mirror of
https://github.com/hackerschoice/segfault.git
synced 2024-06-16 11:58:43 +00:00
Compare commits
3 Commits
013ce483a8
...
ec26d3ef20
Author | SHA1 | Date | |
---|---|---|---|
|
ec26d3ef20 | ||
|
54511d0cd4 | ||
|
1baf8f7744 |
@ -1,5 +1,7 @@
|
||||
0.4.9p1 - 2023-09
|
||||
0.4.9p1 - 2023-09-18
|
||||
* ssh -R fix in serverloop.c
|
||||
* a2enmod for php8.2 (thanks matthew)
|
||||
* FavFreak
|
||||
|
||||
0.4.9a1 - 2023-08-13
|
||||
* geoiphn, asn, reboot, shutdown, pwncat-cs, aws
|
||||
|
8
Makefile
8
Makefile
@ -45,6 +45,13 @@ FILES_GUEST += "segfault-$(VER)/guest/fs-root/sf/bin/startxweb"
|
||||
FILES_GUEST += "segfault-$(VER)/guest/fs-root/sf/bin/startfb"
|
||||
FILES_GUEST += "segfault-$(VER)/guest/fs-root/sf/bin/geoip"
|
||||
FILES_GUEST += "segfault-$(VER)/guest/fs-root/sf/bin/geoiphn"
|
||||
FILES_GUEST += "segfault-$(VER)/guest/fs-root/sf/bin/gssec"
|
||||
FILES_GUEST += "segfault-$(VER)/guest/fs-root/sf/bin/gsexec"
|
||||
FILES_GUEST += "segfault-$(VER)/guest/fs-root/sf/bin/thcssh"
|
||||
FILES_GUEST += "segfault-$(VER)/guest/fs-root/sf/bin/transfer"
|
||||
FILES_GUEST += "segfault-$(VER)/guest/fs-root/sf/bin/asn"
|
||||
FILES_GUEST += "segfault-$(VER)/guest/fs-root/sf/bin/sshj"
|
||||
FILES_GUEST += "segfault-$(VER)/guest/fs-root/sf/bin/shred"
|
||||
FILES_GUEST += "segfault-$(VER)/guest/fs-root/sf/bin/pkg-install.sh"
|
||||
FILES_GUEST += "segfault-$(VER)/guest/fs-root/etc/rc.local-example"
|
||||
FILES_GUEST += "segfault-$(VER)/guest/fs-root/etc/vim/vimrc.local"
|
||||
@ -65,6 +72,7 @@ FILES_GUEST += "segfault-$(VER)/guest/fs-root/usr/share/applications/burpsuite.d
|
||||
FILES_GUEST += "segfault-$(VER)/guest/fs-root/usr/share/applications/thc-tips-and-tricks.desktop"
|
||||
FILES_GUEST += "segfault-$(VER)/guest/fs-root/usr/share/icons/metasploit.svg"
|
||||
FILES_GUEST += "segfault-$(VER)/guest/fs-root/usr/share/icons/thc-logo.jpg"
|
||||
FILES_GUEST += "segfault-$(VER)/guest/fs-root-amd64/usr/bin/xmap"
|
||||
|
||||
FILES_MASTER += "segfault-$(VER)/master/Dockerfile"
|
||||
FILES_MASTER += "segfault-$(VER)/master/Makefile"
|
||||
|
17
contrib/db-sync.sh
Executable file
17
contrib/db-sync.sh
Executable file
@ -0,0 +1,17 @@
|
||||
#! /usr/bin/env bash
|
||||
|
||||
## In the format of:
|
||||
# HOSTS+=("adm")
|
||||
# HOSTS+=("lgm")
|
||||
|
||||
source .env_hosts || exit
|
||||
|
||||
for h in "${HOSTS[@]}"; do
|
||||
echo "Syncing ${h} DOWN"
|
||||
rsync -ral "${h}":/sf/config/db/banned "${h}":/sf/config/db/token "${h}":/sf/config/db/limits .
|
||||
done
|
||||
|
||||
for h in "${HOSTS[@]}"; do
|
||||
echo "Syncing ${h} UP"
|
||||
rsync -ral banned token limits "${h}":'/sf/config/db'
|
||||
done
|
@ -628,6 +628,7 @@ services:
|
||||
- SF_DIRECT
|
||||
- SF_DEBUG
|
||||
- SF_BACKING_FS
|
||||
# - SF_DEBUG_SSHD=1 # FIXME-2022 sshd debug
|
||||
volumes:
|
||||
- "${SF_BASEDIR:-.}/config:/config/host"
|
||||
- "${SF_BASEDIR:-.}/data/share:/sf/share:ro"
|
||||
@ -639,7 +640,8 @@ services:
|
||||
- "/var/run/docker.sock:/var/run/docker.sock"
|
||||
- "/var/lib/lxcfs:/var/lib/lxcfs:ro"
|
||||
- "${SF_SHMDIR:-/dev/shm/sf}/run/redis/sock:/redis-sock"
|
||||
# - /research/segfault/host/fs-root/bin/segfaultsh:/bin/segfaultsh:ro # FIXME-2022
|
||||
# - /research/segfault/host/fs-root/bin/segfaultsh:/bin/segfaultsh:ro # FIXME-2022
|
||||
# - /research/segfault/host:/host:ro # FIXME-2022 sshd debug
|
||||
|
||||
nginx:
|
||||
image: nginx
|
||||
|
@ -144,8 +144,6 @@ RUN /pkg-install.sh HACK apt-get install -y --no-install-recommends \
|
||||
pagekite \
|
||||
pwncat \
|
||||
python3-shodan \
|
||||
shadowsocks-libev \
|
||||
shadowsocks-v2ray-plugin \
|
||||
snmpcheck \
|
||||
socat \
|
||||
thc-ipv6 \
|
||||
@ -444,22 +442,22 @@ RUN /pkg-install.sh GUI bash -c '{ [[ $HOSTTYPE != x86_64 ]] && exit 0; cd /usr/
|
||||
RUN /pkg-install.sh GUI bash -c '{ true; \
|
||||
rm -f /etc/apt/sources.list.d/*.list /etc/apt/sources.list.d/*.sources; \
|
||||
apt-get update ; }'
|
||||
RUN /pkg-install.sh HUGE ghbin SagerNet/sing-box 'linux-%arch:x86_64=amd64:aarch64=arm64%.' sing-box \
|
||||
&& /pkg-install.sh HACK bin 'https://api.localxpose.io/api/v2/downloads/loclx-linux-%arch:x86_64=amd64:aarch64=arm64%.zip' loclx \
|
||||
&& /pkg-install.sh HACK bin 'https://bin.equinox.io/c/bNyj1mQVY4c/ngrok-v3-stable-linux-%arch:x86_64=amd64:aarch64=arm64%.tgz' ngrok \
|
||||
RUN /pkg-install.sh HUGE ghbin SagerNet/sing-box 'linux-%arch:x86_64=amd64:aarch64=arm64%.' sing-box \
|
||||
&& /pkg-install.sh HACK bin 'https://api.localxpose.io/api/v2/downloads/loclx-linux-%arch1%.zip' loclx \
