Minutes 2024-10-03: Difference between revisions

From MTU LUG Wiki
Jump to navigation Jump to search
(fixed links, added random NOT-RELATED-AT-ALL Shell tip)
m (forgot to add openbsd mailing list link)
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
# Met in Rekhi 114 for Install-a-thon at 5PM
# Met in Rekhi 114 for Install-a-thon at 5PM
## everyone who showed up already had Linux installed on their laptops lol
## Everyone who showed up already had Linux installed on their laptops lol
## talked about hacking Bryce's router
## Talked about hacking Bryce's router
### warehouse mode [https://github.com/MeisterLone/Askey-RT5010W-D187-REV6]
### Putting it into 'warehouse' mode [https://github.com/MeisterLone/Askey-RT5010W-D187-REV6]
# Moved to Rekhi 101 at 7PM for Nate's presentation on Plan9!
# Moved to Rekhi 101 at 7PM for Nate's presentation on Plan 9!
## Going over new members to LUG
## Going over new members to LUG
### Why they wanted to learn Linux
### Why they wanted to learn Linux
Line 18: Line 18:
### Processes are privileged by default
### Processes are privileged by default
### Tools 'work backwards' to subtract privileges from processes
### Tools 'work backwards' to subtract privileges from processes
#### chroot
#### <code>chroot</code>
#### FreeBSD jails
#### FreeBSD <code>jails</code>
#### OpenBSD pledge and unveil
#### OpenBSD <code>pledge</code> and <code>unveil</code>
#### Linux cgroups and namespaces
#### Linux <code>cgroups</code> and <code>namespaces</code>
### Clustering is hard
### Clustering is hard
#### Proper clustering systems basically rewrite the entire application-level stack (e.g. Kubernetes)
#### Proper clustering systems basically rewrite the entire application-level stack (e.g. Kubernetes)
### Scope creep in common utilities causes vulnerabilities
### Scope creep in common utilities causes vulnerabilities
#### sudo
#### <code>sudo</code>
#### GTFOBins [https://gtfobins.github.io]
#### GTFOBins [https://gtfobins.github.io]
## What is Plan9?
## What is Plan 9?
## What Plan9 does better
## What Plan 9 does better
### Networking stack is represented as multiple filesystems in /net
### Networking stack is represented as multiple filesystems in /net
#### /net/tcp
#### <code>/net/tcp</code>
#### /net/udp
#### <code>/net/udp</code>
#### /net/tcp
#### <code>/net/tcp</code>
#### /net/icmp
#### <code>/net/icmp</code>
### Graphical devices are represented as files in /dev
### Graphical devices are represented as filesystems in <code>/dev</code>
#### /dev/screen is your current screen
#### <code>/dev/screen</code> is your current screen
#### "screenshotting" is just copying /dev/screen to a file, and converting it to png
#### 'screenshotting' is just copying <code>/dev/screen</code> to a file, and converting it to png
### global mounts do not exist, all processes have their own namespace
### global mounts do not exist, all processes have their own namespace
#### mount and unmount (not 'umount') to control filesystems
#### <code>mount</code> and <code>unmount</code> (not <code>umount</code>) to control filesystems
#### processes without audio filesystems will not be able to play audio, processes without /dev/net can't send network traffic, etc
#### Processes without the audio filesystem will not be able to play audio, processes without <code>/dev/net</code> can't send network traffic, etc
### 9p protocol backs all inter-process file-based communication
### 9p protocol backs all inter-process file-based communication
### 9p is network transparent
### 9p is network transparent
#### can mount remote audio filesystem to play audio on remote computers
#### Can mount remote audio filesystem to play audio on remote computers
#### interact with /dev/kbd (keyboard) on remote computer
#### Interact with <code>/dev/kbd</code> (keyboard) on remote computer
### Plan 9 is a distributed operating system
### Plan 9 is a distributed operating system
#### An idealized Plan 9 lab consists of a number of servers
#### An idealized Plan 9 lab consists of a number of servers
Line 62: Line 62:
## 9Front fixes and improvements to Plan 9
## 9Front fixes and improvements to Plan 9
### All around better hardware support, especially on Thinkpads
### All around better hardware support, especially on Thinkpads
### Improved filesystems (cwfs, hjfs)
### Improved filesystems (<code>cwfs</code>, <code>hjfs</code>)
## Who is Cirno
## Who is Cirno
### Official 9Front mascot
### Official 9Front mascot
## Using 9front
## Using 9Front
### Demo!
### Demo!
### How does piping raw audio files to audio filesystem work given sample rates?
### How does piping raw audio files to the audio filesystem work, given differing sample rates?
#### Turns out, the audio filesystem expects a sample rate of 44.1 kHz by default (same quality of CDs). This is determined by the driver.
#### The default tools on 9Front that convert different audio formats into waveforms automatically output with 44.1 kHz sample rate (so the output can be directly piped into the audio filesystem)
### Threat landscape for 9Front?
### Threat landscape for 9Front?
#### that one path traversal exploit /g/ found on 9Front's homepage [https://cyber.vumetric.com/vulns/CVE-2022-28380/path-traversal-vulnerability-in-rc-httpd-project-rc-httpd/]
#### That one path traversal exploit /g/ found on 9Front's homepage [https://cyber.vumetric.com/vulns/CVE-2022-28380/path-traversal-vulnerability-in-rc-httpd-project-rc-httpd/]
### recompiling the kernel
### Recompiling the kernel
#### It worked (woo)
# Wrap up
# Wrap up
## Josh has been converted, decided to install 9Front
## ....don't fork-bomb guardian (oops)
## ....don't fork-bomb guardian (oops)
## Backdoored crypto
## Josh is switching to Plan9
### Dual_EC_DRBG
## ...please don't host copyright-sussy material on your public Shell page
### Security compliance forcing companies to obey FIPS is ironic [https://marc.info/?l=openbsd-misc&m=139819485423701&w=2]
### totally-unrelated pro-tip: if you make an index.html file in a directory, shell won't display a list of its contents to web browsers. Just something to think about...
## Please don't host copyright-sussy material on your public Shell page
### Totally unrelated pro-tip: if you make an index.html file in a directory, shell won't display a list of its contents to web browsers. Just something to think about...
## No Schmidt's today :(
## No Schmidt's today :(
### most members had upcoming and/or take-home exams
### most members had upcoming and/or take-home exams

