This commit is contained in:
SkyperTHC 2023-11-01 11:03:49 +00:00
parent 57d38e35a2
commit 0c23595e41
No known key found for this signature in database
GPG Key ID: A9BD386DF9113CD6
12 changed files with 105 additions and 76 deletions

@ -1,5 +1,10 @@
0.5.0 - 2023-10-00
* Access to /dev/kvm (for token users).
0.4.9p3 - 2023-09-20
* Helix (hx)
* /dev/shm mounted exec (for UML support)
* Restrict /tmp to SHM_SIZE
0.4.9p2 - 2023-09-18
* xpra-x11 is back.

@ -1,8 +1,9 @@
VER := 0.4.9p3
VER := 0.5.0a
all:
make -C router
make -C tools/cg
make -C tools/logpipe
make -C master
make -C host
make -C tor
@ -84,6 +85,7 @@ FILES_MASTER += "segfault-$(VER)/master/cgi-bin/rpc"
FILES_HOST += "segfault-$(VER)/host/Dockerfile"
FILES_HOST += "segfault-$(VER)/host/Makefile"
FILES_HOST += "segfault-$(VER)/host/docker-exec-sigproxy.c"
FILES_HOST += "segfault-$(VER)/host/unix-socket-client.c"
FILES_HOST += "segfault-$(VER)/host/mk_sshd.sh"
FILES_HOST += "segfault-$(VER)/host/sf-sshd.patch"
FILES_HOST += "segfault-$(VER)/host/setup.sh"
@ -137,6 +139,7 @@ FILES_CONFIG += "segfault-$(VER)/config/etc/resolv.conf"
FILES_CONFIG += "segfault-$(VER)/config/etc/loginmsg-new.sh-example"
FILES_CONFIG += "segfault-$(VER)/config/etc/loginmsg-all.sh-example"
FILES_CONFIG += "segfault-$(VER)/config/etc/logoutmsg-all.sh-example"
FILES_CONFIG += "segfault-$(VER)/config/etc/logpipe/config.yaml"
FILES_ROOT += "segfault-$(VER)/Makefile"
FILES_ROOT += "segfault-$(VER)/ChangeLog"
@ -156,6 +159,12 @@ FILES_CLEANER += "segfault-$(VER)/tools/cg/go.sum"
FILES_CLEANER += "segfault-$(VER)/tools/cg/main.go"
FILES_CLEANER += "segfault-$(VER)/tools/cg/Makefile"
FILES_CLEANER += "segfault-$(VER)/tools/cg/sysinfo_linux.go"
FILES_CLEANER += "segfault-$(VER)/tools/logpipe/Makefile"
FILES_CLEANER += "segfault-$(VER)/tools/logpipe/Dockerfile"
FILES_CLEANER += "segfault-$(VER)/tools/logpipe/go.sum"
FILES_CLEANER += "segfault-$(VER)/tools/logpipe/go.mod"
FILES_CLEANER += "segfault-$(VER)/tools/logpipe/main.go"
FILES_CLEANER += "segfault-$(VER)/tools/logpipe/metrics.go"
FILES_CONTRIB += "segfault-$(VER)/contrib/sfwg"
FILES_CONTRIB += "segfault-$(VER)/contrib/cronjob"

@ -10,7 +10,7 @@
#SF_GUEST_CONTAINER_NAME_SUFFIX="-v${SF_VER}"
#Some limits are automatically adjusted during an attack.
#SF_USER_MEMORY_LIMIT=256MB
#SF_USER_MEMORY_LIMIT=256m
#SF_USER_MEMORY_AND_SWAP_LIMIT= # Not set=no swap. Example =4g
#SF_USER_PIDS_LIMIT=128
#SF_USER_CPU_SHARE=8 # 2..1024. docker's default is 1024. 2048 gives 2x and 512 half.
@ -22,7 +22,6 @@
#SF_SHM_SIZE= # Hard limit is USER_MEMORY_LIMIT
#SF_CPUS= # automatic between 1..4 depending on host's cpu count
#SF_USER_SYN_BURST=8196 # Can send 8k tcp sync packets
#SF_USER_SYN_LIMIT=1 # Thereafter refill with 1 syn/second, 0=unlimited
#SF_SYN_BURST=10000 # Global limit. (0-10000)
@ -37,6 +36,7 @@
#SF_USER_FS_SIZE= # =128m, xfs only, Not set=unlimited
#SF_USER_FS_INODE= # =16384, xfs only, Not set=unlimited
#SF_USER_DEV_KVM= # =1 to allow access to /dev/kvm (Warning: User can DoS PHY)
#SF_ALLOW_SRC_TOR= # =1 to allow connections from TOR
# Limit to 8 concurrently running servers per IP

