Format_C/pivilion
1
0
Fork 0
mirror of https://gitlab.com/hacklab01/pivilion.git synced 2025-04-30 00:57:16 +00:00
Code Issues Projects Releases Wiki Activity

Update pivilion manual setup

v3d 2018-05-03 23:51:25 +00:00
parent 420eda65af
commit ca02535fd2
1 changed files with 29 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
pivilion-manual-setup.md

@ -2,7 +2,7 @@
You can chose to download one of our pre-installed images (not available atm) or follow this guide to install Pivilion on your Raspberry Pi from scratch and use it as a portable darknet gallery. It installs Tor with Lighttpd (Lighty) as a hidden service and runs a simple php based gallery system. Tor is free software for enabling anonymous communication and censorship circumvention. However, Pivilion doesn't use Tor for its anonimity features (but Tor still provides them). Tor is used to host a HTTP server as a hidden service. We make extensive use of its NAT punching capabilites to enable us to host a gallery behind NATs and firewalls. Keep in mind that this may or may not break your ISP contract if you do it from home. Using public WiFi to host hidden services, while not technically illegal if you were provided with the password by the owner of the WiFi, may present certain issues with their ISP. Since we're using Tor there is no way for you to get *caught*. With great power comes great resposibility. Be responsible in what you host and do on the darknet while using Pivilion. You can chose to download one of our pre-installed images (not available atm) or follow this guide to install Pivilion on your Raspberry Pi from scratch and use it as a portable darknet gallery. It installs Tor with Lighttpd (Lighty) as a hidden service and runs a simple php based gallery system. Tor is free software for enabling anonymous communication and censorship circumvention. However, Pivilion doesn't use Tor for its anonimity features (but Tor still provides them). Tor is used to host a HTTP server as a hidden service. We make extensive use of its NAT punching capabilites to enable us to host a gallery behind NATs and firewalls. Keep in mind that this may or may not break your ISP contract if you do it from home. Using public WiFi to host hidden services, while not technically illegal if you were provided with the password by the owner of the WiFi, may present certain issues with their ISP. Since we're using Tor there is no way for you to get *caught*. With great power comes great resposibility. Be responsible in what you host and do on the darknet while using Pivilion.
## Use a Virtualbox image ### Use a Virtualbox image
For testing Pivilion without a Raspberry Pi, you can use Ubuntu server (or any other Debian-based OS) as a base and install all packages from this manual. Some package names may differ, depending on your system. Use For testing Pivilion without a Raspberry Pi, you can use Ubuntu server (or any other Debian-based OS) as a base and install all packages from this manual. Some package names may differ, depending on your system. Use
`apt-cache search package name` `apt-cache search package name`
@ -15,38 +15,23 @@ You can skip all the Raspberry-specific steps if you chose to use Virtualbox. Yo
You can also download the complete pre-installed appliance image and run Pivilion in Virtualbox without having to install anything. You can also download the complete pre-installed appliance image and run Pivilion in Virtualbox without having to install anything.
## Checklist ## What you need
### Hardware ### Hardware
#### Raspberry Pi 1. Raspberry Pi
#### Micro USB power adapter 1. Micro USB power adapter - a cable is also fine (you can connect to any USB port)
A cable is also fine (you can connect to any USB port) 1. Min 8 GB (micro)SD card
#### Min 8 GB (micro)SD card 1. SD card reader
#### SD card reader 1. Ethernet cable - optional - you can connect the Rpi to a HDMI screen and connect it to wifi as you would any computer. However, this setup is meant to be made over SSH - consider your Pi a server (even though it's on a table next to you :)). You can connect it to a display and once you input the wifi password, just connect to the pi via ssh from a different computer.
#### Ethernet cable
This is optional - you can connect the Rpi to a HDMI screen and connect it to wifi as you would any computer. However, this setup is meant to be made over SSH - consider your Pi a server (even though it's on a table next to you :)). You can connect it to a display and once you input the wifi password, just connect to the pi via ssh from a different computer.