Latest revision as of 01:05, 4 October 2024

  1. Met in Rekhi 114 for Install-a-thon at 5PM
    1. Everyone who showed up already had Linux installed on their laptops lol
    2. Talked about hacking Bryce's router
      1. Putting it into 'warehouse' mode [1]
  2. Moved to Rekhi 101 at 7PM for Nate's presentation on Plan 9!
    1. Going over new members to LUG
      1. Why they wanted to learn Linux
    2. What is UNIX
      1. UNIX philosophy (do one thing and do it well)
    3. UNIX-likes
      1. Linux
      2. FreeBSD
      3. AIX
    4. Limitations of UNIX
      1. Not everything is a file (syscalls, sockets)
      2. Graphics
      3. New features tacked-on after the fact rather than designed from within the operating system.
      4. Processes are privileged by default
      5. Tools 'work backwards' to subtract privileges from processes
        1. chroot
        2. FreeBSD jails
        3. OpenBSD pledge and unveil
        4. Linux cgroups and namespaces
      6. Clustering is hard
        1. Proper clustering systems basically rewrite the entire application-level stack (e.g. Kubernetes)
      7. Scope creep in common utilities causes vulnerabilities
        1. sudo
        2. GTFOBins [2]
    5. What is Plan 9?
    6. What Plan 9 does better
      1. Networking stack is represented as multiple filesystems in /net
        1. /net/tcp
        2. /net/udp
        3. /net/tcp
        4. /net/icmp
      2. Graphical devices are represented as filesystems in /dev
        1. /dev/screen is your current screen
        2. 'screenshotting' is just copying /dev/screen to a file, and converting it to png
      3. global mounts do not exist, all processes have their own namespace
        1. mount and unmount (not umount) to control filesystems
        2. Processes without the audio filesystem will not be able to play audio, processes without /dev/net can't send network traffic, etc
      4. 9p protocol backs all inter-process file-based communication
      5. 9p is network transparent
        1. Can mount remote audio filesystem to play audio on remote computers
        2. Interact with /dev/kbd (keyboard) on remote computer
      6. Plan 9 is a distributed operating system
        1. An idealized Plan 9 lab consists of a number of servers
        2. User-facing terminals are thin clients with no local storage
        3. CPU servers for compute
        4. File servers for data storage
        5. Auth servers for authentication
    7. State of Plan 9 today
      1. Failed to gain significant market share, UNIX and UNIX-likes got 'good enough'
      2. Development slowed in 1990's
      3. Fourth edition was released under custom open-source license in 2002
        1. Allen finds a statement from Stallman about it not being 'FOSS' lol [3]
      4. All editions released under GPL in 2015
      5. 2021 control given to Plan 9 Foundation, license changed to MIT for all editions
    8. 9Front
      1. Developed by cat-v, self-described "Random Contrarian Insurgent Organization"
      2. 9Front website
    9. 9Front fixes and improvements to Plan 9
      1. All around better hardware support, especially on Thinkpads
      2. Improved filesystems (cwfs, hjfs)
    10. Who is Cirno
      1. Official 9Front mascot
    11. Using 9Front
      1. Demo!
      2. How does piping raw audio files to the audio filesystem work, given differing sample rates?
        1. Turns out, the audio filesystem expects a sample rate of 44.1 kHz by default (same quality of CDs). This is determined by the driver.
        2. The default tools on 9Front that convert different audio formats into waveforms automatically output with 44.1 kHz sample rate (so the output can be directly piped into the audio filesystem)
      3. Threat landscape for 9Front?
        1. That one path traversal exploit /g/ found on 9Front's homepage [4]
      4. Recompiling the kernel
        1. It worked (woo)
  3. Wrap up
    1. Josh has been converted, decided to install 9Front
    2. ....don't fork-bomb guardian (oops)
    3. Backdoored crypto
      1. Dual_EC_DRBG
      2. Security compliance forcing companies to obey FIPS is ironic [5]
    4. Please don't host copyright-sussy material on your public Shell page
      1. Totally unrelated pro-tip: if you make an index.html file in a directory, shell won't display a list of its contents to web browsers. Just something to think about...
    5. No Schmidt's today :(
      1. most members had upcoming and/or take-home exams