|
||||
&& /pkg-install.sh HACK bin 'https://bin.equinox.io/c/bNyj1mQVY4c/ngrok-v3-stable-linux-%arch1%.tgz' ngrok \
|
||||
&& /pkg-install.sh HUGE ghbin tomnomnom/waybackurls 'linux-amd64-' waybackurls \
|
||||
&& /pkg-install.sh HACK bash -c '{ GOBIN=/usr/bin go install github.com/projectdiscovery/cdncheck/cmd/cdncheck@latest; }' \
|
||||
&& /pkg-install.sh HACK ghbin projectdiscovery/httpx 'linux_%arch:x86_64=amd64:aarch64=arm64%.zip$' httpx \
|
||||
&& /pkg-install.sh HACK ghbin projectdiscovery/katana 'linux_%arch:x86_64=amd64:aarch64=arm64%.zip$' katana \
|
||||
&& /pkg-install.sh HACK ghbin projectdiscovery/naabu 'linux_amd64.zip$' naabu `### x86_64 only` \
|
||||
&& /pkg-install.sh HACK ghbin projectdiscovery/nuclei 'linux_%arch:x86_64=amd64:aarch64=arm64%.zip$' nuclei \
|
||||
&& /pkg-install.sh HACK ghbin projectdiscovery/pdtm 'linux_%arch:x86_64=amd64:aarch64=arm64%.zip$' pdtm \
|
||||
&& /pkg-install.sh HACK ghbin projectdiscovery/proxify 'linux_%arch:x86_64=amd64:aarch64=arm64%.zip$' proxify \
|
||||
&& /pkg-install.sh HACK ghbin projectdiscovery/shuffledns '_linux_%arch:x86_64=amd64:aarch64=arm64%.zip$' shuffledns \
|
||||
&& /pkg-install.sh HACK ghbin projectdiscovery/subfinder 'linux_%arch:x86_64=amd64:aarch64=arm64%.zip$' subfinder \
|
||||
&& /pkg-install.sh HACK ghbin projectdiscovery/tlsx 'linux_%arch:x86_64=amd64:aarch64=arm64%.zip$' tlsx \
|
||||
&& /pkg-install.sh HACK ghbin projectdiscovery/uncover 'linux_%arch:x86_64=amd64:aarch64=arm64%.zip$' uncover \
|
||||
&& /pkg-install.sh HACK ghbin s0md3v/smap 'linux_%arch:x86_64=amd64:aarch64=arm64%.tar.xz$' smap
|
||||
&& /pkg-install.sh HACK ghbin projectdiscovery/httpx 'linux_%arch1%.zip$' httpx \
|
||||
&& /pkg-install.sh HACK ghbin projectdiscovery/katana 'linux_%arch1%.zip$' katana \
|
||||
&& /pkg-install.sh HACK ghbin projectdiscovery/naabu 'linux_amd64.zip$' naabu `### x86_64 only` \
|
||||
&& /pkg-install.sh HACK ghbin projectdiscovery/nuclei 'linux_%arch1%.zip$' nuclei \
|
||||
&& /pkg-install.sh HACK ghbin projectdiscovery/pdtm 'linux_%arch1%.zip$' pdtm \
|
||||
&& /pkg-install.sh HACK ghbin projectdiscovery/proxify 'linux_%arch1%.zip$' proxify \
|
||||
&& /pkg-install.sh HACK ghbin projectdiscovery/shuffledns '_linux_%arch1%.zip$' shuffledns \
|
||||
&& /pkg-install.sh HACK ghbin projectdiscovery/subfinder 'linux_%arch1%.zip$' subfinder \
|
||||
&& /pkg-install.sh HACK ghbin projectdiscovery/tlsx 'linux_%arch1%.zip$' tlsx \
|
||||
&& /pkg-install.sh HACK ghbin projectdiscovery/uncover 'linux_%arch1%.zip$' uncover \
|
||||
&& /pkg-install.sh HACK ghbin s0md3v/smap 'linux_%arch1%.tar.xz$' smap
|
||||
RUN /pkg-install.sh LARGE ghbin Peltoche/lsd 'lsd_.*_%arch:x86_64=amd64:aarch64=arm64%.deb$' \
|
||||
&& /pkg-install.sh LARGE ghbin cloudflare/cloudflared 'linux-%arch:x86_64=amd64:aarch64=arm64%.deb$' \
|
||||
&& /pkg-install.sh LARGE ghbin filebrowser/filebrowser '^linux-%arch:x86_64=amd64:aarch64=arm64%-filebrowser.tar.gz$' filebrowser \
|
||||
@ -517,7 +515,8 @@ RUN /pkg-install.sh HACK apt-get install -y --no-install-recommends \
|
||||
&& /pkg-install.sh HACK bin https://raw.githubusercontent.com/fullhunt/log4j-scan/master/log4j-scan.py log4j-scan
|
||||
RUN /pkg-install.sh HACK apt-get install -y --no-install-recommends \
|
||||
python3-aiohttp \
|
||||
python3-discord
|
||||
python3-discord \
|
||||
python3-irc
|
||||
RUN /pkg-install.sh HACK pipx install aort \
|
||||
&& /pkg-install.sh HACK pipx install arsenal-cli \
|
||||
&& /pkg-install.sh HACK pipx install bbrf \
|
||||
@ -542,6 +541,7 @@ RUN /pkg-install.sh WEB bash -c '{ apt-get remove -y pelican; true; }' \
|
||||
RUN /pkg-install.sh DEVEL pip install --break-system-packages \
|
||||
cryptocode \
|
||||
ipaddress \
|
||||
mmh3 `# FavFreak` \
|
||||
pyTelegramBotAPI \
|
||||
tgcrypto \
|
||||
wsgidav
|
||||
@ -663,6 +663,10 @@ RUN /pkg-install.sh WEB apt-get install -y --no-install-recommends \
|
||||
libnginx-mod-stream-js \
|
||||
njs
|
||||
RUN /pkg-install.sh DEV apt-get install -y --no-install-recommends \
|
||||
gengetopt \
|
||||
libgmp3-dev \
|
||||
libjson-c-dev \
|
||||
libunistring-dev \
|
||||
ninja-build \
|
||||
repo
|
||||
# Android build tools:
|
||||
@ -708,19 +712,21 @@ RUN /pkg-install.sh LARGE apt-get install -y --no-install-recommends \
|
||||
g++-multilib \
|
||||
gcc-multilib \
|
||||
lib32ncurses-dev lib32z1-dev || { [ $(uname -m) != x86_64 ] && true; }
|
||||
RUN /pkg-install.sh HACK ghbin wader/fq '_linux_%arch:x86_64=amd64:aarch64=arm64%' fq \
|
||||
