rm -f $FILE