@ -105,11 +105,9 @@ services:
container_name: sf-logpipe
restart: ${SF_RESTART:-on-failure}
cgroup_parent: sf.slice
pid: "host"
network_mode: host
volumes:
- "${SF_BASEDIR:-.}/config/etc/logpipe/config.yaml:/app/config.yaml:ro"
- /dev/shm/sf/run/logpipe/:/app/sock/:rw
- "/dev/shm/sf/run/logpipe/:/app/sock/:rw"
sf-portd:
build: encfsd

@ -138,7 +138,7 @@ load_limits()
# Then Token
[[ -f "/config/db/user/lg-${lid}/token" ]] && {
token=$(<"/config/db/user/lg-${lid}/token")
source "/config/db/token/token-${token}.conf" 2>/dev/null
source "/config/db/token/token-${token,,}.conf" 2>/dev/null
}
# Then source user specific limits
[[ -f "/config/db/user/lg-${lid}/limits.conf" ]] && eval "$(grep ^SF_ "/config/db/user/lg-${lid}/limits.conf")"

@ -149,6 +149,7 @@ RUN /pkg-install.sh HACK apt-get install -y --no-install-recommends \
thc-ipv6 \
tnscmd10g \
tshark \
tsocks \
upx \
webshells \
weevely
@ -230,17 +231,27 @@ RUN /pkg-install.sh LARGE apt-get install -y --no-install-recommends \
proxychains \
python2-minimal \
python-is-python3 \
python3-bitcoinlib \
python3-cheroot \
python3-confuse \
python3-decouple \
python3-dotenv \
python3-dotenv-cli \
python3-full \
python3-scapy \
python3-poetry \
python3-pwntools \
python3-pyaudio \
python3-pygments \
python3-pyte \
python3-python-telegram-bot \
python3-venv \
python3-virtualenv \
python3-ipython \
python3-all-dev \
python3-schedule \
python3-setuptools \
python3-telethon \
python-all-dev \
radare2 \
recon-ng \
@ -306,9 +317,12 @@ RUN /pkg-install.sh HUGE apt-get install -y --no-install-recommends \
RUN /pkg-install.sh HUGE apt-get install -y --no-install-recommends \
seclists
RUN /pkg-install.sh HUGE apt-get install -y --no-install-recommends \
cloud-image-utils \
debootstrap \
libguestfs-tools \
qemu-efi \
qemu-efi-arm \
qemu-system \
qemu-user \
qemu-utils \
u-boot-qemu
@ -530,10 +544,12 @@ RUN /pkg-install.sh HACK pipx install aort \
&& /pkg-install.sh HACK pipx install git+https://github.com/soxoj/maigret `### 2023-03-07 pipx repo fails on aiohttp/longintrepr.h` \
&& /pkg-install.sh HACK pipx install raccoon-scanner \
&& /pkg-install.sh HACK pipx install git+https://github.com/EntySec/Shreder \
&& /pkg-install.sh HACK pipx install trevorspray \
&& /pkg-install.sh HACK pipx install userefuzz \
&& /pkg-install.sh HACK pipx install webtech \
&& /pkg-install.sh DEVEL pipx install dulwich \
&& /pkg-install.sh DEVEL pipx install names
&& /pkg-install.sh DEVEL pipx install names \
&& /pkg-install.sh DEVEL pipx install Red-DiscordBot
RUN /pkg-install.sh WEB bash -c '{ apt-get remove -y pelican; true; }' \
&& /pkg-install.sh WEB pipx install 'grip' \
&& /pkg-install.sh WEB pipx install 'pelican[Markdown]' `### apt/pelican causes missing /onion/theme directory` \
@ -545,7 +561,24 @@ RUN /pkg-install.sh DEVEL pip install --break-system-packages \
pyTelegramBotAPI \
tgcrypto \
uploadserver \
wsgidav
wsgidav \
&& /pkg-install.sh DEVEL pip install \
aiogram \
aospdtgen \
booru \
discum \
disnake \
donna25519 \
heroku3 \
jishaku \
lastversion \
libgen_api \
openai \
pyrogram \
python-json-logger \
python-nmap \
telegram \
timer
RUN /pkg-install.sh LARGE pipx install gdown \
&& /pkg-install.sh LARGE pipx install udocker
RUN /pkg-install.sh LARGE bin 'https://gitlab.com/api/v4/projects/32089582/packages/generic/geonet-rs/0.4.3/geonet_0.4.3_%arch:x86_64=amd64:DEFAULT=SKIP%.deb' `# x86_64 only` \
@ -569,6 +602,7 @@ RUN /pkg-install.sh LARGE apt-get install -y --no-install-recommends \
krb5-user \
krb5-config \
parallel \
ranger \
sshuttle
RUN /pkg-install.sh HUGE apt-get install -y --no-install-recommends \
gopls \
@ -610,7 +644,7 @@ RUN /pkg-install.sh HACK ghbin shadow1ng/fscan 'fscan_%arch:x86_64=amd64:aarch64
