adlin/pkg/challenge/init

#!/bin/sh

mount -t proc proc /proc
mount -t sysfs sysfs /sys

rm /dev/null; mknod -m 0666 /dev/null c 1 3
rm /dev/zero; mknod -m 0666 /dev/zero c 1 5

ln -sf ssmtp /usr/sbin/sendmail

mdev -s

# /proc/cmdline parser (from Gentoo Wiki)
cmdline() {
    local value
    value=" $(cat /proc/cmdline) "
    value="${value##* $1=}"
    value="${value%% *}"
    [ "$value" != "" ] && echo "$value"
}

# Get some command line options
USER_LOGIN=$(cmdline adlin.login)
USER_PKEY=$(cmdline adlin.key)
USER_IP=$(cmdline adlin.ip)
ROOT_PASSWORD=$(cmdline adlin.rootpasswd)

[ -f /etc/shadow_ ] && mv /etc/shadow_ /etc/shadow

[ -n "${USER_IP}" ] && echo "${USER_IP}" > /root/my_ip
[ -n "${ROOT_PASSWORD}" ] && sed -i "/^root:/s@!@${ROOT_PASSWORD}@" /etc/shadow

# Handle extra user from /etc/shadow
sed -r 's/^([^:]+):.*$/\1/' /etc/shadow | while read u; do
    grep -q "^$u" /etc/passwd || {
        i=$(($(wc -l /etc/passwd | cut -d ' ' -f 1) + 988))
        echo "$u:x:$i:$u" >> /etc/group
        echo "$u:x:$i:$i:new user:/home:/bin/ash" >> /etc/passwd
    }
done

# Define hostname
hostname adlin-${USER_LOGIN}

update-ca-certificates > /dev/null 2> /dev/null

# Launch some TTYs
for i in `seq 2 6`
do
    while true
    do
	/usr/bin/setsid /sbin/agetty -l /sbin/fakelogin 38400 "tty${i}" linux
    done &
done

# Hide us!
/bin/rm -f /init /linuxrc

# Randomize time at boot
/bin/date 0$((1 + $RANDOM % 9))0$((1 + $RANDOM % 9))0$((1 + $RANDOM % 9))$((0 + $RANDOM % 6))$((1 + $RANDOM % 9))$((70 + $RANDOM % 30)).$(($RANDOM % 6))$((1 + $RANDOM % 9)) > /dev/null
/sbin/sysctl -w kernel.panic_on_warn=1 > /dev/null
/sbin/sysctl -w net.ipv4.ip_default_ttl=4 > /dev/null

# Launch some daemons
#/usr/bin/setsid /usr/sbin/crond > /dev/null &
/usr/bin/setsid /bin/shadow-up > /dev/null 2> /var/log/sup.log &

# Prepare bonus 2
mkdir -p /mnt

/bin/dd if=/dev/zero of=/dev/blk count=1 bs=10240000 > /dev/null 2> /dev/null
cat <<EOF | fdisk /dev/blk > /dev/null 2> /dev/null
n
p
1

+5M
w
EOF
LOOPDEV=$(losetup -f)
losetup -P "${LOOPDEV}" /dev/blk > /dev/null 2> /dev/null
mdev -s
/sbin/mkfs.ext4 "${LOOPDEV}p1" > /dev/null 2> /dev/null
mount "${LOOPDEV}p1" /mnt > /dev/null 2> /dev/null
N1=$((29 - $RANDOM % 25))
N2=$((3 + $RANDOM % 25))
{
    printf %02d $N1
    printf %02d $N2
    echo -n ${USER_PKEY:$N1:$N2} | sha512sum | cut -d " " -f 1

} > /mnt/bonus2
sync
rm /mnt/bonus2
sync
umount /mnt


# Launch requested init
if grep init= /proc/cmdline > /dev/null 2> /dev/null
then
    INIT=$(cmdline init)
    [ -z "${INIT}" ]

    while true
    do
	sleep $((10 + $RANDOM % 49))
	beep -f 1000 -r 2 -n -r 5 -l 10 -n
    done &

    grep console=ttyS0 /proc/cmdline > /dev/null 2> /dev/null && /usr/bin/setsid sh -c "exec '${INIT}' </dev/ttyS0 >/dev/ttyS0 2>&1"
    exec /usr/bin/setsid sh -c "reset; exec '${INIT}' </dev/tty1 >/dev/tty1 2>&1"
else
    grep console=ttyS0 /proc/cmdline > /dev/null 2> /dev/null && /usr/bin/setsid /sbin/agetty -l /sbin/fakelogin 38400 "ttyS0" linux
    while true
    do
	/usr/bin/setsid /sbin/agetty -l /sbin/fakelogin 38400 tty1 linux
    done
fi
Make challenge image 2018-02-18 16:39:49 +00:00			`#!/bin/sh`

