Add files via upload

Author: ProjectZeroDays

src/delay.sh

@@ -0,0 +1,17 @@
+#!/bin/sh
+
+# give a chance to network configuration and DHCP, then continue
+# but don't rely on them, since it could stop the whole solution
+# (eg. on Wifi-only computers, where we don't know the password)
+sleep 15
+
+# additional time on Fit-PC2 and possibly other boards,
+# due to slower Wi-fi autoconfiguration on them
+if [ -d /sys/class/dmi/id ] && grep -q CompuLab /sys/class/dmi/id/board_vendor; then
+	sleep 10
+fi
+
+# additional time to allow smooth start of X environment
+if [ "`ps aux |grep Xorg |grep -v grep`" != "" ]; then
+	sleep 20
+fi

src/functions

@@ -0,0 +1,14 @@
+
+lock() {
+	local lock="/run/`basename $1`.lock"
+	exec 9>$lock
+	if ! flock -n 9; then exit 1; fi
+}
+
+show() {
+	if [ ! -d /opt/drivebadger/external/ext-mobile-drivers ]; then
+		logger -p user.info -t "badger-event[$$]" -- "$1 [$2]"
+	else
+		/opt/drivebadger/external/ext-mobile-drivers/event.sh "$1" "$2"
+	fi
+}

src/get-first-persistent-partition.sh

@@ -0,0 +1,25 @@
+#!/bin/sh
+
+# FIXME: this can work improperly, if:
+#  - user connects 2 Kali Linux Live USB drives
+#  - the first one is NVMe
+#  - the second is not NVMe
+#  - Kali Linux will be booted from the second one
+#  - first persistent partition after boot will be mounted from the first one
+#
+# sample output from get-persistent-partitions.sh:
+#
+#    /dev/mapper/sdb3
+#    /dev/mapper/sdc3
+#
+# and medium should be eg. "sdb" (this allows choosing the proper partition)
+# or empty (first persistent partition is most usually the correct one)
+#
+medium=`mount |grep live/medium |grep iso9660 |grep ^/dev/sd |cut -d' ' -f1 |sed -e 's/\/dev\///g' -e 's/[0-9]//g'`
+
+
+if [ "$medium" != "" ]; then
+	/opt/drivebadger/internal/kali/get-persistent-partitions.sh |grep "$medium"
+else
+	/opt/drivebadger/internal/kali/get-persistent-partitions.sh |head -n 1
+fi

src/get-keys-directory.sh

@@ -0,0 +1,24 @@
+#!/bin/sh
+
+# In Drive Badger mode, keys_directory is created if not exists. This is ok, because
+# Drive Badger is meant to be used mostly with encrypted storage - so keys are also
+# encrypted.
+#
+# On the other hand, Mobile Badger can only use unencrypted storage, so administrator
+# has to choose, if/where to create this directory - and create it manually.
+#
+# If keys_directory is not present (not created manually) on target drive, then the
+# one from internal SD storage will be used.
+
+BASE="/media/target"
+FALLBACK="/etc/drivebadger/keys"
+
+if [ -d $BASE/.support/.keys ]; then
+	echo $BASE/.support/.keys
+elif [ -d $BASE/.files/.keys ]; then
+	echo $BASE/.files/.keys
+elif [ -d $BASE/files/keys ]; then
+	echo $BASE/files/keys
+else
+	echo $FALLBACK
+fi

src/get-metadata-directory.sh

@@ -0,0 +1,3 @@
+#!/bin/sh
+
+echo /var/cache/drivebadger/metadata

src/get-persistent-partitions.sh

@@ -0,0 +1,9 @@
+#!/bin/sh
+
+partitions=`mount |grep live/persistence |grep -v 'type overlay' |grep -v 'type iso9660' |grep rw |cut -d' ' -f1`
+
+for part in $partitions; do
+	if [ -f /run/live/persistence/`basename $part`/persistence.conf ]; then
+		echo $part
+	fi
+done