RUN /pkg-install.sh HACK ghbin wader/fq '_linux_%arch1%' fq \
|
||||
&& /pkg-install.sh HACK bin https://raw.githubusercontent.com/trustedsec/hardcidr/master/hardCIDR.sh hardcidr \
|
||||
&& /pkg-install.sh HACK ghbin hahwul/dalfox '_linux_%arch:x86_64=amd64:aarch64=arm64%' dalfox
|
||||
&& /pkg-install.sh HACK ghbin hahwul/dalfox '_linux_%arch1%' dalfox
|
||||
RUN /pkg-install.sh NET bin https://github.com/hackerschoice/binary/raw/main/gsocket/latest/gsocket_latest_all.deb `# x86_64 only` \
|
||||
&& /pkg-install.sh NET ghbin shadowsocks/shadowsocks-rust '%arch%.*linux.musl.tar.xz$' \
|
||||
&& /pkg-install.sh NET ghbin ginuerzh/gost 'linux-%arch:x86_64=amd64:aarch64=armv8%.*gz$' gost \
|
||||
&& /pkg-install.sh NET ghbin tulir/gomuks 'linux-%arch:x86_64=amd64:aarch64=arm64%' gomuks \
|
||||
&& /pkg-install.sh NET ghbin Snawoot/hola-proxy 'linux-%arch:x86_64=amd64:aarch64=arm64%' hola-proxy \
|
||||
&& /pkg-install.sh NET ghbin tulir/gomuks 'linux-%arch%' gomuks \
|
||||
&& /pkg-install.sh NET ghbin Snawoot/hola-proxy 'linux-%arch1%' hola-proxy \
|
||||
&& /pkg-install.sh NET ghbin maxmind/mmdbinspect 'linux_amd64.tar.gz$' mmdbinspect `# x86_64 only` \
|
||||
&& /pkg-install.sh NET ghbin shadowsocks/shadowsocks-rust '%arch%-unknown-linux-musl.tar' \
|
||||
&& /pkg-install.sh NET ghbin shadowsocks/v2ray-plugin 'linux-%arch1%' 'v2ray-plugin_*' "" v2ray-plugin \
|
||||
&& /pkg-install.sh NET ghbin teddysun/xray-plugin 'linux-%arch1%' 'xray-plugin_*' "" xray-plugin \
|
||||
&& /pkg-install.sh NET ghbin KaranGauswami/socks-to-http-proxy 'sthp-linux' sthp `# x86_64 only` \
|
||||
&& /pkg-install.sh NET ghbin schollz/croc 'Linux-%arch:x86_64=64bit:aarch64=ARM64%.deb' \
|
||||
&& /pkg-install.sh NET ghbin vi/websocat '%arch%.*linux-musl' websocat \
|
||||
&& /pkg-install.sh NET ghbin ViRb3/wgcf 'linux_%arch:x86_64=amd64:aarch64=arm64%$' wgcf \
|
||||
&& /pkg-install.sh NET ghbin ViRb3/wgcf 'linux_%arch1%$' wgcf \
|
||||
&& /pkg-install.sh NET ghbin poscat0x04/wgcf-teams '-linux' wgcf-teams \
|
||||
&& /pkg-install.sh NET apt-get install -y --no-install-recommends \
|
||||
hping3 \
|
||||
@ -749,7 +755,20 @@ RUN /pkg-install.sh GUI apt-get install -y --no-install-recommends \
|
||||
RUN /pkg-install.sh LARGE apt-get install -y --no-install-recommends \
|
||||
php8.2-fpm \
|
||||
php8.2-xml
|
||||
RUN /pkg-install.sh HACK pipx install pwncat-cs
|
||||
RUN /pkg-install.sh HACK pipx install git+https://github.com/bluet/proxybroker2.git \
|
||||
&& /pkg-install.sh HACK pipx install pwncat-cs \
|
||||
&& /pkg-install.sh HACK ghbin praetorian-inc/noseyparker 'linux-' noseyparker \
|
||||
&& /pkg-install.sh HACK bin 'https://gitlab.com/api/v4/projects/33695681/packages/generic/nrich/latest/nrich_latest_amd64.deb' `# x86_64 only` \
|
||||
&& /pkg-install.sh HACK bin 'https://github.com/RustScan/RustScan/releases/download/2.0.1/rustscan_2.0.1_amd64.deb' `# x86_64 only` \
|
||||
&& /pkg-install.sh HACK ghbin hueristiq/xurlfind3r 'linux_%arch:x86_64=amd64:aarch64=arm64%' xurlfind3r
|
||||
RUN /pkg-install.sh LARGE ghbin PaddiM8/kalker 'linux' kalker
|
||||
RUN /pkg-install.sh HACK bash -c '{ wget -O "/usr/bin/favfreak.py" https://raw.githubusercontent.com/devanshbatham/FavFreak/master/favfreak.py \
|
||||
&& chmod 755 /usr/bin/favfreak.py \
|
||||
&& ln -s favfreak.py /usr/bin/FavFreak; }' \
|
||||
&& /pkg-install.sh HACK bash -c '{ mkdir /usr/share/wordlists/meg \
|
||||
&& wget -O /usr/share/wordlists/meg/openredirects "https://raw.githubusercontent.com/tomnomnom/meg/master/lists/openredirects" \
|
||||
&& wget -O /usr/share/wordlists/meg/configfiles "https://raw.githubusercontent.com/tomnomnom/meg/master/lists/configfiles" \
|
||||
&& wget -O /usr/share/wordlists/meg/crlfinjection "https://raw.githubusercontent.com/tomnomnom/meg/master/lists/crlfinjection"; }'
|
||||
RUN sed 's/deb-src.*//' -i /etc/apt/sources.list \
|
||||
&& apt-get autoremove -y \
|
||||
&& apt-get update
|
||||
@ -759,6 +778,9 @@ RUN sed 's/deb-src.*//' -i /etc/apt/sources.list \
|
||||
|
||||
# Do fs-root last (on vmbox it messes with permissions on directories and setup.sh fixes it)
|
||||
COPY setup.sh /fs-root/ /
|
||||
# Some tools are pre-compiled on existing segfaults and supplied as binary
|
||||
# (Mostly tools which are a bitch to build during 'docker build')
|
||||
COPY /fs-root-amd64/ /
|
||||
RUN /setup.sh \
|
||||
&& rm -f /setup.sh /pkg-install.sh
|
||||
|
||||
|
BIN
guest/fs-root-amd64/usr/bin/xmap
Executable file
BIN
guest/fs-root-amd64/usr/bin/xmap
Executable file
Binary file not shown.