### Software ### Software
#### Raspbian image 1. [Raspbian image](https://www.raspberrypi.org/downloads/raspbian/)
https://www.raspberrypi.org/downloads/raspbian/ 1. [Tor Browser](https://www.torproject.org/download/download-easy.html.en) - used only for checking if the gallery works on the darknet (not for generating galleries)
#### Tor Browser 1. [Nmap](https://nmap.org/)- network scanning tool. This is optional, Arp is perfectly fine! **Be careful with nmap - scanning networks that are not yours may be illegal in your country!**
https://www.torproject.org/download/download-easy.html.en 1. Arp - depending on your OS and network setup you can use the arp command and skip scanning the network with nmap (Linux & OSX only - it comes installed with OSX and most distros)
#### Nmap network scanning tool 1. [Putty SSH client](http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html) - Windows only
This is optional, Arp is perfectly fine!
https://nmap.org/
Be careful with nmap - scanning networks that are not yours may be illegal in your country!
#### Arp
Depending on your OS and network setup you can use the arp command and skip scanning the network with nmap (Linux & OSX only - it comes installed with OSX and most distros)
### Windows only
#### Putty SSH client
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
#### Preparing the SD card with the image
First we need to put a fresh Rasbpian image on our RPi's SD card.
You can use either the full or the lite image, its up to you.
## Installing Rasbian ## Installing Rasbian
Always get a fresh anc current Raspbian image before installing Pivilion. It will drastically speed up the update / upgrade process. Use [this guide](https://www.raspberrypi.org/documentation/installation/installing-images/README.md) from Raspberry Pi's official website. Always get a fresh and current Raspbian image before installing Pivilion. It will drastically speed up the update / upgrade step of the manual. Use [this guide](https://www.raspberrypi.org/documentation/installation/installing-images/README.md) from Raspberry Pi's official website. You can use either the full or the lite image, its up to you. Choose your system. Well be using Linux + dd.
Choose your system. Well be using Linux + dd.
### Enabling SSH on your Pi ### Enabling SSH on your Pi
SSH access is turned of by default for security. We need to do a simple extra step to enable it. SSH access is turned of by default for security. We need to do a simple extra step to enable it.
@ -60,7 +45,8 @@ Once thats done, connect your RPi to a DHCP network with an ethernet cable an
since each Raspberry Pi has a mac address that begins with b8:27:eb we can use art and grep to locate our Raspberry on the network. since each Raspberry Pi has a mac address that begins with b8:27:eb we can use art and grep to locate our Raspberry on the network.
Or use a network discovery tool to find it's IP address. Or use a network discovery tool to find it's IP address. Logging into your local router and checking the list of connected devices is also an option.
We will use nmap to scan our DHCP IP range for all hosts that are up. Replace 10.0.0.1/24 with your IP address range. You can also check you router's settings to see all devices connected to your network and their IPs. We will use nmap to scan our DHCP IP range for all hosts that are up. Replace 10.0.0.1/24 with your IP address range. You can also check you router's settings to see all devices connected to your network and their IPs.
`nmap 10.0.0.1/24` `nmap 10.0.0.1/24`
@ -202,7 +188,7 @@ Now reboot your RPi and log back in.
`ssh pi@your.Pi.IP` `ssh pi@your.Pi.IP`
Now run pivilion to copy some extra files to their proper positions! Run pivilion to copy some extra files to their proper positions!
`pivilion` `pivilion`
@ -248,17 +234,19 @@ Tor will generate a hostname. to view your hostname run
Check if your hidden service works by opening Tor Browser and navigating to your onion domain. Check if your hidden service works by opening Tor Browser and navigating to your onion domain.
You should see the same lighttpd placeholder page as before. This should show the same lighttpd placeholder page as before.
That's it - everything should be working now! That's it - everything should be working now!
You now have four commands at your disposal. While logged in to the Pi via SSH there are four commands at your disposal.
All these commands are bash scripts located in the /usr/local/bin directory. All these commands are bash scripts located in the /usr/local/bin directory.
