evilsocket / pwnagotchi

(⌐■_■) - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.
https://pwnagotchi.ai/
Other
7.81k stars 1.16k forks source link

Image won’t boot on Raspberry Pi Zero 2 W #1046

Open AlexWhitehouse opened 3 years ago

AlexWhitehouse commented 3 years ago

Expected Behaviour

Expected to boot on Pi Zero 2 W. Fails to boot.

Current Behaviour

Fails to boot

Possible Solution

Recompile kernel for RPiZ2W

Steps to Reproduce (for bugs)

  1. Flash image to SD
  2. Load SD into RPiZ2W
  3. Try to boot

Your Environment

akhepcat commented 3 years ago

Funny - i just swapped mine over with no issues at all:

root@pwnagotchu:~# dmesg|more [ 0.000000] Booting Linux on physical CPU 0x0 [ 0.000000] Linux version 5.4.83-Re4son-v7+ (root@kali) (gcc version 10.2.1 20210110 (Debian 10.2.1-6)) #1 SMP Sat May 15 03:22:58 UTC 2021 [ 0.000000] CPU: ARMv7 Processor [410fd034] revision 4 (ARMv7), cr=10c5383d [ 0.000000] CPU: div instructions available: patching division code [ 0.000000] CPU: PIPT / VIPT nonaliasing data cache, VIPT aliasing instruction cache [ 0.000000] OF: fdt: Machine model: Raspberry Pi Zero 2 Rev 1.0

root@pwnagotchu:~# lscpu Architecture: armv7l Byte Order: Little Endian CPU(s): 4 On-line CPU(s) list: 0-3 Thread(s) per core: 1

root@pwnagotchu:~# cat /usr/local/src/pwnagotchi/pwnagotchi/_version.py version = '1.5.5'

AlexWhitehouse commented 3 years ago

I don't even get past the multicoloured square to boot to the kernel image. Neither do I get any status lights on the pi itself. I have loaded other images to check there is no problem with the pi and these have booted successfully.

akhepcat commented 3 years ago

FWIW - i'm running on a 64G SanDisk Ultra, Class 10 (A1) that had previously been running on a Pi0w-v1

You could try booting up on a V1, using the usb ethernet sharing and "internet sharing" then ssh into the pi and make sure there are no filesystem issues, and run an apt-get update / upgrade cycle to get everything up to date? (you may need to manually fix-up /etc/resolv.conf, and set your time/date.)

But I didn't do any of that prior to booting it on the V2 ... just swapped the card over, and it worked fine.

AlexWhitehouse commented 3 years ago

Very strange, I don't have a v1 to hand to test that unfortunately. Does the fact there are no status lights or anything output to HDMI suggest that the pi is not accepting the image on the SD card? It works fine with other builds just not the pwnagotchi image.

akhepcat commented 3 years ago

you could try re-imaging the sdcard. Or try booting it on any other pi hardware you might have, possibly excepting for the wifi and cdcether, it should otherwise start up (tested on a Pi4, even cdcether works)

AlexWhitehouse commented 3 years ago

I have re-imaged the sdcard, plugged into RPi Zero 2 and nothing. I then plug the same card into a Pi4 and I get activity lights and an IP address. I then plug the same card back into the zero 2 and get nothing again. I have also tried just raspbian light on the SD card in the zero 2 and this works fine.

Junohea commented 3 years ago

Seeing the same issue. The Zero 2 fails to boot with any of the following:

But it did boot with the latest raspbian

For reference, here's what we see while it boots from the Pi Zero W (non Zero2) root@pwnagotchi:~# dmesg|more [ 0.000000] Booting Linux on physical CPU 0x0 [ 0.000000] Linux version 5.4.83-Re4son+ (root@kali) (gcc version 10.2.1 20210110 (Debian 10.2.1-6)) #1 Sat May 15 12:50:45 UTC 2021 [ 0.000000] CPU: ARMv6-compatible processor [410fb767] revision 7 (ARMv7), cr=00c5387d [ 0.000000] CPU: PIPT / VIPT nonaliasing data cache, VIPT nonaliasing instruction cache [ 0.000000] OF: fdt: Machine model: Raspberry Pi Zero W Rev 1.1

isthisausername1 commented 3 years ago

I am having the same problem on my zero 2. I have also tried the steps @Junohea tried in his post above. The sd card works fine on my rpi 4 and everything else with it works to but the status lights don't even blink on the zero2.

akhepcat commented 3 years ago

One difference i see in your bootlog is the kernel version: Mine (booting) : 5.4.83-Re4son-v7+ Yours (failing) : 5.4.83-Re4son+

This would seem to indicate that you need to upgrade your kernel, or the image that you're using.