@ -14,6 +14,7 @@ alias xterm='xterm-dark'
|
||||
alias psg='ps alxwww | grep -i -E'
|
||||
alias reboot='halt'
|
||||
alias shutdown='halt'
|
||||
alias calc='kalker'
|
||||
|
||||
function dmesg {
|
||||
[[ ! -t 1 ]] && { command curl -s sf/dmesg/ -dnocolor=1; return; }
|
||||
@ -47,7 +48,7 @@ alias brave="brave-browser"
|
||||
echo -e >&2 "\
|
||||
${CDC}Massdns${CN}, ${CDC}Masscan${CN} et.al. do not work well via VPN providers. The uplink VPN providers
|
||||
and Google's 8.8.8.8 / 8.8.4.4 will ${CRY}block the requests${CN} when done to rapidly.
|
||||
Read how the pros do it: ${CB}${CUL}https://www.thc.org/segfault/faq/nokiddie${CN}"
|
||||
Read how the pros do it: ${CB}${CUL}https://thc.org/segfault/faq/nokiddie${CN}"
|
||||
|
||||
if [[ -t 0 ]]; then
|
||||
echo -e >&2 "${CDY}Continuing in 10 seconds. Press ENTER to continue now or CTRL-c to stop.${CN}"
|
||||
@ -58,14 +59,17 @@ Read how the pros do it: ${CB}${CUL}https://www.thc.org/segfault/faq/nokiddie${C
|
||||
}
|
||||
|
||||
command -v massdns >/dev/null && massdns(){ _nokiddie_warning "massdns" "$@"; }
|
||||
command -v puredns >/dev/null && puredns(){ _nokiddie_warning "puredns" "$@"; }
|
||||
command -v masscan >/dev/null && masscan(){ _nokiddie_warning "masscan" "$@"; }
|
||||
command -v shuffledns >/dev/null && shuffledns(){ _nokiddie_warning "shuffledns" "$@"; }
|
||||
command -v nuclei >/dev/null && nuclei(){ _nokiddie_warning "nuclei" "$@"; }
|
||||
command -v ffuf >/dev/null && ffuf(){ _nokiddie_warning "ffuf" "$@"; }
|
||||
command -v naabu >/dev/null && naabu(){ _nokiddie_warning "naabu" "$@"; }
|
||||
}
|
||||
|
||||
### for 'curl -x socks5h://$(PROXY) ipinfo.io'
|
||||
TOR(){ echo "${SF_TOR_IP}:9050"; }
|
||||
PROXY()
|
||||
{
|
||||
PROXY(){
|
||||
local IFS
|
||||
local arr
|
||||
local n
|
||||
@ -79,12 +83,6 @@ PROXY()
|
||||
echo "${arr[$((RANDOM % n))]}"
|
||||
}
|
||||
|
||||
# ASN lookup (Careful, using government's beloved team-cymru)
|
||||
asn() {
|
||||
[[ -n $1 ]] && { echo -e "begin\nverbose\n${1}\nend"|netcat whois.cymru.com 43| tail -n +2; return; }
|
||||
(echo -e 'begin\nverbose';cat -;echo end)|netcat whois.cymru.com 43|tail -n +2
|
||||
}
|
||||
|
||||
docker(){
|
||||
echo -e >&2 "${CDB}[${CDY}SF${CDB}] ${CR}Docker aint working.${CN} Try ${CDC}udocker${CN} instead."
|
||||
return 255
|
||||
@ -93,7 +91,7 @@ docker-compose(){ docker;}
|
||||
|
||||
[[ -n $IS_SHOW_MOTD_XPRA ]] && [[ -f /sf/bin/funcs_motd-xpra ]] && source /sf/bin/funcs_motd-xpra
|
||||
|
||||
tty -s && [[ -n $TERM ]] && [[ "$TERM" != dumb ]] && {
|
||||
[[ -t 0 ]] && [[ -n $TERM ]] && [[ "$TERM" != dumb ]] && {
|
||||
_grccmd()
|
||||
{
|
||||
local cmd
|
||||
|
11
guest/fs-root/sf/bin/asn
Executable file
11
guest/fs-root/sf/bin/asn
Executable file
@ -0,0 +1,11 @@
|
||||
#! /usr/bin/env bash
|
||||
|
||||
source "${0%/*}/funcs.sh" || exit
|
||||
|
||||
# ASN lookup (Careful, using government's beloved team-cymru)
|
||||
asn() {
|
||||
[[ -n $1 ]] && { echo -e "begin\nverbose\n${1}\nend"|netcat whois.cymru.com 43| tail -n +2; return; }
|
||||
(echo -e 'begin\nverbose';cat -;echo end)|netcat whois.cymru.com 43|tail -n +2
|
||||
}
|
||||
|
||||
asn "$@"
|
@ -1,7 +1,7 @@
|
||||
#! /bin/bash
|
||||
|
||||
# shellcheck disable=SC1091
|
||||
source "/sf/bin/funcs.sh"
|
||||
source "${0%/*}/funcs.sh" || exit
|
||||
cd /
|
||||
|
||||
[[ "$1" != now ]] && {
|
||||
|
@ -1,5 +1,7 @@
|
||||
#! /bin/bash
|
||||
|
||||
source "${0%/*}/funcs.sh" || exit
|
||||
|
||||
ip=$1
|
||||
[[ -z $ip ]] && { echo >&2 "$0 [IP-Address]"; exit 255; }
|
||||
|
||||
|
@ -1,5 +1,7 @@
|
||||
#! /bin/bash
|
||||
|
||||
source "${0%/*}/funcs.sh" || exit
|
||||
|
||||
# Convert IP to "IP CITY COUNTRY HOSTNAME"
|
||||
|
||||
[[ -z $1 ]] && return
|
||||
|
14
guest/fs-root/sf/bin/gsexec
Executable file
14
guest/fs-root/sf/bin/gsexec
Executable file
@ -0,0 +1,14 @@
|
||||
#! /usr/bin/env bash
|
||||
|
||||
{ [[ -n $SF_BINDIR ]] && source "${SF_BINDIR}/funcs.sh"; } || source "/sf/bin/funcs.sh"
|
||||
|
||||
# cut & paste this into your shell on your workstation or add to ~/.bashrc
|
||||
gsexec() {
|
||||
local sec
|
||||
sec="$1"
|
||||
shift 1
|
||||
echo "$*; exit; __START"|gs-netcat -s "$sec" 2>/dev/null|sed -n '/__START/,$p'|tail +2
|
||||
}
|
||||
|
||||
[[ $# -lt 2 ]] && { echo -e >&2 "${CY}ERROR${CN}: gsexec SECRET 'command'"; exit 255; }
