This challenge has been moved to docker and can be ran by simply building and running the container. There is a issue with the librarys for rbash and automating the install to the chroot environment. If you recieve an error such as File /bin/rbash not found then you need to update the liraries.
See the section Add shared libs required by rbash for information about how to install the libraries.
The details on the manual install for the raspi is left included for the sake of documentation.
docker build -t darkarc .
docker run -p 2200:22 -tid darkarc
As root immediately after flashing with http://archlinuxarm.org/platforms/armv6/raspberry-pi
pacman -Syu
pacman -S sudo
useradd -d /home/socialgeek -G wheel -m -s /usr/bin/bash socialgeek
- Uncomment line in /etc/sudoers that allows wheel to use sudo
- Edit /etc/shells and add /usr/bin/bash
- Uncommented "PubkeyAuthentication yes" in /etc/ssh/sshd_config
- Made sure that "PermitRootLogin no" is set
- Add your public ssh keys to /home/socialgeek/.ssh/authorized_keys
sudo systemctl restart sshd
sudo passwd -l root
sudo pacman -S vim nmap netcat git base-devel screen
sudo ln /bin/bash /bin/rbash
sudo groupadd sandbox
sudo useradd -g sandbox -G users -m -s /bin/rbash hacker
sudo passwd hacker # (h@x0r)
sudo mkdir -p /sandbox/{bin,lib,user/lib,dev,home/hacker}
sudo mknod /sandbox/dev/null c 1 3
sudo mknod /sandbox/dev/zero c 1 5
sudo chmod 0666 /sandbox/dev/{zero,null}
sudo chown root:root /sandbox/home/hacker
sudo chmod 655 /sandobx/home/hacker
sudo cp -p /bin/bash /sandbox/bin/rbash
ldd /bin/bash
# parse list and ajust the following as required
# Replace x with the correct version number
sudo cp -p /usr/lib/{libreadline.so.x,libncursesw.so.x,libdl.so.x,libgcc_s.so.x,libc.so.x} /lib/ld-linux.so.x /sandbox/lib
sudo ln /sandbox/lib/{libreadline.so.x,libncursesw.so.x,libdl.so.x,libgcc_s.so.x,libc.so.x} /sandbox/usr/lib/
- Add /bin/rbash to /etc/shells
- Uncomment Protocal 2
- Set PasswordAuthentication no
- Add the following to the bottom Match Group sandbox PasswordAuthentication yes ChrootDirectory /sandbox/ AllowTcpForwarding no
sudo systemctl restart sshd
sudo su
cat >> /sandbox/home/hacker/secret << EOF
#!/bin/rbash
echo key: < .. key .. >
EOF
chmod +x /sandbox/home/hacker/secret
exit
sudo su
cat >> /sandbox/home/hacker/.bash_profile << EOF
[[ -f ~/.bashrc ]] && . ~/.bashrc
export PATH=$PATH:/home/hacker
EOF
exit