#!/bin/sh # # Copyright (c) 2006-2007, Gregory Fleischer (gfleischer@gmail.com) # # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in # the documentation and/or other materials provided with the # distribution. # 3. The names of the authors may not be used to endorse or promote # products derived from this software without specific prior # written permission. # # THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR # IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. # set -e -u if [ 0 != "$UID" ]; then echo "must run as root" exit 1 fi if [ ! -f "runsh" ]; then echo "missing 'runsh' file" exit 1 fi # add the lamp user if ! egrep -q '^lamp:' /etc/passwd 2>/dev/null; then adduser lamp fi # where's the challenge? DEST=/challenge # create the directory if [ -d $DEST ]; then rm -rfv $DEST; fi mkdir -v $DEST chmod -v 0500 $DEST chown -v lamp:lamp $DEST # build the chimney mkfifo $DEST/chimney chmod -v 666 $DEST/chimney # install nc install -v -m0755 /bin/nc $DEST # create a bin directory BINDEST=$DEST-bin if [ -d $BINDEST ]; then rm -rfv $BINDEST; fi mkdir $BINDEST ln -vs /usr/bin/id $BINDEST ln -vs /bin/ls $BINDEST # create the runlamp wrapper cat >runlamp.c < #include #include int main(int argc, char **argv) { char *cmd[] = {"/bin/bash", "-c", "/home/lamp/runsh", 0}; execv(cmd[0], cmd); perror("execv failed"); exit(-1); } EOF gcc -Wall -s -o runlamp runlamp.c install -v -m0755 runlamp /etc/smrsh/ chown -v lamp:lamp /etc/smrsh/runlamp cat >/home/lamp/.forward <