Boot it on a working device, get internet connectivity (via wired, or 2nd wifi) and run a distro upgrade to see if there's an upgraded kernel for you.

(apparently I may have done that, but I don't remember upgrading the system...)

isthisausername1 commented 3 years ago

I think it defiantly could have been that, unfortunately i didn't check the version before updating but now after doing

sudo apt update && sudo apt full-upgrade -y

it started working and now it boots and i can ssh into it and see the web ui. Hope that can help someone.

akhepcat commented 3 years ago

One issue with this is that there's apparently a change with numpy ( #1045 ), and now the ai crashes on load.

There's already a bug open on it, so you might want to go give it a thumbs-up

isthisausername1 commented 3 years ago

I did see that in the logs but didn't think to much of it. That's not the only problem I'm having, whenever I try to put it into auto mode it keeps saying "[INFO] waiting for bettercap API to be available". However when I put it in my pi4 it works in auto fine. The passwords are still the default and I haven't changed them which is the common thing between all the reports of this problem on Google so I'm not sure if that's a me broke something thing Or a pi zero 2w thing.


From: Leif @.> Sent: Saturday, November 6, 2021 9:37:51 AM To: evilsocket/pwnagotchi @.> Cc: Joshua Guthrie @.>; Manual @.> Subject: Re: [evilsocket/pwnagotchi] Image won’t boot on Raspberry Pi Zero 2 W (Issue #1046)

One issue with this is that there's apparently a change with numpy, and now the ai crashes on load.

There's already a bug open on it, so you might want to go give it a thumbs-up

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHubhttps://github.com/evilsocket/pwnagotchi/issues/1046#issuecomment-962261013, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AQQS7IWC3OQKZMCLTGRCG7LUKRTE7ANCNFSM5HGJZUXA. Triage notifications on the go with GitHub Mobile for iOShttps://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Androidhttps://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

Junohea commented 3 years ago

I think it defiantly could have been that, unfortunately i didn't check the version before updating but now after doing

sudo apt update && sudo apt full-upgrade -y

it started working and now it boots and i can ssh into it and see the web ui. Hope that can help someone.

Retried the setups from before but did the full-upgrade and it worked in all instances. 👍

isthisausername1 commented 3 years ago

Retried the setups from before but did the full-upgrade and it worked in all instances. 👍

Glad to here it got it going, have you had any other problems running it on the pi zero 2 w

I manually started the better cap api now im getting error 400: exit status 254 in the logs. Googleing this turned up nothing.

ianculpan commented 3 years ago

I think it defiantly could have been that, unfortunately i didn't check the version before updating but now after doing sudo apt update && sudo apt full-upgrade -y it started working and now it boots and i can ssh into it and see the web ui. Hope that can help someone.

Retried the setups from before but did the full-upgrade and it worked in all instances. 👍

To clear up a little this sorted my install but I had to boot the image using a PI 3. The image wouldnt boot on a PI4. Once booted and upgraded everything looks to be working fine (so far)

skontrolle commented 3 years ago

I've gotten the zero 2 to boot with the apt full-upgrade but haven't been able to get it to find any networks while running. The mon0 interface comes up and I can see networks with iwlist mon0 scan. It gets to 50 blind epochs and reboots in 6 minutes.

[CRITICAL] 50 epochs without visible access points -> rebooting ...

I notice this in the system log but doesn't seem to give many more clues.

brcmfmac mmc1:0001:1: Direct firmware load for brcm/brcmfmac43436-sdio.raspberrypi,model-zero-2.txt failed with error -2

The same image works on the original 0w.

The AI issue I worked around by apt install libavformat58 libavcodec58 but this replaced kalipi-bootloader with raspberrypi-bootlader.

akhepcat commented 3 years ago

@skontrolle you'll need to make sure you've got the most recent linux-firmware packages (libre and nonfree) installed.