|
||||
gsexec "$@"
|
15
guest/fs-root/sf/bin/gssec
Executable file
15
guest/fs-root/sf/bin/gssec
Executable file
@ -0,0 +1,15 @@
|
||||
#! /usr/bin/env bash
|
||||
|
||||
source "${0%/*}/funcs.sh" || exit
|
||||
|
||||
gssec() {
|
||||
[[ -z $GS_SEED ]] && { echo -e >&2 "${CY}ERROR${CN}: Please first set: ${CDC}GS_SEED=MySuperStrongMasterSeed${CN}"; return 255; }
|
||||
str="$(echo "${GS_SEED:?}$1" | sha512sum | base64 | tr -d -c a-z0-9)"
|
||||
str="${str:0:22}"
|
||||
[[ ! -t 1 ]] && { echo "${str}"; return; }
|
||||
echo -e "DEPLOY: ${CM}X=${str}"' bash -c "$(curl -fsSL https://gsocket.io/x)"'"${CN}"
|
||||
echo -e "ACCESS: ${CM}S=${str}"' bash -c "$(curl -fsSL https://gsocket.io/x)"'"${CN}"
|
||||
echo -e "ACCESS: ${CM}gs-netcat -s ${str} -i${CN}"
|
||||
}
|
||||
|
||||
gssec "$@"
|
@ -17,6 +17,16 @@ export PIPX_BIN_DIR=/usr/bin
|
||||
dearch()
|
||||
{
|
||||
local str
|
||||
local ht
|
||||
|
||||
# 'lsd_.*_%arch1%.deb$' ==> lsd_.*_amd64.deb
|
||||
[[ $1 =~ %arch1% ]] && {
|
||||
[[ $HOSTTYPE == x86_64 ]] && ht="amd64"
|
||||
[[ $HOSTTYPE == aarch64 ]] && ht="arm64"
|
||||
echo "${1//%arch1%/$ht}"
|
||||
return
|
||||
}
|
||||
|
||||
# Convert any '%arch%' to 'x86_64'
|
||||
str=${1//%arch%/$HOSTTYPE}
|
||||
[[ $str =~ %arch.*% ]] && {
|
||||
@ -31,17 +41,36 @@ dearch()
|
||||
echo "$str"
|
||||
}
|
||||
|
||||
xmv() {
|
||||
local asset
|
||||
local dass
|
||||
local dstdir
|
||||
asset="$1"
|
||||
dass="$2"
|
||||
dstdir="$3"
|
||||
|
||||
[[ "$asset" != "$dass" ]] && {
|
||||
mv "${dstdir}"/${asset} "${dstdir}/${dass}" || return
|
||||
}
|
||||
|
||||
chmod 755 "${dstdir}/${dass}" || return
|
||||
}
|
||||
|
||||
# Download & Extract
|
||||
# [URL] [asset] <dstdir>
|
||||
# [URL] [asset] <dstdir> <destination asset>
|
||||
dlx()
|
||||
{
|
||||
local url
|
||||
local asset
|
||||
local dstdir
|
||||
local dass
|
||||
url="$1"
|
||||
asset="$2"
|
||||
asset="$2" # May contain wildcards/Need globbing
|
||||
dstdir="$3"
|
||||
dass="$4"
|
||||
|
||||
[[ -z $dstdir ]] && dstdir="/usr/bin"
|
||||
[[ -z $dass ]] && dass="$asset"
|
||||
|
||||
[[ -z "$url" ]] && { echo >&2 "[${asset}] URL: '$loc'"; return 255; }
|
||||
case $url in
|
||||
@ -53,8 +82,8 @@ dlx()
|
||||
unzip /tmp/pkg.zip -d "${dstdir}" || return
|
||||
else
|
||||
# HERE: Single file
|
||||
unzip -o -j /tmp/pkg.zip "$asset" -d "${dstdir}" || return
|
||||
chmod 755 "${dstdir}/$(basename "${asset}")" || return
|
||||
{ unzip -o -j /tmp/pkg.zip "$asset" -d "${dstdir}" \
|
||||
&& xmv "$asset" "$dass" "$dstdir"; } || return
|
||||
fi
|
||||
rm -f /tmp/pkg.zip \
|
||||
&& return 0
|
||||
@ -68,32 +97,32 @@ dlx()
|
||||
;;
|
||||
*.tar.gz|*.tgz)
|
||||
curl -SsfL "$url" | tar xfvz - --transform="flags=r;s|.*/||" --no-anchored -C "${dstdir}" --wildcards "$asset" \
|
||||
&& chmod 755 "${dstdir}/${asset}" \
|
||||
&& xmv "$asset" "$dass" "$dstdir" \
|
||||
&& return 0
|
||||
;;
|
||||
*.gz)
|
||||
curl -SsfL "$url" | gunzip >"${dstdir}/${asset}" \
|
||||
&& chmod 755 "${dstdir}/${asset}" \
|
||||
&& chmod 755 "${dstdir}/${dass}" \
|
||||
&& return 0
|
||||
;;
|
||||
*.tar.bz2)
|
||||
curl -SsfL "$url" | tar xfvj - --transform="flags=r;s|.*/||" --no-anchored -C "${dstdir}" --wildcards "$asset" \
|
||||
&& chmod 755 "${dstdir}/${asset}" \
|
||||
&& xmv "$asset" "$dass" "$dstdir" \
|
||||
&& return 0
|
||||
;;
|
||||
*.bz2)
|
||||
curl -SsfL "$url" | bunzip2 >"${dstdir}/${asset}" \
|
||||
&& chmod 755 "${dstdir}/${asset}" \
|
||||
&& xmv "$asset" "$dass" "$dstdir" \
|
||||
&& return 0
|
||||
;;
|
||||
*.xz)
|
||||
curl -SsfL "$url" | tar xfvJ - --transform="flags=r;s|.*/||" --no-anchored -C /usr/bin --wildcards "$asset" \
|
||||
&& chmod 755 "${dstdir}/${asset}" \
|
||||
&& xmv "$asset" "$dass" "$dstdir" \
|
||||
&& return 0
|
||||
;;
|
||||
*)
|
||||
curl -SsfL "$url" >"${dstdir}/${asset}" \
|
||||
&& chmod 755 "${dstdir}/${asset}" \
|
||||
&& chmod 755 "${dstdir}/${dass}" \
|
||||
&& return 0
|
||||
esac
|
||||
}
|
||||
@ -134,22 +163,26 @@ ghbin()
|
||||
{
|
||||
local url
|
||||
local asset
|
||||
local dst
|
||||
local src
|
||||
src=$(dearch "$2") || exit 0
|
||||
asset="$3"
|
||||
asset=$(dearch "$3") || exit 0
|
||||
dst="$5"
|
||||
|
||||
url=$(ghlatest "$1" "$src")
|
||||
dlx "$url" "$asset"
|
||||
dlx "$url" "$asset" "" "$dst"
|
||||
}
|
||||
|
||||
ghdir()
|
||||
{
|
||||
local url
|
||||
local src