			`mount -t proc proc /proc`
			`mount -t sysfs sysfs /sys`

shadow-up: Don't polute everithing... 2023-02-20 19:03:49 +00:00			`rm /dev/null; mknod -m 0666 /dev/null c 1 3`
			`rm /dev/zero; mknod -m 0666 /dev/zero c 1 5`

challenge: sendmail was pointing to busybox 2022-03-01 22:35:24 +00:00			`ln -sf ssmtp /usr/sbin/sendmail`
Make challenge image 2018-02-18 16:39:49 +00:00
			`mdev -s`

			`# /proc/cmdline parser (from Gentoo Wiki)`
			`cmdline() {`
			`local value`
			`value=" $(cat /proc/cmdline) "`
			`value="${value##* $1=}"`
			`value="${value%% *}"`
			`[ "$value" != "" ] && echo "$value"`
			`}`

			`# Get some command line options`
			`USER_LOGIN=$(cmdline adlin.login)`
			`USER_PKEY=$(cmdline adlin.key)`
login-validator: add IP 2019-02-28 01:27:33 +00:00			`USER_IP=$(cmdline adlin.ip)`
challenge: Handle root password 2022-02-27 10:25:22 +00:00			`ROOT_PASSWORD=$(cmdline adlin.rootpasswd)`

			`[ -f /etc/shadow_ ] && mv /etc/shadow_ /etc/shadow`
login-validator: add IP 2019-02-28 01:27:33 +00:00
			`[ -n "${USER_IP}" ] && echo "${USER_IP}" > /root/my_ip`
challenge: Handle root password 2022-02-27 10:25:22 +00:00			`[ -n "${ROOT_PASSWORD}" ] && sed -i "/^root:/s@!@${ROOT_PASSWORD}@" /etc/shadow`

			`# Handle extra user from /etc/shadow`
			`sed -r 's/^([^:]+):.*$/\1/' /etc/shadow \| while read u; do`
			`grep -q "^$u" /etc/passwd \|\| {`
			`i=$(($(wc -l /etc/passwd \| cut -d ' ' -f 1) + 988))`
			`echo "$u:x:$i:$u" >> /etc/group`
			`echo "$u:x:$i:$i:new user:/home:/bin/ash" >> /etc/passwd`
			`}`
			`done`
Make challenge image 2018-02-18 16:39:49 +00:00
			`# Define hostname`
			`hostname adlin-${USER_LOGIN}`

challenge: Regenerate ca-certificates on boot 2022-02-27 19:45:29 +00:00			`update-ca-certificates > /dev/null 2> /dev/null`

Make challenge image 2018-02-18 16:39:49 +00:00			`# Launch some TTYs`
challenge: try to apply font on all terms 2020-02-24 08:57:42 +00:00			for i in `seq 2 6`
Make challenge image 2018-02-18 16:39:49 +00:00			`do`
			`while true`
			`do`
			`/usr/bin/setsid /sbin/agetty -l /sbin/fakelogin 38400 "tty${i}" linux`
			`done &`
			`done`

			`# Hide us!`
			`/bin/rm -f /init /linuxrc`

			`# Randomize time at boot`
challenge: fix date randomization 2020-02-21 17:15:37 +00:00			`/bin/date 0$((1 + $RANDOM % 9))0$((1 + $RANDOM % 9))0$((1 + $RANDOM % 9))$((0 + $RANDOM % 6))$((1 + $RANDOM % 9))$((70 + $RANDOM % 30)).$(($RANDOM % 6))$((1 + $RANDOM % 9)) > /dev/null`
challenge: introduce new kernel panic for more recent kernel 2020-02-21 13:32:12 +00:00			`/sbin/sysctl -w kernel.panic_on_warn=1 > /dev/null`
Make challenge image 2018-02-18 16:39:49 +00:00			`/sbin/sysctl -w net.ipv4.ip_default_ttl=4 > /dev/null`