Worst-case, you can grab the firmware files from any ubuntu machine running 21.04 or 21.10 right out of /lib/firmware/brcm/ and install them into the same place on the rPi

the "brcmfmac43436-sdio.raspberrypi,model-zero-2.txt" file warning can be ignored. it's a backup file for setting the firmware variables, but the less specific driver file will take care of it.

skontrolle commented 3 years ago

Thanks, for the warning explanation. The latest firmware appears to be in place and the checksums of the files match https://github.com/RPi-Distro/firmware-nonfree/tree/master/brcm firmware-brcm80211/oldstable,now 1:20190114-2+rpt4 all [installed] which was upgraded from rpt2. If I remove the brcmfmac43436-* files the wifi doesn't come up at all as expected.

Is there something in bettercap I can set to log or try?

skontrolle commented 3 years ago

I just retraced all of my steps with a clean 1.5.5 image to make sure I didn't have any issues with my backup config.

akhepcat commented 3 years ago

Okay, so @skontrolle - i'm not sure if you'll be able to revert back, but you can try to force re- install kalipi-bootloader and kalipi-kernel

i think that without the kalipi kernel (and modules) you won't get the correct driver for the mon interface, so won't be able to sniff correctly.

I was able to just install libavcodec58 libavformat58 without upgrading/installing the raspberrypi-bootloader/kernel by marking the two packages as "hold" - apt-mark hold kalipi-bootloader kalipi-kernel

it's a horrible workaround, but seems to have gotten mine up and running fully now ( also setting /etc/default/crda to the correct domain)

skontrolle commented 3 years ago

Thanks @akhepcat but still no joy on the wifi

The kalipi-kernel has persisted through the updates. I reverted the av..58s reinstalled the kalipi-bootlaoder held them but was unable to install the files. Looking a bit more I found the libraspberrypi0 is the reason the bootloader is tried to replace. Installing a slightly older one allowed me to get the av..58 files installed and to keep the bootloader. libraspberrypi0/oldstable 1:1.20211029-1~buster armhf [upgradable from: 5.4.83-20210516]

I also set the /etc/default/crda. When messing manually in bettercap, I was able to see it failing on channels outside my locality with wifi.recon on so this might be doing something.

For good measure, here's the wifi loading line from the kernel, is yours similar? brcmfmac: brcmf_c_preinit_dcmds: Firmware: BCM43430/2 wl0: Oct 9 2020 14:44:32 version 9.88.4.65 (test) (f149b32@shgit) (r679549) FWID 01-f40f3270

I'm not sure it's supported upstream in nexmon yet... https://github.com/seemoo-lab/nexmon/issues/500

isthisausername2 commented 3 years ago

This worked perfectly, everything is working now and it is working great. i lied, everything except the wifi parts work. i made a quick script for anyone wanting to use the new rpi and is lazy like me. If you see anything i could do better please let me know, this is my first ever script.

https://github.com/isthisausername2/pwnagotchi_rpi_zero_2_fix

andur82 commented 3 years ago

This worked perfectly, everything is working now and it is working great.

i made a quick script for anyone wanting to use the new rpi and is lazy like me. If you see anything i could do better please let me know, this is my first ever script.

https://github.com/isthisausername2/pwnagotchi_rpi_zero_2_fix

I'm sorry but... What exactly working great? I've follow all steps from the first comment, and tried everything... But my rpi 02w still not working. If I do "sudo iwlist mon0 scan" I receive all networks around me, but bettercap didn't found anything. It's me or nobody with the new zero have it working?

Btw I didn't update libav*58 because I didn't understand what to do after with kalipi-bootloader.

isthisausername2 commented 3 years ago

The steps written by @skontrolle got my Zero 2 w working*.