src/get-target-directory.sh

@@ -0,0 +1,23 @@
+#!/bin/sh
+
+# Discover subdirectory inside target drive (all copied data is stored inside
+# hidden subdirectory to prevent accidental showing such data to 3rd party in
+# case of forced inspection etc. - it's definitely not enough to call it
+# "secure", however it's often enough in real life).
+
+BASE="/media/target"
+FALLBACK="/media/fallback"
+
+if [ -d $BASE/.support/.files ]; then
+	SUBDIR=$BASE/.support/.files
+elif [ -d $BASE/.files/.data ]; then
+	SUBDIR=$BASE/.files/.data
+elif [ -d $BASE/files/data ]; then
+	SUBDIR=$BASE/files/data
+else
+	SUBDIR=$FALLBACK
+fi
+
+TARGET="$SUBDIR/`date +%Y%m%d`"
+mkdir -p $TARGET
+echo $TARGET

src/main.sh

@@ -0,0 +1,61 @@
+#!/bin/sh
+
+perdev=`/opt/drivebadger/internal/kali/get-first-persistent-partition.sh`
+
+if [ "$perdev" != "" ]; then
+	target_partition=`basename $perdev`
+	target_drive=`/opt/drivebadger/internal/generic/get-partition-drive.sh $target_partition`
+
+	target_raw_device=`/opt/drivebadger/internal/generic/get-raw-device.sh $perdev`  # sdb3 or dm-0
+	logger "persistent partition $perdev on device $target_raw_device"
+
+	id=`/opt/drivebadger/internal/generic/get-computer-id.sh`
+	target_root_directory=`/opt/drivebadger/internal/kali/get-target-directory.sh $target_partition`
+	target_directory=$target_root_directory/$id
+	keys_directory=`/opt/drivebadger/internal/kali/get-keys-directory.sh $target_partition`
+
+	mkdir -p $target_directory $keys_directory
+	/opt/drivebadger/internal/generic/dump-debug-files.sh $target_directory
+
+	for uuid in `ls /dev/disk/by-uuid`; do
+		tmp=`readlink /dev/disk/by-uuid/$uuid`
+		current_partition=`basename $tmp`  # dm-0 is handled properly below, but dm-1 etc. not - fix before reusing this code in different context
+		current_drive=`/opt/drivebadger/internal/generic/get-partition-drive.sh $current_partition`
+
+		if [ "$current_partition" = "$target_raw_device" ] || [ "$current_partition" = "$target_partition" ]; then
+			logger "skipping UUID=$uuid (partition $current_partition matches target $target_partition)"
+		elif [ "$current_drive" = "$target_drive" ]; then
+			logger "skipping UUID=$uuid (partition $current_partition lays on the same target drive $target_drive as target partition $target_partition)"
+		else
+			fs=`/opt/drivebadger/internal/generic/get-partition-fs-type.sh $current_partition $target_directory`
+			drive_serial=`/opt/drivebadger/internal/generic/get-drive-serial.sh $current_drive $target_directory`
+
+			if [ "$fs" = "swap" ]; then
+				logger "skipping UUID=$uuid (swap partition $current_partition)"
+			elif [ "$fs" = "apfs" ]; then
+				nohup /opt/drivebadger/internal/generic/mount/apfs.sh $target_root_directory $target_directory $keys_directory "$drive_serial" $current_partition $uuid 2>/dev/null
+			elif [ "$fs" = "crypto_LUKS" ]; then
+				nohup /opt/drivebadger/internal/generic/mount/luks.sh $target_root_directory $target_directory $keys_directory "$drive_serial" $current_partition $uuid 2>/dev/null
+			else
+				nohup /opt/drivebadger/internal/generic/mount/plain.sh $target_root_directory $target_directory $keys_directory "$drive_serial" $current_partition $uuid $fs 2>/dev/null
+			fi
+		fi
+	done
+
+	# now process encrypted drives
+
+	for current_partition in `/opt/drivebadger/internal/generic/get-udev-unrecognized-devices.sh`; do
+		current_drive=`/opt/drivebadger/internal/generic/get-partition-drive.sh $current_partition`
+		drive_serial=`/opt/drivebadger/internal/generic/get-drive-serial.sh $current_drive $target_directory`
+		fs=`/opt/drivebadger/internal/generic/get-partition-fs-type.sh $current_partition $target_directory`
+
+		if [ "$fs" = "VMFS_volume_member" ]; then
+			nohup /opt/drivebadger/internal/generic/mount/vmfs.sh         $target_root_directory $target_directory $keys_directory "$drive_serial" $current_partition 2>/dev/null
+		else
+			nohup /opt/drivebadger/internal/generic/mount/unrecognized.sh $target_root_directory $target_directory $keys_directory "$drive_serial" $current_partition 2>/dev/null
+		fi
+
+	done
+
+	logger "finished processing drives and partitions"
+fi