			`# Launch some daemons`
challenge: disable crontab 2019-02-27 01:03:50 +00:00			`#/usr/bin/setsid /usr/sbin/crond > /dev/null &`
challenge: Update some references 2022-02-27 11:06:56 +00:00			`/usr/bin/setsid /bin/shadow-up > /dev/null 2> /var/log/sup.log &`
Make challenge image 2018-02-18 16:39:49 +00:00
challenge: rename token4 to bonus2, to match subject 2021-02-18 00:12:58 +00:00			`# Prepare bonus 2`
Create token4 2018-02-20 17:11:22 +00:00			`mkdir -p /mnt`

challenge: Update init to use losetup for disk bonus 2022-03-01 21:31:02 +00:00			`/bin/dd if=/dev/zero of=/dev/blk count=1 bs=10240000 > /dev/null 2> /dev/null`
challenge: Redo the disk bonus, with losetup 2022-03-01 21:56:19 +00:00			`cat <<EOF \| fdisk /dev/blk > /dev/null 2> /dev/null`
challenge: Update init to use losetup for disk bonus 2022-03-01 21:31:02 +00:00			`n`
			`p`
			`1`

challenge: Redo the disk bonus, with losetup 2022-03-01 21:56:19 +00:00			`+5M`
challenge: Update init to use losetup for disk bonus 2022-03-01 21:31:02 +00:00			`w`
			`EOF`
			`LOOPDEV=$(losetup -f)`
challenge: Redo the disk bonus, with losetup 2022-03-01 21:56:19 +00:00			`losetup -P "${LOOPDEV}" /dev/blk > /dev/null 2> /dev/null`
			`mdev -s`
challenge: Update init to use losetup for disk bonus 2022-03-01 21:31:02 +00:00			`/sbin/mkfs.ext4 "${LOOPDEV}p1" > /dev/null 2> /dev/null`
challenge: Redo the disk bonus, with losetup 2022-03-01 21:56:19 +00:00			`mount "${LOOPDEV}p1" /mnt > /dev/null 2> /dev/null`
As PKey are smaller, fix disk test 2022-03-01 23:40:35 +00:00			`N1=$((29 - $RANDOM % 25))`
			`N2=$((3 + $RANDOM % 25))`
Create token4 2018-02-20 17:11:22 +00:00			`{`
challenge: Fix disk bonus when RANDOM <= 9 2023-02-21 00:46:54 +00:00			`printf %02d $N1`
			`printf %02d $N2`
Replace blake2b by sha512 (as it is not yet available on alpine 2018-02-21 00:51:06 +00:00			`echo -n ${USER_PKEY:$N1:$N2} \| sha512sum \| cut -d " " -f 1`
Create token4 2018-02-20 17:11:22 +00:00
challenge: rename token4 to bonus2, to match subject 2021-02-18 00:12:58 +00:00			`} > /mnt/bonus2`
Create token4 2018-02-20 17:11:22 +00:00			`sync`
challenge: rename token4 to bonus2, to match subject 2021-02-18 00:12:58 +00:00			`rm /mnt/bonus2`
Create token4 2018-02-20 17:11:22 +00:00			`sync`
challenge: Redo the disk bonus, with losetup 2022-03-01 21:56:19 +00:00			`umount /mnt`
Create token4 2018-02-20 17:11:22 +00:00

Make challenge image 2018-02-18 16:39:49 +00:00			`# Launch requested init`
			`if grep init= /proc/cmdline > /dev/null 2> /dev/null`
			`then`
			`INIT=$(cmdline init)`
			`[ -z "${INIT}" ]`

			`while true`
			`do`
			`sleep $((10 + $RANDOM % 49))`
challenge: beep compatible with busybox 2022-02-27 10:25:03 +00:00			`beep -f 1000 -r 2 -n -r 5 -l 10 -n`
Make challenge image 2018-02-18 16:39:49 +00:00			`done &`

challenge: can use ttyS0 2021-02-18 08:26:45 +00:00			`grep console=ttyS0 /proc/cmdline > /dev/null 2> /dev/null && /usr/bin/setsid sh -c "exec '${INIT}' </dev/ttyS0 >/dev/ttyS0 2>&1"`
Clean the screen, even in single mode, because some info leaks 2022-03-01 23:41:07 +00:00			`exec /usr/bin/setsid sh -c "reset; exec '${INIT}' </dev/tty1 >/dev/tty1 2>&1"`
Make challenge image 2018-02-18 16:39:49 +00:00			`else`
challenge: can use ttyS0 2021-02-18 08:26:45 +00:00			`grep console=ttyS0 /proc/cmdline > /dev/null 2> /dev/null && /usr/bin/setsid /sbin/agetty -l /sbin/fakelogin 38400 "ttyS0" linux`
Make challenge image 2018-02-18 16:39:49 +00:00			`while true`
			`do`
			`/usr/bin/setsid /sbin/agetty -l /sbin/fakelogin 38400 tty1 linux`
			`done`
			`fi`