I recommend flashing your sd card with a fresh install of pwnagotchi, following those steps or using the script on a pi that does boot, then putting that fresh sd card in your zero 2 w and seeing if that fixes it. That's how i got mine working.

akhepcat commented 3 years ago

I cloned the repo from @isthisausername2 and made some changes to ward off some potential issues that I foresee. https://github.com/akhepcat/pwnagotchi_rpi_zero_2_fix

@andur82 - burn a new, fresh image of 1.5.5.
Boot onto a pi0w-v1 and either using a USB-ethernet or the usb-gadget interface for network connectivity, run the script as root. It'll take about an hour to download and upgrade. You can't use wifi to do the upgrade, currently.

you should also be able to use a pi3 or pi4 for the first booting and upgrades (again, you'll need to use usb-gadget or ethernet for network connectivity)

That said: it still won't work on the pi zero v2, because the only firmware available for the brcmfmac43436 chip doesn't support the full promiscuous capture in monitor mode, unlike the brcmfmac43430 of the -v1.

And as @skontrolle mentioned, until nexmon releases a working firmware, running this on the zero-v2 isn't going to get us anywhere. ( https://github.com/seemoo-lab/nexmon/issues/500 )

andur82 commented 3 years ago

@akhepcat many thanks for this explain. I've done all stuff by hand and not by script on a pi3. Didn't understand about the nexmon firmware and the zero-v2. Sorry.

Strange things: on the rpi3, after done all update with libav*58 (and installing raspberry bootloader instead of the original kali) the pwnagotchi do only one round with the first found aps, then completely die. No more scan. It's normal? Otherwise I'll back to older "original" 1.5.5 release.

skontrolle commented 3 years ago

@isthisausername2 interesting that you got it to work. What wifi firmware chipset /firmware do you get from sudo dmesg |grep brcm I just tried a few of the nexmon patched pi3 firmwares without any luck. @akhepcat nice summary!

In a sense, the original issue is solved in getting the 0w2 to boot, but the wifi issue is a different blocker for at least my boards.

isthisausername2 commented 3 years ago

@akhepcat Thanks for that, i see some things added that i had no idea how to and also some other things that would help.

@skontrolle I will try when i can. I remember seeing it catch a handshake but there are a few wifi networks around me so theres a chance it isn't actually working properly or they weren't in range. I took it on the bus with me today so i will see what or if its captured anything. Should we make a new issue with an updated title or should we just leave it here and wait for the other softwares to be updated to support this new device.

skontrolle commented 3 years ago

@isthisausername2 my initial hint that things weren't working was that the access points CH * APS 0 (0) always remained at 0. The monitor interface will come up even if it can't actually monitor.

isthisausername2 commented 3 years ago

I think mine might have been saying that as well but i cant remember exactly, i will be able to check in around 2 hours and i can report back.

isthisausername2 commented 3 years ago

i was wrong unfortunately, i didn't check to see if it was actually working and just assumed that because the webui was working and it said looking for handshakes it was working properly.

davenicoll commented 3 years ago

Once a firmware for the brcmfmac43436 that supports monitor mode is available, we'll be back in business. There's enough changes since the last image was built to warrant an updated image IMO, so I'll start work on a PR for that.

akhepcat commented 3 years ago

@akhepcat Thanks for that, i see some things added that i had no idea how to and also some other things that would help.

Sure - i'll send a PR for your script so you can import the changes as you like, @isthisausername2

isthisausername2 commented 3 years ago

Once a firmware for the brcmfmac43436 that supports monitor mode is available, we'll be back in business. There's enough changes since the last image was built to warrant an updated image IMO, so I'll start work on PR for that.

Sounds good, please do let me know if you need any help beta testing the new image once the firmware is updated, i would he happy to help.

Sure - i'll send a PR for your script so you can import the changes as you like, @isthisausername2 Thank you, i will merge it and give you credit on the docs as well.

evo11x commented 3 years ago

Same problem here with the Pi Z2 W, the image does not boot, the led is always off on the Pi and no display on the hdmi output. I have tried with Inky pHat and without with the same result.

akhepcat commented 3 years ago

Same problem here with the Pi Z2 W, the image does not boot, the led is always off on the Pi and no display on the hdmi output. I have tried with Inky pHat and without with the same result.