|
||||
local dst
|
||||
src=$(dearch "$2") || exit 0
|
||||
dst="$3"
|
||||
|
||||
url=$(ghlatest "$1" "$src")
|
||||
dlx "$url" "" "$3"
|
||||
dlx "$url" "" "$dst"
|
||||
}
|
||||
|
||||
bin()
|
||||
|
@ -127,6 +127,7 @@ setup()
|
||||
rmsymdir /home /sec/home
|
||||
rmsymdir /root /sec/root
|
||||
rmsymdir /root/.gf /usr/share/gf
|
||||
rmsymdir /usr/share/wordlists /sec/root/wordlists
|
||||
|
||||
# Create useful directory
|
||||
xmkdir /dev/shm/tmp && chmod 1777 /dev/shm/tmp
|
||||
|
13
guest/fs-root/sf/bin/shred
Executable file
13
guest/fs-root/sf/bin/shred
Executable file
@ -0,0 +1,13 @@
|
||||
#! /usr/bin/env bash
|
||||
|
||||
source "${0%/*}/funcs.sh" || exit
|
||||
|
||||
## SHRED without shred command
|
||||
shred()
|
||||
{
|
||||
[[ -z $1 || ! -f "$1" ]] && { echo >&2 "shred [FILE]"; return 255; }
|
||||
dd bs=1k count=$(du -sk ${1:?} | cut -f1) if=/dev/urandom >"$1"
|
||||
rm -f "${1:?}"
|
||||
}
|
||||
|
||||
shred "$@"
|
19
guest/fs-root/sf/bin/sshj
Executable file
19
guest/fs-root/sf/bin/sshj
Executable file
@ -0,0 +1,19 @@
|
||||
#! /usr/bin/env bash
|
||||
|
||||
source "${0%/*}/funcs.sh" || exit
|
||||
|
||||
# sshj # Generates a random tunnel ID [e.g. 5dmxf27tl4kx] and keeps the tunnel connected
|
||||
# sshj foobarblahblub # Creates tunnel with specific tunnel ID
|
||||
# sshj foobarblahblub 192.168.0.1 2222 # Tunnel to host 192.168.0.1:2222 on the LAN
|
||||
|
||||
sshj()
|
||||
{
|
||||
local pw
|
||||
pw="${1,,}"
|
||||
[[ -z $pw ]] && { pw=$(head -c64 </dev/urandom | base64 | tr -d -c a-z0-9); pw=${pw:0:12}; }
|
||||
echo "Press Ctrl-C to stop this tunnel."
|
||||
echo -e "To ssh to ${USER:-root}@${2:-127.0.0.1}:${3:-22} type: \e[0;36mssh -J ${pw}@ssh-j.com ${USER:-root}@${pw}\e[0m"
|
||||
ssh -o StrictHostKeyChecking=accept-new -o ServerAliveInterval=30 -o ExitOnForwardFailure=yes ${pw}@ssh-j.com -N -R ${pw}:22:${2:-0}:${3:-22}
|
||||
}
|
||||
|
||||
sshj "$@"
|
21
guest/fs-root/sf/bin/thcssh
Executable file
21
guest/fs-root/sf/bin/thcssh
Executable file
@ -0,0 +1,21 @@
|
||||
#! /usr/bin/env bash
|
||||
|
||||
source "${0%/*}/funcs.sh" || exit
|
||||
|
||||
### Cut & Paste the following to your shell, then execute
|
||||
### thcssh user@server.org
|
||||
thcssh()
|
||||
{
|
||||
local ttyp
|
||||
echo -e "\e[0;35mTHC says: pimp up your prompt: Cut & Paste the following into your remote shell:\e[0;36m"
|
||||
echo -e 'PS1="{THC} \[\\033[36m\]\\u\[\\033[m\]@\[\\033[32m\]\\h:\[\\033[33;1m\]\\w\[\\033[m\]\\$ "\e[0m'
|
||||
ttyp=$(stty -g)
|
||||
stty raw -echo opost
|
||||
[[ $(ssh -V 2>&1) == OpenSSH_[67]* ]] && a="no"
|
||||
ssh -o UpdateHostKeys=no -o StrictHostKeyChecking="${a:-accept-new}" -T \
|
||||
"$@" \
|
||||
"unset SSH_CLIENT SSH_CONNECTION; TERM=xterm-256color BASH_HISTORY=/dev/null exec -a [ntp] script -qc 'exec -a [uid] /bin/bash -i' /dev/null"
|
||||
stty "${ttyp}"
|
||||
}
|
||||
|
||||
thcssh "$@"
|
14
guest/fs-root/sf/bin/transfer
Executable file
14
guest/fs-root/sf/bin/transfer
Executable file
@ -0,0 +1,14 @@
|
||||
#! /usr/bin/env bash
|
||||
|
||||
source "${0%/*}/funcs.sh" || exit
|
||||
|
||||
transfer() {
|
||||
local fn
|
||||
[[ $# -eq 0 ]] && { echo -e >&2 "Usage:\n transfer [file/directory]\n transfer [name] <FILENAME"; return 255; }
|
||||
[[ ! -t 0 ]] && { curl -SsfL --progress-bar --upload-file "-" "https://transfer.sh/${1}"; return; }
|
||||
[[ ! -e "$1" ]] && { echo -e >&2 "Not found: $1"; return 255; }
|
||||
[[ -d "$1" ]] && { (cd "${1}/.."; tar cfz - "${1##*/}")|curl -SsfL --progress-bar --upload-file "-" "https://transfer.sh/${1##*/}.tar.gz"; return; }
|
||||
curl -SsfL --progress-bar --upload-file "$1" "https://transfer.sh/${1##*/}"
|
||||
}
|
||||
|
||||
transfer "$@"
|
@ -7,6 +7,7 @@ albuild:
|
||||
docker run --network host --name alpine-gcc alpine sh -c 'apk update && apk add gcc patch libc-dev musl-dev zlib-dev openssl-dev make linux-headers libcap-dev bash' \
|
||||
&& docker commit alpine-gcc alpine-gcc; }"
|
||||
|
||||
# See mk_sshd.sh for manual debugging
|
||||
fs-root/usr/sbin/sshd: sf-sshd.patch mk_sshd.sh
|
||||
docker run --rm -v$$(pwd):/src --net=host -w /tmp alpine-gcc /src/mk_sshd.sh
|
||||
|
||||
|
@ -250,6 +250,7 @@ vboxfix /bin/segfaultsh
|
||||
# Allow segfaultsh access to /sf/bin if mounted from extern (during debugging)
|
||||
vboxfix /sf/bin
|
||||
|
||||
[[ -n $SF_DEBUG_SSHD ]] && sleep infinity
