From charlesreid1

Startup Services

There are many useful applications of having programs start automatically when the Pi is plugged in, as opposed to having to be started manually - RaspberryPi/Reverse SSH, for example.

It is also very useful to be able to modify startup services on the Pi by modifying the contents of the SD card, as opposed to having to modify the IP to connect to whatever network you're on, boot the Pi, SSH to it, then modify the startup script, then return the Pi to its original configuration and hope it still works.

This article will show you how to create startup services, and how to turn them on or off as needed.

That way you can have a collection of startup scripts to do things like:

  • Search for and log in to known wireless networks
  • Search for and utilize open wireless networks
  • Attack and utilize foreign wireless networks
  • Connect with an stunnel server or a command-and-control node

You can mount the SD card on another computer and modify the rc.d and init.d, and modify the services that start on boot, eventually chaining things together (such as tunneling out of a network and transferring a payload through the tunnel).

Two Techniques

There are two techniques to doing this: the easy way (using Python), and the hard way (creating a built-in system startup service).

The Easy Way

To create a boot service the easy way, you will use Python to handle all timing, logic, and system calls that may be required. This simplifies your startup service to a single system command, python /path/to/my/, which can be run at boot by adding the command to /etc/rc.local.

$ cat /etc/rc.local
#!/bin/sh -e
# rc.local
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
# In order to enable or disable this script just change the execution
# bits.

/usr/bin/python /path/to/my/

exit 0

Now, you can create logic for timing and system calls from Python. Using the subprocess library, you can call a system command and wait until it returns a result:

import subprocess['/bin/ls','~'])

You can also fork tasks to the background, useful if you want to run more than one task at a time:

import suprocess



print("Are we done yet?")

The Hard Way: /etc/init.d

On the raspberry pi, all startup services are contained in /etc/init.d, which is a folder containing executable scripts that are formatted in a particular way.

To make a new startup service, you can create a copy of an existing script and modify it to suit your needs (I typically start by creating a copy of the SSH daemon startup script, which is called ssh).

The script will look something like this:


#! /bin/sh

# Provides:             capture-wifi-data
# Required-Start:       $local_fs $remote_fs
# Required-Stop:        $local_fs $remote_fs
# Default-Start:        2 3 4 5
# Default-Stop:         0 1 6
# Short-Description:    Capture wifi data.

set -e

case "$1" in
        cd /root/wifi_data
        pkill airodump-ng
        exit 1


exit 0

This script goes in /etc/init.d, which is that folder full of executable scripts.

To make this script executable, you would run $ chmod +x capture-wireless-data

However, this is not enough! Simply having an executable script in /etc/init.d will not make it run on boot - init.d is just a folder full of scripts.

To add this script to the services that run when the Pi boots up, you can either run a command from the Pi, or modify the SD card.

Adding Startup Service from Pi

If I have created a startup service called capture-wireless-data and I want to make it run on boot, I run the command:

$ update-rc.d capture-wireless-data defaults

from the Pi itself.

Adding Startup Service by Modifying Memory Card

First, load up the SD card and mount it. You will need to mount the filesystem partition of the SD card, which is an ext4 filesystem.

If you are on a Mac, you will need to install MacFUSE to read an ext4 file system. If you are on Linux, you are good to go. (If you are on Windows... may God have mercy on your soul.)

Once you've mounted the Pi's filesystem, you will want to change what starts at different runtime levels. Debian Raspberry Pis start in runtime level 2 by default, so anything you want to start up should go into /etc/rc2.d.

But the way you do this is, you put the actual script file in /etc/init.d, then you create a symbolic link in the runtime folder, e.g., /etc/rc2.d for the Raspberry Pi. It should have a prefix like S02.

root@kali:/etc/rc2.d# /bin/ls -1

Create a symbolic link in /etc/rc2.d with the command ln -fs /etc/init.d/capture-wifi-data /etc/rc2.d/S02capture-wifi-data