@evo11x the wifi drivers do not currently work with the PiZ2. Unless you're able to work on developing the appropriate nexmon wifi patches, following the script referenced above to allow you to boot on the Z2 won't get you very far.

matglas commented 2 years ago

Some progress was just made here on nexmon https://github.com/seemoo-lab/nexmon/issues/500#issuecomment-1013734312 hopefully an update image can be created soon to make this work again.

isthisausername2 commented 2 years ago

We are very close to having this working on rpi 0 w 2 https://github.com/seemoo-lab/nexmon/issues/500#issuecomment-1027755039

dougdalton commented 2 years ago

I have a [waveshare Raspberry Pi Zero 2 W 1GHz Quad-Core 64-bit Arm Cortex-A53 CPU, 512MB LPDDR2 SDRAM 2.4GHz 802.11 b/g/n Wireless LAN, WiFi Bluetooth 4.2 BLE]

I can boot : Release date: January 28th 2022 System: 32-bit Kernel version: 5.10 Debian version: 11 (bullseye)

but not the [v1.5.5] Image

I just get the rainbow screen, how can I resolve this?

akhepcat commented 2 years ago

I just get the rainbow screen, how can I resolve this?

Wait until the next build release comes out with complete support for Zero2w.

BirbEXE commented 2 years ago

New PR for nexmon is out

should it work ootb or will pwnagotchi need an update as well?

https://github.com/seemoo-lab/nexmon/issues/500#issuecomment-1046103826

moni11811 commented 2 years ago

should it work ootb or will pwnagotchi need an update as well?

seemoo-lab/nexmon#500 (comment)

I've currently tried it on pwnagotchi v1.5.5 with the script that patches the Pi2W (using Pi4) - not working... Wlan0 scans fine, mon0 seems to be scanning but no APs are showing up

edit 1: basically mon0 is down and cant bring it up - looks like the patch wasnt applied [epoch 20] duration=00:01:05 slept_for=00:01:00 blind=20 sad=0 bored=7 inactive=21 active=0 peers=0 tot_bond=0.00 avg_bond=0.00 hops=0 missed=0 deauths=0 assocs=0 handshakes=0

edit 2: after going back to fresh I went through all the configuration and got stuck on make in /nexmon/tree/master/patches/bcm43436b0/9_88_4_65 basically the folder is set to 5.10 while kalipi kernel is 5.4 changing the folder name doesnt work because it also needs some other files that don't exist.... looks like this needs more development until fully fixed & installing raspberry-kernel 5.10 bricks the pi in Rainbow screen

moni11811 commented 2 years ago

I finally got it working Confirmed pwnagotchi on RPI2W!!

20220220_012924

I'll try to pull up a guide tomorrow but this was really hacky as you can tell from my previous comment

DrSchottky commented 2 years ago

I made a pwnagotchi test image based on latest Raspberry Pi OS Lite Stable https://we.tl/t-4jfxRWGXq2 Untested but should work Still have this bug.

moni11811 commented 2 years ago

I made a pwnagotchi test image based on latest Raspberry Pi OS Lite Stable https://we.tl/t-4jfxRWGXq2 Untested but should work Still have this bug.

Thank you for all your work - yes, I noticed that pwnagotchi just gets stuck in AUTO still does everything except switch to AI fails on numpy (tried them all) spits out Expected 44 from C header, got 40 from PyObject

Tested .img works perfectly! AI starts in seconds :)

AlexWhitehouse commented 2 years ago

I've tested the image and can confirm it boots. Can anyone confirm whether their eInk (mine is WaveshareV2) display works on RPIw2?

moni11811 commented 2 years ago

I've tested the image and can confirm it boots. Can anyone confirm whether their eInk (mine is WaveshareV2) display works on RPIw2?

I've got the waveshare_v2 BW works fine (although it's already damaged because of how many times I've removed it)

moni11811 commented 2 years ago

Looks like with the newest update by DrSchottky makes pwnagotchi officially working on barebone RPi02W 👯

I've created a script working from DrSchottky's image: https://we.tl/t-4jfxRWGXq2 scriptRPi02W.sh.txt

BirbEXE commented 2 years ago

@evilsocket is there any chance of an official release that supports the zero 2 w?

DrSchottky commented 2 years ago

Unlike I did with test image the original image is based on kalipi kernel/drivers/fw, where my patches for 02w haven't been merged (yet). Once it's done making a new release is trivial, you just have to change a bunch of commands in builder scripts. AFAIK @evilsocket is taking a break so he probably won't update this anytime soon