&& /pkg-install.sh HACK ghbin projectdiscovery/alterx '_linux_%arch:x86_64=amd64:aarch64=arm64%' alterx \
&& /pkg-install.sh HACK ghbin projectdiscovery/notify 'linux_%arch:x86_64=amd64:aarch64=arm64%' notify \
&& /pkg-install.sh HACK ghbin projectdiscovery/interactsh 'linux_%arch:x86_64=amd64:aarch64=arm64%' interactsh-client \
&& /pkg-install.sh HACK ghbin projectdiscovery/mapcidr 'linux_%arch:x86_64=amd64:aarch64=arm64%' mapcidr \
&& /pkg-install.sh HACK bin 'https://github.com/projectdiscovery/mapcidr/releases/download/v1.1.9/mapcidr_1.1.9_linux_%arch1%.zip' mapcidr `# often missing binary assets.` \
&& /pkg-install.sh HACK ghbin glebarez/cero 'linux-amd64' cero `# x86_64 only` \
&& /pkg-install.sh HACK ghbin dwisiswant0/crlfuzz 'inux_%arch:x86_64=amd64:aarch64=arm64%' crlfuzz \
&& /pkg-install.sh HACK ghbin hahwul/dalfox 'inux_%arch:x86_64=amd64:aarch64=arm64%' dalfox \
@ -714,11 +748,11 @@ RUN /pkg-install.sh LARGE apt-get install -y --no-install-recommends \
gcc-multilib \
lib32ncurses-dev lib32z1-dev || { [ $(uname -m) != x86_64 ] && true; }
RUN /pkg-install.sh HACK ghbin wader/fq '_linux_%arch1%' fq \
&& /pkg-install.sh HACK bin https://raw.githubusercontent.com/trustedsec/hardcidr/master/hardCIDR.sh hardcidr \
&& /pkg-install.sh HACK bin https://raw.githubusercontent.com/trustedsec/hardcidr/master/hardCIDR.sh hardcidr \
&& /pkg-install.sh HACK ghbin hahwul/dalfox '_linux_%arch1%' dalfox
RUN /pkg-install.sh NET bin https://github.com/hackerschoice/binary/raw/main/gsocket/latest/gsocket_latest_all.deb `# x86_64 only` \
RUN /pkg-install.sh NET ghbin hackerschoice/gsocket '_%arch%.deb' \
&& /pkg-install.sh NET ghbin ginuerzh/gost 'linux-%arch:x86_64=amd64:aarch64=armv8%.*gz$' gost \
&& /pkg-install.sh NET ghbin tulir/gomuks 'linux-%arch%' gomuks \
&& /pkg-install.sh NET ghbin tulir/gomuks 'linux-%arch1%' gomuks \
&& /pkg-install.sh NET ghbin Snawoot/hola-proxy 'linux-%arch1%' hola-proxy \
&& /pkg-install.sh NET ghbin maxmind/mmdbinspect 'linux_amd64.tar.gz$' mmdbinspect `# x86_64 only` \
&& /pkg-install.sh NET ghbin shadowsocks/shadowsocks-rust '%arch%-unknown-linux-musl.tar' \
@ -748,7 +782,9 @@ RUN /pkg-install.sh HUGE bash -c 'mkdir -p /usr/share/wordlists; curl -fsSL http
RUN /pkg-install.sh LARGE apt-get install -y --no-install-recommends \
bpytop \
btop \
ncdu
db-util \
ncdu \
pass
RUN /pkg-install.sh GUI apt-get install -y --no-install-recommends \
alsa-utils \
alsamixergui \
@ -756,13 +792,15 @@ RUN /pkg-install.sh GUI apt-get install -y --no-install-recommends \
RUN /pkg-install.sh LARGE apt-get install -y --no-install-recommends \
php8.2-fpm \
php8.2-xml
RUN /pkg-install.sh HACK pipx install git+https://github.com/bluet/proxybroker2.git \
RUN /pkg-install.sh HACK ghbin ekzhang/bore '%arch:aarch64=arm%-unknown-linux' \
&& pipx install git+https://github.com/bluet/proxybroker2.git \
&& /pkg-install.sh HACK pipx install pwncat-cs \
&& /pkg-install.sh HACK ghbin praetorian-inc/noseyparker 'linux-' noseyparker \
&& /pkg-install.sh HACK bin 'https://gitlab.com/api/v4/projects/33695681/packages/generic/nrich/latest/nrich_latest_amd64.deb' `# x86_64 only` \
&& /pkg-install.sh HACK bin 'https://github.com/RustScan/RustScan/releases/download/2.0.1/rustscan_2.0.1_amd64.deb' `# x86_64 only` \
&& /pkg-install.sh HACK ghbin hueristiq/xurlfind3r 'linux_%arch:x86_64=amd64:aarch64=arm64%' xurlfind3r
RUN /pkg-install.sh LARGE ghbin PaddiM8/kalker 'linux' kalker
RUN /pkg-install.sh LARGE ghbin PaddiM8/kalker 'linux' kalker \
&& /pkg-install.sh LARGE ghbin PowerShell/PowerShell 'deb_%arch1%.deb'
RUN /pkg-install.sh HACK bash -c '{ wget -O "/usr/bin/favfreak.py" https://raw.githubusercontent.com/devanshbatham/FavFreak/master/favfreak.py \
&& chmod 755 /usr/bin/favfreak.py \
&& ln -s favfreak.py /usr/bin/FavFreak; }' \

