From Edgar BV Wiki
Jump to navigation Jump to search installation guide

Raspberry Pi GPIO pinout

Adafruit PiRTC DS3231 remove the GPIO connector and then solder

GPS + clock breakout looks pretty cool, should work

PiRTC pinout

2017 info on using DS3231 Real Time Clock



For output

Waveshare e-ink display test utility



change ethernet gadget (usb network) to a stable MAC address (choose whatever mac you like)

add the following to the end of /boot/cmdline.txt

  g_ether.host_addr=86:5A:EE:60:99:4B g_ether.dev_addr=86:5A:EE:60:99:4B

In nm-connection-editor you can set the ipv4 settings on your linux box to and then enable connection sharing and you can ssh in.

  ssh pi@


You may or may not need these firewall rules

sudo ip route add dev enp0s20f0u1
~$ ip route list
default via dev wlp4s0 proto dhcp metric 600 dev enp0s20f0u1 proto kernel scope link src metric 100 dev wlp4s0 scope link metric 1000 dev wlp4s0 proto kernel scope link src metric 600


you can't use iwconfig to connect the wireless, you have to use wpa_supplicant. raspi-config won't work because the pwnagotchi scripts put wifi in monitor mode. You need to change the wireless interface back to managed mode.


You will also have to add a DNS server to /etc/resolv.conf through /etc/dhcpcd.conf

  vi /etc/dhcpcd.conf  

Then, add this line:

  static domain_name_servers=

There is a problem with dnsmasq clobbering resolvconf. There seem to be a few ways to solve this

/etc/dnsmasq.conf add


possibly also set




to /etc/defaults/dnsmasq from here


implement some of the resolvonf ingoring lines in /etc/dnsmasq.conf

OR go full nuke and

  systemctl disable dnsmasq

General Configuration


Is your friend

/etc/pwnagotchi/config.toml = "piface"
main.lang = "en"
main.whitelist = [
main.plugins.grid.enabled = true = true
main.plugins.grid.exclude = [

ui.display.enabled = true
ui.display.type = "waveshare_2"

fs.memory.enabled = true
fs.memory.mounts.log.enabled = true = true

ui.web.username = "adminusername"
ui.web.password = "passwordyouwanttouse"
ui.web.enabled = true
ui.web.address = ""
ui.web.origin = ""
ui.web.port = 8080
ui.web.on_frame = ""

After this enabling plugins in the web interface will add stuff to the config. If you disable the plugin the config code will remain in the file.

Web interfaces

There are 2 webinterfaces: https://piface.local:8080 which will show you the screen but with options to reboot and configure some stuff and https://piface.local:8081 which allows you to play with bettercap.


  /etc/pwnagotchi/default.toml (copy from here into config.toml)


       /etc/pwnagotchi/config.toml: This is where you put your custom configurations.
           Do NOT add customizations to default.toml! They will be overwritten whenever you update your unit!


       All the handshakes Pwnagotchi captures are saved to /root/handshakes/


       The place where the unit stores records of other units that it met in the past: /root/peers/.


       The main log file is located at /var/log/pwnagotchi.log.

The AI

       The neural network is located at /root/brain.nn, while the information about its age at /root/brain.json. If you want to save your Pwnagotchi’s memories, these are the files to back up.

NB it can take some time for the brain.nn files to appear


Cracking the pcap files

A common service people use for dictionaries (nog brute forcing) is stanev which also has a plugin

Pwnagetty also does a lot of the heavy lifting for you

first you need to convert the pcap files to a hccapx format which hashcat can use.

You can upload the file to onlinehashcrack

or use hcxtools (linux) description here

Then run hashcat

  hashcat -m 2500 -a3 capture.hccapx

Here's a writeup New attack on WPA/WPA2 using PMKID

Basic information from hashcat

Note: using cap2hccapx doesn't work any more.