src/rebuild-uuid-lists.sh

@@ -0,0 +1,10 @@
+#!/bin/sh
+
+TYPES="target ignore"
+
+for TYPE in $TYPES; do
+	FILE=/var/cache/drivebadger/$TYPE.uuid.generated
+	echo "# generated at `date`" >$FILE.new
+	cat /opt/drivebadger/config/*/$TYPE.uuid |grep -v ^$ |grep -v "^#" >>$FILE.new
+	mv -f $FILE.new $FILE
+done

src/show-key-stats.sh

@@ -1,30 +1,5 @@
 #!/bin/sh
 
-if [ "$1" = "" ]; then
-	echo "usage: $0 [keys-directory]"
-	exit 0
-elif [ ! -d $1 ]; then
-	echo "error: invalid keys directory $1"
-	exit 1
-fi
+keys_directory=`/opt/drivebadger/internal/mobile/get-keys-directory.sh`
 
-keys_directory=$1
-tmpfile=`mktemp -p /run`
-
-echo "encryption mode | keys assigned to drives | repo keys unassigned | common | total repo keys | unique repo keys"
-echo "--------------------------------------------------------------------------------------------------------------"
-
-for encryption_mode in apfs bitlocker luks veracrypt; do
-
-	keys_assigned=`cat $keys_directory/*.$encryption_mode 2>/dev/null |wc -l`
-	cat $keys_directory/*.$encryption_mode 2>/dev/null >$tmpfile
-
-	keys_unassigned=`cat /opt/drivebadger/config/*/$encryption_mode.keys 2>/dev/null |grep -v "^#" |grep -v ^$ |grep -vxFf $tmpfile |wc -l`
-	keys_common=`cat /opt/drivebadger/config/*/$encryption_mode.keys 2>/dev/null |grep -v "^#" |grep -v ^$ |grep -xFf $tmpfile |wc -l`
-	keys_total_repos=`cat /opt/drivebadger/config/*/$encryption_mode.keys 2>/dev/null |grep -v "^#" |grep -v ^$ |wc -l`
-	keys_total_unique=`cat /opt/drivebadger/config/*/$encryption_mode.keys 2>/dev/null |grep -v "^#" |grep -v ^$ |sort |uniq |wc -l`
-
-	printf "%-15s | %-23d | %-20d | %-6d | %-15d | %d \n" $encryption_mode $keys_assigned $keys_unassigned $keys_common $keys_total_repos $keys_total_unique |sed 's/ 0 /   /g'
-done
-
-rm -f $tmpfile
+/opt/drivebadger/internal/generic/keys/show-key-stats.sh $keys_directory

src/show-spooler-tasks.sh

@@ -0,0 +1,12 @@
+#!/bin/sh
+
+perdev=`/opt/drivebadger/internal/kali/get-first-persistent-partition.sh`
+
+if [ "$perdev" != "" ]; then
+	target_partition=`basename $perdev`
+	target_root_directory=`/opt/drivebadger/internal/kali/get-target-directory.sh $target_partition`
+	target_base=`dirname $target_root_directory`
+	tsp |sed -r -e "s#/opt/drivebadger/hooks/hook-virtual/handle-image.sh ##g" -e "s#/media/(.*)/mnt/#\1 #g" -e "s#/media/(.*)/mnt##g" -e "s#$target_base/##g"
+else
+	tsp |sed -r -e "s#/opt/drivebadger/hooks/hook-virtual/handle-image.sh ##g" -e "s#/media/(.*)/mnt/#\1 #g" -e "s#/media/(.*)/mnt##g"
+fi