|
||||
# This will execute 'segfaultsh' on root-login (uid=1000)
|
||||
exec 0<&- # Close STDIN
|
||||
exec /usr/sbin/sshd -u0 -D
|
||||
|
@ -1062,7 +1062,7 @@ fi
|
||||
SF_TOKEN="${SF_TOKEN:0:32}"
|
||||
}
|
||||
# Unset user supplied env variables
|
||||
unset SECRET HUSTLOGIN HIDEIP PRJ TOKEN
|
||||
unset SECRET HUSHLOGIN HIDEIP PRJ TOKEN
|
||||
### ----END SANITIZE----
|
||||
|
||||
# Only output progress if this is a login shell _and_ not HUSHLOGIN
|
||||
@ -1241,6 +1241,8 @@ exec_devnull docker run \
|
||||
--log-driver "${SF_DOCKER_LOG}" \
|
||||
--tmpfs /tmp:exec `# GoLang needs /tmp to be executeable` \
|
||||
--sysctl net.ipv6.conf.all.disable_ipv6=0 `# Allow IPv6 (used by WireGuard FOBs)` \
|
||||
--sysctl net.ipv4.tcp_tw_reuse=1 `# Immediately reuse TIME_WAIT sockets` \
|
||||
--sysctl net.ipv4.tcp_fin_timeout=10 \
|
||||
-v "${SF_BASEDIR}/data/share/:/sf/share:ro" \
|
||||
-v "${SF_CFG_GUEST_DIR:?}/:/config/guest:ro" \
|
||||
-v "${SF_GUEST_SELFDIR:?}/lg-${LID}:/config/self:ro,slave" \
|
||||
|
@ -3,12 +3,19 @@
|
||||
# Executed inside alpine-gcc context to build patched sshd
|
||||
# diff -x '!*.[ch]' -u -r openssh-9.2p1-orig openssh-9.2p1-sf | grep -v ^Only
|
||||
|
||||
# Manual debugging:
|
||||
# cd /research/segfault/host
|
||||
# docker run --rm -v$(pwd):/host --net=host -it alpine-gcc bash -il
|
||||
# export PS1='ssh-build:\w\$ '
|
||||
|
||||
DSTDIR="/src/fs-root/usr/sbin"
|
||||
DSTBIN="${DSTDIR}/sshd"
|
||||
set -e
|
||||
SRCDIR="/tmp/openssh-9.2p1"
|
||||
[[ ! -d "$SRCDIR" ]] && {
|
||||
wget -O - https://cloudflare.cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.2p1.tar.gz | tar xfz -
|
||||
# Cloudflare to often returns 503 - "BLOCKED"
|
||||
# wget -O- https://cloudflare.cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.2p1.tar.gz | tar xfz -
|
||||
wget -O- https://artfiles.org/openbsd/OpenSSH/portable/openssh-9.2p1.tar.gz | tar xfz -
|
||||
|
||||
cd "$SRCDIR"
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
diff -x '!*.[ch]' -u -r openssh-9.2p1-orig/channels.c openssh-9.2p1-sf/channels.c
|
||||
--- openssh-9.2p1-orig/channels.c 2023-02-02 12:21:54.000000000 +0000
|
||||
+++ openssh-9.2p1-sf/channels.c 2023-08-07 11:02:57.954485279 +0000
|
||||
diff --color=auto -x !*.[ch] -u -r openssh-9.2p1-orig/channels.c openssh-9.2p1-sf/channels.c
|
||||
--- openssh-9.2p1-orig/channels.c 2023-02-02 12:21:54
|
||||
+++ openssh-9.2p1-sf/channels.c 2023-08-15 06:13:05
|
||||
@@ -3639,7 +3639,7 @@
|
||||
ssh->chanctxt->IPv4or6 = af;
|
||||
}
|
||||
@ -18,9 +18,9 @@ diff -x '!*.[ch]' -u -r openssh-9.2p1-orig/channels.c openssh-9.2p1-sf/channels.
|
||||
strcmp(listen_addr, "0.0.0.0") != 0 &&
|
||||
strcmp(listen_addr, "*") != 0) {
|
||||
ssh_packet_send_debug(ssh,
|
||||
diff -x '!*.[ch]' -u -r openssh-9.2p1-orig/serverloop.c openssh-9.2p1-sf/serverloop.c
|
||||
--- openssh-9.2p1-orig/serverloop.c 2023-02-02 12:21:54.000000000 +0000
|
||||
+++ openssh-9.2p1-sf/serverloop.c 2023-08-07 17:38:57.711615443 +0000
|
||||
diff --color=auto -x !*.[ch] -u -r openssh-9.2p1-orig/serverloop.c openssh-9.2p1-sf/serverloop.c
|
||||
--- openssh-9.2p1-orig/serverloop.c 2023-02-02 12:21:54
|
||||
+++ openssh-9.2p1-sf/serverloop.c 2023-08-15 06:18:17
|
||||
@@ -102,6 +102,12 @@
|
||||
/* requested tunnel forwarding interface(s), shared with session.c */
|
||||
char *tun_fwd_ifnames = NULL;
|
||||
@ -34,15 +34,18 @@ diff -x '!*.[ch]' -u -r openssh-9.2p1-orig/serverloop.c openssh-9.2p1-sf/serverl
|
||||
/* returns 1 if bind to specified port by specified user is permitted */
|
||||
static int
|
||||
bind_permitted(int port, uid_t uid)
|
||||
@@ -391,6 +397,8 @@
|
||||
@@ -391,8 +397,10 @@
|
||||
/* Clean up sessions, utmp, etc. */
|
||||
cleanup_exit(255);
|
||||
}
|
||||
-
|
||||
channel_after_poll(ssh, pfd, npfd_active);
|
||||
+ if (sf_sigusr1_received != 0)
|
||||
+ sf_sshd2ns();
|
||||
|
||||
channel_after_poll(ssh, pfd, npfd_active);
|
||||
+
|
||||
if (conn_in_ready &&
|
||||
process_input(ssh, connection_in) < 0)
|
||||
break;
|
||||
@@ -637,12 +645,14 @@
|
||||
|
||||
if (strcmp(ctype, "session") == 0) {
|
||||
@ -87,10 +90,10 @@ diff -x '!*.[ch]' -u -r openssh-9.2p1-orig/serverloop.c openssh-9.2p1-sf/serverl
|
||||
}
|
||||
if ((resp = sshbuf_new()) == NULL)
|
||||
fatal_f("sshbuf_new");
|
||||
diff -x '!*.[ch]' -u -r openssh-9.2p1-orig/sshd.c openssh-9.2p1-sf/sshd.c