@ -62,25 +62,43 @@ Read how the pros do it: ${CB}${CUL}https://thc.org/segfault/faq/nokiddie${CN}"
command -v puredns >/dev/null && puredns(){ _nokiddie_warning "puredns" "$@"; }
command -v masscan >/dev/null && masscan(){ _nokiddie_warning "masscan" "$@"; }
command -v shuffledns >/dev/null && shuffledns(){ _nokiddie_warning "shuffledns" "$@"; }
command -v nuclei >/dev/null && nuclei(){ _nokiddie_warning "nuclei" "$@"; }
command -v ffuf >/dev/null && ffuf(){ _nokiddie_warning "ffuf" "$@"; }
command -v naabu >/dev/null && naabu(){ _nokiddie_warning "naabu" "$@"; }
command -v nuclei >/dev/null && nuclei(){ _nokiddie_warning "nuclei" "$@"; }
command -v ffuf >/dev/null && ffuf(){ _nokiddie_warning "ffuf" "$@"; }
command -v naabu >/dev/null && naabu(){ _nokiddie_warning "naabu" "$@"; }
command -v zmap >/dev/null && zmap(){ _nokiddie_warning "zmap" "$@"; }
}
### for 'curl -x socks5h://$(PROXY) ipinfo.io'
TOR(){ echo "${SF_TOR_IP}:9050"; }
PROXY(){
local IFS
local IFS=" "
local fmt="$*"
local arr
local n
local h
local p
local str
[[ -z $fmt ]] && fmt="%h:%p"
[[ ! -f /sf/share/proxies.txt ]] && { TOR; return; }
IFS=$'\n'
arr=($(<"/sf/share/proxies.txt"))
n=${#arr[@]}
RANDOM=$(date '+%N')
[[ ! $n -gt 0 ]] && { TOR; return; }
echo "${arr[$((RANDOM % n))]}"
if [[ -f /sf/share/proxies.txt ]]; then
IFS=$'\n' arr=($(<"/sf/share/proxies.txt"))
n=${#arr[@]}
RANDOM=$(date '+%N')
[[ ! $n -gt 0 ]] && { TOR; return; }
str="${arr[$((RANDOM % n))]}"
h="${str%:*}"
p="${str#*:}"
else
h="${SF_TOR_IP}"
p="9050"
fi
# Store in global variable
_PROXY_HOST="$h"
_PROXY_PORT="$p"
# format
fmt="${fmt//\%h/$h}"
fmt="${fmt//\%p/$p}"
echo "$fmt"
}
docker(){