1. "pivilion" will display some info and a brief tutorial. It will also copy some files to proper positions. 1. "pivilion" will display some info and a brief tutorial. It will also copy some files to proper positions.
1. "onion" will set your Pi to start in onion mode on next reboot. This is the default mode. 1. "onion" will set your Pi to start in onion mode on next reboot. This is the default mode. In this mode, the Pi acts as a hidden service on Tor and serves your content.
1. "hotspot" will set your Pi to start in hotspot mode on next reboot. 1. "hotspot" will set your Pi to start in hotspot mode on next reboot. This mode can be used to connect to the Pi without being connected to a network. The Pi has the IP of 10.1.0.1. That means you can connect to it with
Please remember to set the mode properly before each reboot or you might have to access your Pi via ethernet cable or screen. `ssh pi@10.1.0.1`
It will also redirect all non-encrypted traffic to this IP, meaning that all traffic will be redirected to your gallery. You can use this mode to serve a local instance of the gallery.
**Please remember to set the mode properly before each reboot or you might have to access your Pi via ethernet cable or screen.**
1. "pikey" is used to setup a Wifi network and password to be used in onion mode. 1. "pikey" is used to setup a Wifi network and password to be used in onion mode.
### Using the generator script to setup a gallery ### Using the generator script to setup a gallery
@ -267,9 +255,13 @@ After setting everything up, you can find the generator script by entering your
The script is very simple - it uses PHP to generate a static HTML site. It can take audio, video and images. The audio and video need to be encoded with certain codecs compatible with HTML5 media reproduction because of patents. [Here](https://developer.mozilla.org/en-US/docs/Web/HTML/Supported_media_formats)'s a breakdown on what's supported where. You should test and make sure your media files work. The use of WebM, an open, royalty-free media file format is recommended. [Here](http://wiki.webmproject.org/ffmpeg/vp9-encoding-guide)'s a VP9 encoding guide for video. The script is very simple - it uses PHP to generate a static HTML site. It can take audio, video and images. The audio and video need to be encoded with certain codecs compatible with HTML5 media reproduction because of patents. [Here](https://developer.mozilla.org/en-US/docs/Web/HTML/Supported_media_formats)'s a breakdown on what's supported where. You should test and make sure your media files work. The use of WebM, an open, royalty-free media file format is recommended. [Here](http://wiki.webmproject.org/ffmpeg/vp9-encoding-guide)'s a VP9 encoding guide for video.
Keep in mind that Tor is slow and optimize your images, audio and video properly! **Keep in mind that Tor is slow and optimize your images, audio and video properly! **
The gallery generator takes in some basic data such as the name, description, title of the specific works, etc. Sections are vertical while slides are horizontal. Each piece has its own page. You should play around to figure out how it works. Keep in mind that the script will overwrite everything each time you generate a new gallery, so preparing a directory of media and backing up :) is the way to go. This will be better implemented in the future. The gallery generator takes in some basic data such as the name, description, title of the specific works, etc. Sections are vertical while slides are horizontal. Each piece has its own page. You should play around to figure out how it works. Keep in mind that the script will overwrite everything each time you generate a new gallery, so preparing a directory of media and **backing up** :) is the way to go. This will be better implemented in the future.
### Custom HTML
You can also chose to overwrite anything the generator script generates or edit it manually just like you would HTML / PHP on any server. Use an FTP client such as [Filezilla](https://filezilla-project.org/) and the same username / password you would for logging in via SSH (point Filezilla to your Pi's IP and port 22). The directory that's served is /var/www/html/pivilion/gen. You can also edit Lighty's config in /etc/ lighttpd.conf and move the directory to where you see fit.
Please note that Pivilion is in public beta and is sure to have some errors. Don't hesitate to help development by raising issues here https://gitlab.com/hacklab01/pivilion/issues Please note that Pivilion is in public beta and is sure to have some errors. Don't hesitate to help development by raising issues here https://gitlab.com/hacklab01/pivilion/issues