|
||||
--- openssh-9.2p1-orig/sshd.c 2023-02-02 12:21:54.000000000 +0000
|
||||
+++ openssh-9.2p1-sf/sshd.c 2023-08-07 17:38:29.479621863 +0000
|
||||
@@ -536,6 +536,69 @@
|
||||
diff --color=auto -x !*.[ch] -u -r openssh-9.2p1-orig/sshd.c openssh-9.2p1-sf/sshd.c
|
||||
--- openssh-9.2p1-orig/sshd.c 2023-02-02 12:21:54
|
||||
+++ openssh-9.2p1-sf/sshd.c 2023-08-15 06:13:05
|
||||
@@ -536,8 +536,71 @@
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
@ -100,7 +103,7 @@ diff -x '!*.[ch]' -u -r openssh-9.2p1-orig/sshd.c openssh-9.2p1-sf/sshd.c
|
||||
+#ifndef SECBIT_KEEP_CAPS
|
||||
+#define SECBIT_KEEP_CAPS (1<<4)
|
||||
+#endif
|
||||
+
|
||||
|
||||
+int sf_done;
|
||||
+int sf_by_signal;
|
||||
+int sf_sigusr1_received;
|
||||
@ -108,7 +111,7 @@ diff -x '!*.[ch]' -u -r openssh-9.2p1-orig/sshd.c openssh-9.2p1-sf/sshd.c
|
||||
+size_t sf_ports_n;
|
||||
+static char sf_nsnet_name[128];
|
||||
+static struct ssh *sf_ssh;
|
||||
+static void
|
||||
static void
|
||||
+cb_sigusr1(int sig)
|
||||
+{
|
||||
+ debug("SIGUSR1 RECEIVED");
|
||||
@ -157,10 +160,12 @@ diff -x '!*.[ch]' -u -r openssh-9.2p1-orig/sshd.c openssh-9.2p1-sf/sshd.c
|
||||
+
|
||||
+ sf_done = 1;
|
||||
+}
|
||||
|
||||
static void
|
||||
+
|
||||
+static void
|
||||
privsep_postauth(struct ssh *ssh, Authctxt *authctxt)
|
||||
@@ -576,9 +639,35 @@
|
||||
{
|
||||
#ifdef DISABLE_FD_PASSING
|
||||
@@ -576,8 +639,34 @@
|
||||
|
||||
reseed_prngs();
|
||||
|
||||
@ -169,7 +174,7 @@ diff -x '!*.[ch]' -u -r openssh-9.2p1-orig/sshd.c openssh-9.2p1-sf/sshd.c
|
||||
+
|
||||
/* Drop privileges */
|
||||
do_setusercontext(authctxt->pw);
|
||||
|
||||
+
|
||||
+ // Set the effective CAPS to remove SECUREBITS
|
||||
+ cap_t caps = cap_get_proc();
|
||||
+ const cap_value_t cl[] = {CAP_SETPCAP};
|
||||
@ -192,7 +197,6 @@ diff -x '!*.[ch]' -u -r openssh-9.2p1-orig/sshd.c openssh-9.2p1-sf/sshd.c
|
||||
+ snprintf(sf_nsnet_name, sizeof sf_nsnet_name, "/dev/shm/ns-net-%d", getpid());
|
||||
+ sf_ssh = ssh;
|
||||
+ signal(SIGUSR1, cb_sigusr1);
|
||||
+
|
||||
|
||||
skip:
|
||||
/* It is safe now to apply the key state */
|
||||
monitor_apply_keystate(ssh, pmonitor);
|
||||
|
@ -7,14 +7,13 @@ IS_APT=1
|
||||
|
||||
install_sw()
|
||||
{
|
||||
command -v docker >/dev/null && return
|
||||
[[ -n $SF_NO_INTERNET ]] && return
|
||||
|
||||
# Docker
|
||||
bash -c "$(curl -fsSL https://get.docker.com)" || ERREXIT 255
|
||||
command -v docker >/dev/null || { bash -c "$(curl -fsSL https://get.docker.com)" || ERREXIT 255; }
|
||||
|
||||
# Software
|
||||
if [[ -z $SF_NO_INTERNET ]]; then
|
||||
"${PKG_INSTALL[@]}" docker-compose net-tools make || ERREXIT 138 "Docker not running"
|
||||
fi
|
||||
"${PKG_INSTALL[@]}" docker-compose net-tools make || ERREXIT 138 "Docker not running"
|
||||
}
|
||||
|
||||
|
||||
|
@ -13,7 +13,7 @@
|
||||
|
||||
SFI_SRCDIR="$(cd "$(dirname "${0}")/.." || exit; pwd)"
|
||||
# shellcheck disable=SC1091
|
||||
source "${SFI_SRCDIR}/provision/system/funcs" || exit 255
|
||||
source "${0%/*}/system/funcs" || exit 255
|
||||
NEED_ROOT
|
||||
|
||||
SUDO_SF()
|
||||
@ -25,9 +25,9 @@ SUDO_SF()
|
||||
init_vars()
|
||||
{
|
||||
if command -v apt-get >/dev/null; then
|
||||
source "${SFI_SRCDIR}/provision/funcs_ubuntu.sh"
|
||||
source "${0%/*}/funcs_ubuntu.sh"
|
||||
elif command -v yum >/dev/null; then
|
||||
source "${SFI_SRCDIR}/provision/funcs_al2.sh"
|
||||
source "${0%/*}/funcs_al2.sh"
|
||||
else
|
||||
ERREXIT 255 "Unknown Linux flavor: No apt-get and no yum."
|
||||
fi
|
||||
@ -130,7 +130,12 @@ mergedir()
|
||||
[[ ! -d "${SF_BASEDIR}/${dst}" ]] && mkdir -p "${SF_BASEDIR}/${dst}"
|
||||
|
||||
DEBUGF "Merge $src $dst"
|
||||
[[ ! -d "${SF_BASEDIR}/${src}" ]] && { cp -r "${SFI_SRCDIR}/${src}" "${SF_BASEDIR}/${dst}" || ERREXIT; } || { CONFLICT+=("${src}"); return 1; }
|
||||
if [[ -d "${SF_BASEDIR}/${src}" ]]; then
|
||||
CONFLICT+=("${src}")
|
||||
return 1
|
||||
fi
|
||||
cp -r "${SFI_SRCDIR}/${src}" "${SF_BASEDIR}/${dst}" || ERREXIT
|
||||
|
||||
return 0
|
||||
}
|
||||
|
||||
|
@ -515,7 +515,7 @@ lgban()
|
||||
}
|
||||
|
||||
lgstop "${lid}" "$@"
|
||||
_sf_lgrm "${lid}"
|
||||
#_sf_lgrm "${lid}" # Dont lgrm here and give user chance to explain to re-instate his server.
|
||||
|
||||
_sf_deinit
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user