@ -32,11 +32,15 @@ This system will ${CRY}SELF-DESTRUCT${CN} in 10 seconds."
exit 0; }
echo -e "${CDR}***DESTRUCT***${CN}"
# SF_HOSTNAME might be empty if bash was started from gs-netcat.
[[ -z $SF_HOSTNAME ]] && {
str=$(hostname)
SF_HOSTNAME="${str##*-}"
}
curl -s sf/net/del -dname=all -dnocolor=1 >/dev/null
shopt -s dotglob
rm -rf /onion/*
rm -rf "/everyone/${SF_HOSTNAME,,}/"*
[[ -d "/everyone/${SF_HOSTNAME,,}" ]] && rm -rf "/everyone/${SF_HOSTNAME,,}/"* 2>/dev/null
# Bloody at-spi-bu re-creates a fuse-hidden file when the parent directory is deleted.
# Force kill it.
rm -rf /sec/* 2>/dev/null

@ -25,4 +25,4 @@ CUL="\e[4m"
CRY="\e[0;33;41m" # YELLOW on RED (warning)
}
# BINDIR="$(cd "$(dirname "${0}")" || exit; pwd)"
:

@ -44,6 +44,7 @@ cp -a /etc/skel /sec/root
ln -s /sec/root /root
cd . # Prevent 'getcwd() failed' after deleting my own directory
ln -s /sec/home /home
mkdir /run/mysqld
echo "NOT ENCRYPTED" >/sec/THIS-DIRECTORY-IS-NOT-ENCRYPTED--DO-NOT-USE.txt

@ -7,7 +7,7 @@
#include <sys/un.h>
#include <unistd.h>
#define SOCKET_PATH "/dev/shm/sf/run/logpipe/logPipe.sock"
#define SOCKET_PATH "/sf/run/logpipe/logPipe.sock"
int main(int argc, char *argv[]) {
int sockfd;
@ -44,4 +44,4 @@ int main(int argc, char *argv[]) {
close(sockfd);
return EXIT_SUCCESS;
}
}

@ -1,44 +0,0 @@
#include <stdio.h>
#include <stdlib.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <unistd.h>
#define SOCKET_PATH "/dev/shm/sf/run/logpipe/logPipe.sock"
int main(int argc, char *argv[]) {
int sockfd;
struct sockaddr_un addr;
sockfd = socket(AF_UNIX, SOCK_STREAM, 0);
if (sockfd == -1) {
perror("socket");
exit(EXIT_FAILURE);
}
memset(&addr, 0, sizeof(struct sockaddr_un));
addr.sun_family = AF_UNIX;
strncpy(addr.sun_path, SOCKET_PATH, sizeof(addr.sun_path) - 1);
if (connect(sockfd, (struct sockaddr *)&addr, sizeof(struct sockaddr_un)) == -1) {
perror("connect");
exit(EXIT_FAILURE);
}
char buf[1024];
ssize_t nread;
while ((nread = read(STDIN_FILENO, buf, sizeof(buf))) > 0) {
if (write(sockfd, buf, nread) != nread) {
perror("write");
exit(EXIT_FAILURE);
}
}
if (nread == -1) {
perror("read");
exit(EXIT_FAILURE);
}
close(sockfd);
return EXIT_SUCCESS;
}